International Association
for Cryptologic Research

One funded PhD position (International/EU/UK) in hardware security with attractive travel grant for attending conferences.

Closing date: 8th May

We expect the PhD candidate to have a strong background in programming, digital circuit design, hardware/software implementation of algorithms, etc.

For more information on 'Why PhD with us?' see my website. https://www.cs.bham.ac.uk/~sinharos/

The PhD will be working with Dr. Sujoy Sinha Roy and will be based at the Security and Privacy group of the University of Birmingham's School of Computer Science. The National Cyber Security Centre (NCSC) and the Engineering and Physical Sciences Research Council (EPSRC) jointly recognise the research group as an Academic Centre of Excellence in Cyber Security Research (ACE-CSR).

If you are interested in the PhD position, please contact Dr. Sujoy Sinha Roy with a CV. For more information, please visit https://www.cs.bham.ac.uk/~sinharos/

Closing date for applications:

Contact: Dr. Sujoy Sinha Roy

BED: BOTNET ECONOMIC DISRUPTION VIA DARK WEB MARKETPLACE INFILTRATION Every year, cyber-attacks result in costs of hundreds of billions of dollars worldwide. One of the core facilitators of attacks are botnets, which are networks of infected computing devices. This PhD project will investigate a novel interdisciplinary approach for defending against botnets. BED will utilize research from the fields of network security, business economics and law, along with specialized research in botnet monitoring. The goal of BED is to: -identify and infiltrate botnet marketplaces with an emphasis on the dark web, -model the business economy of botnets, -Analyze the influence of botnet-specific parameters to the economy model -propose a botnet economy disruption plan. The PhD candidate will join the growing AAU cyber-security network in Copenhagen and work together with an interdisciplinary group of experts. The candidate will be able to collaborate with leading security experts worldwide and present their findings in top conferences all over the world. Supervisors: Jens Myrup Pedersen, Emmanouil Vasilomanolakis and Morten Falch Workplace: Campus Copenhagen

Closing date for applications:

Contact: Emmanouil Vasilomanolakis

More information: https://www.stillinger.aau.dk/vis-stilling/?vacancy=1098638

The Department of Computer Science at the University of Surrey is looking for a new permanent faculty member at lecturer level. I would appreciate your assistance in bringing this to the attention of outstanding candidates who may be interested in moving to Surrey.

We seek to appoint a lecturer in one or more of the following areas: machine learning, cloud computing, programming-languages principles, and the intersection of security and AI, which are already areas of research within the Department. We are also interested in candidates who have experience in data science, edge networks, social computing and DevOps security, in order to expand our research in new directions.

The Department is renowned for its security and artificial intelligence research, with publications in leading venues in artificial intelligence (TNNLS, TEVC, CBY, TSP, Machine Learning, Neural Computation, Bioinformatics, IJCAI, AAMAS), programming languages (FASE, PODC), security (CCS, S&P, Esorics, Euro S&P, CSF, TDSC, TIFS ), cryptography (Crypto, Eurocrypt), cloud computing and networking (InfoCOM, Trans. Networking), and web & social computing (WWW, ICWSM, and Web Science)

Notably,

we are active within professional organisations, working groups and technical committees of several standardisation bodies, such the IEEE Computational Intelligence Society, ISO, IETF, LoRa Alliance, IEEE Standards WG, ETSI, W3C, and leading the IET WG on e-voting

we host major international conferences such as ESORICS, ACNS, WCCI and GECCO,

we are leading European collaborative research on TPMs

our research on Bio-inspired Swarm Robotics research has been reported by the BBC https://www.bbc.co.uk/programmes/p022brpj and TechXplore https://techxplore.com/news/2020-04-bio-inspired-algorithms-collaborative-behaviors-robot.html

we have worked with the UK Parliament on understanding digital citizen engagement

we have developed methodologies for Enabling Serverless Deployment of Large-Scale AI Workloads

We encourage ambitious post-docs and early career lecturers to apply.

