IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
01 October 2025
Virtual event, Anywhere on Earth, 23 March - 26 March 2026
Submission deadline: 24 October 2025
Notification: 3 December 2025
University of Klagenfurt
Closing date for applications:
Contact: Prof. Gerhard Friedrich, University of Klagenfurt
More information: https://jobs.aau.at/en/job/university-assistant-predoctoral-and-project-researcher-all-genders-welcome-2/
30 September 2025
Mingshu Cong, Tsz Hon Yuen, Siu-Ming Yiu
Zhuo Wu, Xinxuan Zhang, Yi Deng, Yuanju Wei, Zhongliang Zhang, Liuyu Yang
Marc Damie, Florian Hahn, Andreas Peter, Jan Ramon
Our work addresses this efficiency bottleneck by optimizing the PRG-based multi-party DPF scheme of Boyle et al. (EUROCRYPT'15). By leveraging the honest-majority assumption, we eliminate the exponential factor present in this scheme. Our construction is the first PRG-based multi-party DPF scheme with practical key sizes, and provides key up to $3\times$ smaller than the best known multi-party DPF. This work demonstrates that with careful optimization, PRG-based multi-party DPFs can achieve practical performances, and even obtain top performances.
Jeffrey Champion, Fuyuki Kitagawa, Ryo Nishimaki, Takashi Yamakawa
In this work, we define and construct UTE information-theoretically in the plain model. Building off this, we give several applications of UTE and study the interplay of UTE with UE and well-studied tasks in quantum state learning, yielding the following contributions:
- A construction of collusion-resistant UTE from standard secret-key encryption (SKE). We additionally show that hyper-efficient shadow tomography (HEST) is impossible assuming collusion-resistant UTE exists. By considering a relaxation of collusion-resistant UTE, we are able to show the impossibility of HEST assuming only pseudorandom state generators (which may not imply one-way functions). This almost unconditionally answers an open inquiry of Aaronson (STOC 2018).
- A construction of UTE from a quasi-polynomially secure one-shot message authentication code (OSMAC) in the classical oracle model, such that there is an explicit attack that breaks UE security for an unbounded polynomial number of decryptors.
- A construction of everlasting secure collusion-resistant UTE, where the decryptor adversary can run in unbounded time, in the quantum random oracle model (QROM), and formal evidence that a construction in the plain model is a challenging task. We additionally show that HEST with unbounded post-processing time (which we call weakly-efficient shadow tomography) is impossible assuming everlasting secure collusion-resistant UTE exists. - A construction of secret sharing for all polynomial-size policies that is resilient to joint and unbounded classical leakage from collusion-resistant UTE and classical secret sharing for all policies. - A construction (and definition) of collusion-resistant untelegraphable secret-key functional encryption (UTSKFE) from single-decryptor functional encryption and plain secret-key functional encryption, and a construction of collusion-resistant untelegraphable public-key functional encryption from UTSKFE, plain SKE, and plain public-key functional encryption.
Marcin Kostrzewa, Matthew Klein, Ara Adkins, Grzegorz Świrski, Wojciech Żmuda
29 September 2025
Jonas Bertels, Ingrid Verbauwhede
Pedro Branco, Giulio Malavolta
Geng Wang, Ruoyi Kong, Dawu Gu
Chris Peikert, Zachary Pepin
This work provides a suite of tools for instantiating ring-based lattice cryptography to work over *subfields* of cyclotomics, which provide more flexibility and better-fitting parameters for applications. A particular focus is on realizing FHE with *optimal plaintext packing* and homomorphic SIMD parallelism for *any* plaintext characteristic, along with efficient *packed bootstrapping* that fully exploits this parallelism.
Toward this end, this (two-part) work makes the following main technical contributions, all of which are catalyzed by Galois theory:
-- For sampling and decoding errors in encryption and decryption (respectively), we construct geometrically short, structured bases for the number rings of arbitrary subfields of prime-power cyclotomics (and hence their composites as well).
-- For fast ring arithmetic, we define and establish analogous structural properties for Chinese Remainder Theorem (CRT) bases in *abelian* number rings, and give specialized fast transforms that map between CRT bases and any similarly structured bases.
-- For packed bootstrapping and homomorphic linear algebra, we give a general framework for *homomorphic evaluation of structured linear transforms* in abelian number rings, and show that CRT transforms can be evaluated using relatively few homomorphic operations.