Closing date for applications:

Contact: Professor Helen Treharne, Head of Department, (h.treharne@surrey.ac.uk)

More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=020820

Industrial systems are often used to monitor and control a physical process such as energy production and distribution, water cleaning or transport systems. They are often simply called Supervisory Control And Data Acquisition (SCADA) systems. Due to their interaction withthe real world, the safety of these systems is critical and any incident can potentially harm humans and the environment. One of the main research axis in cybersecurity of industrial systems deals with combination of safety and security properties. Safety relates to applicative properties of the system (e.g. chemical properties for a chemical factory); while security properties take into account how an intruder can harm the system. As show in [3], combining safety and security is a challenging topic as these properties can be either dependent, strengthening, antagonist or independent. currently no tool is able to handle both aspects at the same time. In this context, we propose a Ph.D thesis revolving around modeling of industrial systems taking into account both safety properties of the physical process and security properties. Besides the definition of an accurate, yet automatically analyzable modeling framework/language, many aspects can be part of the subject. For instance, programmable automata (PLC) configuration files could be generated from this model in order to only deploy programs validated beforehand. PLC vulnerabilities could be studied (firmware reverse engineering, protocol fuzzing) in order to test the technical feasibility of found attacks. Finally, in a certification context, security analyzes on the model could include requirements from standards such as IEC 62443 [5] to help evaluation process

Closing date for applications:

Contact: Maxime Puys

As a consequence of the rapid development of the Internet of Things (IoT), where devices are massively interconnected, security breaches are discovered daily. The growing threat of physical attacks, on which connected objects are widely exposed, forces chipmakers to increase the security of their products. True Random Number Generators are the cornerstone of device security; they are required for running cryptographic algorithms and fully integrated into encryption engines. The security level of the system directly depends on the randomness of the bits generated. Furthermore, IoT chips are facing harsh constraints in terms of price and power consumption. In order to be integrated into these chips, TRNG must offer an efficient tradeoff between cost and security. In this perspective, TRNGs based on already integrated components, such as RRAM memories, is a promising lead.

Closing date for applications:

Contact: Florian Pebay-Peyroula

This study is focused on the security of embedded systems and in particular asymmetric cryptography against horizontal attacks and Template attacks. Recent studies, applied to symmetric cryptography, have made it possible to build new techniques for side channel attacks. By improving the effectiveness of Template attacks, these new attacks make it easier to bypass masking countermeasures. It seems appropriate to study these new tools in depth in the context of Template and horizontal attacks against asymmetric cryptography, especially for elliptic curves. The use of machine learning in the context of side channel attacks. The main purpose of the thesis is to evaluate the security properties of ECCs against the most advanced Template and Horizontal attacks that use machine learning. Depending on the results obtained, new countermeasures will have to be constructed in order to address any new weaknesses.

Closing date for applications:

Contact: Antoine Loiseau

Since its inception, the web has grown substantially and websites have turned into rich client-side experience customized for the user where third parties supply a considerable amount of content. The increasing reliance on third parties has brought a number of privacy issues to the web with web tracking being at the top of that list. With cookies and browser fingerprinting, users are on the losing side of privacy as they can be tracked across the domains they are visiting. To regain control, browser vendors like Mozilla and Apple have added in their own browsers a tracking protection mechanism (called Enhanced Tracking Protection for Firefox and Intelligent Tracking Protection for Safari) aimed at preventing track- ing on the web. Yet, essential functionality of a website is sometimes so intertwined with tracking code that using these protective mechanisms can transitively “break” a webpage. We define “page breakage” as an undesirable behavior on a webpage and it includes, but is not limited to, page slowdowns, page freezes, page crashes, page errors and page display issues. In order to push online privacy forward, there is a real need today to identify and block properly tracking entities on the web without the current usability costs associated with it.

Closing date for applications:

Contact: Pierre Laperdrix

More information: https://amiunique.org/phd-proposal-blocking.pdf

We are looking for outstanding Post doctoral researchers working on topics related to cryptography and IT Security.

Current topics of interest include (but are not limited to):

• Secure cryptographic implementations
• Leakage/tamper resilient cryptography
• Blockchains and cryptocurrencies
• Distributed cryptography

The application must include a curriculum vitae, a short research statement, and names of 2 contacts that can provide reference about the applicant and her/his work. The candidate shall be able to show solid expertise in cryptography/IT Security illustrated in form of publications at major crypto/security venues such as CRYPTO, EUROCRYPT, ASIACRYPT, TCC, PKC, CHES, FC, ACM CCS, Oakland, USENIX Security, NDSS etc.