26 September 2025
Leiden University, LIACS ; Leiden, The Netherlands
Closing date for applications:
Contact: Nusa Zidaric
More information: https://www.universiteitleiden.nl/en/vacancies/2025/q3/16010-phd-candidate-cryptographic-hardware-and-design-automation
TU Wien, Vienna
Tasks:
- Research in the area of privacy enhancing technologies,
- cryptocurrencies, and (applied) cryptography
- proof systems
- Teaching tasks (exercises and exams), student guidance
- Assistance with thesis supervision
- Scientific publishing (journal and conference papers, dissertation)
Participation in scientific events
Assistance with organizational and administrative tasks
Your profile:
Master or diploma degree in computer science, math, or similar fields Knowledge of privacy-enhancing technologies, such as cryptography, differential privacy, and related areas Very good skills in spoken and written English Interest in academic research and teaching Advanced problem solving skills and scientific curiosity Team player with very good communication skills Very good skills in English communication and writing. Knowledge of German (level B2) or willingness to learn it
We offer:
A highly visible and connected international research group A broad range of opportunities in a thriving research area A range of attractive social benefits (see [Fringe-Benefit Catalogue of TU Wien](https://url.tuwien.at/cfjyv)) Internal and external training opportunities, various career options Central location of workplace as well as good accessibility (U1/U4 Karlsplatz)
!!!! Applications only via the website are considered!!!
https://jobs.tuwien.ac.at/Job/258176
Closing date for applications:
Contact: Univ.-Prof. Dr. Dominique Schröder
More information: http://pets.wien
Helger Lipmaa
Keitaro Hashimoto, Shuichi Katsumata, Guilhem Niot, Thom Wiggers
In this work, we revisit PQ WireGuard and improve it on three fronts: design, (computational) security, and efficiency. As KEMs are semantically, but not syntactically, the same as DH key exchange, there are many (in hindsight) ad-hoc design choices being made, further amplified by the recent finding on the binding issues with PQ KEMs (Cremers et al., CCS'24). We redesign PQ WireGuard addressing these issues, and prove it secure in a new computational model by fixing and capturing new security features that were not modeled by Hülsing et al. We further propose 'reinforced KEM' (RKEM) as a natural building block for key exchange protocols, enabling a PQ WireGuard construction where the server no longer needs to store Classical McEliece keys, reducing public key memory by 190 to 390×. In essence, we construct a RKEM named 'Rebar' to compress two ML-KEM-like ciphertexts which may be of an independent interest.
Vasyl Ustimenko, Tymoteusz Chojecki
Marco Benedetti, Andrej Bogdanov, Enrico M. Malatesta, Marc Mézard, Gianmarco Perrupato, Alon Rosen, Nikolaj I. Schwartzbach, Riccardo Zecchina
Hugo Beguinet, Céline Chevalier, Guirec Lebrun, Thomas Legavre, Thomas Ricosset, Maxime Roméas, Éric Sageloli
At the heart of DAKE lies the double-KEM, a primitive that encapsulates one key under two public keys. To broaden the range of double-KEMs compatible with DAKE, we introduce the chosen-key Fujisaki--Okamoto transform (CK-FO), which upgrades IND-CPA security to IND-CCA and one-sided chosen-key security, proven in the QROM.
As a concrete instantiation, we present Maul, a compact double-KEM derived from ML-KEM and based on the Hint-MLWE assumption. Maul reuses ciphertext components to cut size by up to 40\% compared to two parallel ML-KEMs, while achieving the left-sided chosen-key IND-CCA security required by DAKE via our CK-FO. Instantiating DAKE with Maul yields global communication reductions of about 17% in the mutual setting and 21% in the unilateral setting, outperforming both the double-KEM AKE of Xue et al. (ASIACRYPT 2018) and standard ML-KEM-based AKEs. These results show that double-KEMs offer a practical path toward bandwidth-efficient post-quantum key exchange.
Abiodun Olaluwe, Nouf Nur Nabilah, Sheikh Tareq, Akshay Raghavendra Kulkarni, Annamalai Annamalai
This survey provides a structured, in-depth review of SCAs targeting PQC implementations, encompassing both classical methods—such as Simple Power Analysis, Differential Power Analysis, Correlation Power Analysis, Template Attacks, and Mutual Information Analysis—and emerging machine learning (ML)-driven approaches. Special attention is given to deep learning models, including CNNs, RNNs, and MLPs, which have demonstrated superior performance in profiling attacks by automatically learning leakage patterns from high-dimensional trace data, even in the presence of countermeasures like masking and desynchronization.
We categorize and compare recent attack strategies, analyze their effectiveness against various PQC schemes, and examine the limitations of existing countermeasures. Finally, we identify open research challenges and outline hybrid defense strategies that integrate classical protections with adaptive, ML-aware mitigation techniques. This comprehensive synthesis aims to bridge the gap between PQC algorithm design and secure, implementation-level deployment in the quantum era.
Ruida Wang, Jikang Bai, Yijian Liu, Xinxuan Zhang, Xianhui Lu, Lutan Zhao, Kunpeng Wang, Rui Hou
We address this limitation by introducing a new accumulator structure - a free $\mathcal{R}_N$-module $\bigoplus_{i=0}^{\tau-1} \mathcal{R}_N X^i$. This generalization decouples $q$ and $N$ through a tunable factor $\tau$, with the classical ring-based construction recovered as the special case $\tau=1$. The computation over resulting $\mathcal{R}_N$-algebra enables efficient computation over $\bigoplus_{i=0}^{\tau-1} \mathcal{R}_N X^i$ can be effectively reduced to the base ring $\mathcal{R}_N$. Based on this structure, we design a bootstrapping scheme that achieves asymptotic improvements in precision, performance, and key size. Experimental results further demonstrate significant concrete gains, confirming the practicality of our approach.