The position offers an internationally competitive salary including social benefits. TU Darmstadt offers excellent working environment in the heart of the Rhein-Main area, and has a strong institute for research on IT security with more than 300 researchers working on all aspects of cybersecurity.

Review of applications starts immediately until the position is filled.

Closing date for applications:

Contact: Sebastian Faust, sebastian@cs.tu-darmstadt.de

This Ph.D. thesis is offered as part of the ANR-funded 4-year research project MobiS5. The goal of MobiS5 is to provide a cryptographic toolbox for the emerging 5G technologies. More information can be found at: https://mobis5.limos.fr/index.html.

This 3-year Ph.D. thesis will focus on the two following aspects of 5G security:

• 5G Core Network security
• Delegation in the context of 5G networks

We are looking for motivated and hard-working students with a strong background in cryptography, with a degree in Mathematics, Applied Mathematics, or Computer Science (with an affinity for mathematics). Understanding of basic cryptographic primitives and protocols is a requirement. You must also have a good level of spoken and written English. A basic working knowledge of provable security and/or formal verification are a strong plus. Spoken and written French are also a plus. Interested? Here is how to apply ! https://mobis5.limos.fr/jobs.html

Closing date for applications:

Contact: Cristina Onete (maria-cristina.onete@unilim.fr) or Olivier Blazy

More information: https://mobis5.limos.fr/jobs.html

This PhD focuses on data confidentiality and side-channel information leakage analysis in mixed-signal reconfigurable SoCs. Heterogeneous computing has led to physically close mixed-signal devices combining digital processing and analog/radio modules, where digital computation noise flows to the analogue part of the chip and is amplified and transmitted by the antenna. These so-called Screaming Channels have simplified and reduced the cost of previous distant attack setups. In reconfigurable computing, heterogeneity has brought mixed-signal reconfigurable platforms, RFSoCs (Radio Frequency SoCs), adding programmable analog/RF sub-modules to the previous combination of CPUs and logic.
This PhD will study the impact that close-by digital-analog-RF domains in mixed-signal reconfigurable platforms may have on new system vulnerabilities. The thesis will focus on studying data leakage mechanisms in RFSoCs to analyze and understand potential new threats linked to their reconfigurable and mixed-signal nature as a first step to find adequate countermeasures.

The candidate must hold a Master degree in Computer/Electrical Engineering, Embedded Systems, Microelectronics, or Computer Science and demonstrate strong background in several of the following topics: Digital design with HDLs; Reconfigurable computing, FPGAs; Hardware security; Embedded systems architectures; Microelectronics/VLSI Design. Knowledge on cryptographic algorithms implementations, C/C++/Python programming and Linux/Git as development environment are highly valuable.

You will receive a 3 year PhD contract and social security coverage, subsidized meals, partial reimbursement of public transport costs, support with accommodation at the campus and access to vocational training and social, cultural and sports events and activities. Send your CV, Bachelor/Master transcripts, a motivational text and reference letter before May 10, 2020.

Closing date for applications:

Contact: Ruben Salvador: ruben (dot) salvador (at) centralesupelec (dot) fr

Side-channel attacks consist in measuring the physical activity emitted by a circuit (processor, microcontroller or cryptographic accelerator) to extract secrets. The consumption of the circuit or the electromagnetic emanation are the most commonly exploited signals. Due to the development of the Internet of Things (IoT), more and more systems are exposed to these attacks. Unfortunately, integrating countermeasures (software or hardware) against such attacks is extremely expensive. Therefore, it is essential to have an accurate idea of side-channel leakages as early as possible in the design phases. On the one hand to target countermeasures on critical areas and on the other hand to have a realistic view of leakages in order to automate the application of countermeasures. The thesis topic is the exploration of electromagnetic leakage models and different ways of interpreting them. The general objective of this work is to model the leakages of a processor based on its state at different abstraction level: Register Transfer Level (RTL), microarchitecture or even instruction set simulator (ISS). The LSOSP laboratory of CEA-LETI where the thesis will take place has a strong experience on physical measurements and has already performed preliminary research on the subject. Therefore, the candidate will start from these results and will perform physical measurements and manipulate different logic models to create a precise leakage model of the targeted processor.

Closing date for applications:

Contact: Vincent Dimper

Due to the potential threat of quantum computers, the research community is re-evaluating the security of a number of protocols and systems in widespread use. At the very least it is necessary to replace some common cryptographic building blocks with post-quantum alternatives. However, in some settings, the resulting systems may not be practical. It is therefore appropriate to reconsider, from the ground up, these protocols and systems. This PhD project will initiate a study of such protocols and systems. The project will leverage the NIST post-quantum standardization process to form a clear picture of the current state of post-quantum crypto. The project will develop new lightweight solutions for certain applications such as the internet of things (IoT).

The project will be supervised by Professor Steven Galbraith, together with other members of the Cyber Security Foundry at the University of Auckland.

Required skills and experience: Bachelor with honours, or Masters degree, in either Engineering, Computer Science or Mathematics. Good mathematical knowledge and understanding of rigorous mathematical thinking. Good knowledge of cryptography and information security. Programming skills. Good communication skills, both written and spoken.

• Duration: 3 years
• Value: International Student Fees + stipend of NZ$ 27,900 per year.
• Application deadline: 20/5/2020

Application process:

• Email your CV to Keshala De Silva, with the subject line "Application for PhD Studentship on Applications of post-quantum cryptography".
• If you have written a master thesis or similar, then please email a pdf of it.

For more information about the PhD application process at Auckland visit:

• https://www.auckland.ac.nz/en/study/study-options/find-a-study-option/mathematics/doctoral.html
• https://www.auckland.ac.nz/en/study/applications-and-admissions/apply-now.html

  Closing date for applications:

  Contact: Steven Galbraith

(Yes ! We are still hiring despite COVID-19)

The Cryptanalysis Taskforce at Nanyang Technological University in Singapore led by Prof. Jian Guo is seeking for candidates to fill 3 postdoctoral research fellow positions on symmetric-key cryptography, including but not limited to the following sub-areas:

• tool aided cryptanalysis, such as MILP, CP, STP, and SAT
• machine learning aided cryptanalysis and designs
• privacy-preserving friendly symmetric-key designs
• quantum cryptanalysis
• cryptanalysis against SHA-3 and AES

Established in 2014, the Cryptanalysis Taskforce is a group dedicated for research in symmetric-key cryptography. Since then, the team has been active in both publications in and services for IACR. It has done quite some cryptanalysis work on various important targets such as SHA-3, and is expanding its interests to the areas mentioned above, with strong funding support from the university and government agencies in Singapore. We offer competitive salary package with extremely low tax, as well as excellent environment dedicating for research in Singapore. The contract will be initially for 2 years, and has the possibility to be extended. Candidates are expected to have proven record of publications in IACR conferences. Interested candidates are to send their CV and 2 reference letters to Jian Guo. Review of applicants will start immediately until the positions are filled. More information about the Cryptanalysis Taskforce research group can be found via http://team.crypto.sg.

Closing date for applications:

Contact: Asst Prof. Jian Guo, guojian@ntu.edu.sg

More information: http://team.crypto.sg

Responsibilities

• Design and build security products for connected and autonomous vehicles.
• Research security problems and solutions related to vehicles and transportation
• Design in-vehicle security mechanisms, such as secure vehicle network communication, on-car IDS/IPS, and firewall

Qualifications

• Excellent in security fundamentals, such as network security, applied cryptography, server security, and end-point security
• In-depth knowledge of Linux kernel and OS, and network protocols (TCP/IP, HTTP, MQTT, etc.)
• Worked with Secure Boot on Arm or Aurix processors

Preferred Qualifications

• Experience with Linux kernel hardening
• Knowledge of CAN and vehicle system architecture
• Knowledge of security of various wireless technologies (such as BLE and NFC)

Closing date for applications:

Contact:

Marisela Peifer: Sr Manager, People Ops & Talent

Marisela.Peifer@nio.io

More information: https://jobs.lever.co/nio/8f29bd44-663b-4de2-b6e2-9e596495d5b9

The Institute of Cybersecurity and Cryptology (iC2) at the University of Wollongong, Australia offers a full-time PhD position (3.5 years) in the area of applied cryptography. The PhD candidate will work on the ARC DP200100144 project titled “Securing Public Cloud Storage with Protection against Malicious Senders” under the supervision of Prof. Willy Susilo, A/Prof. Guomin Yang and Dr. Fuchun Guo.

We are looking for an enthusiastic and outstanding student with an Honours or Master degree in Computer Science or related area. Applicants with prior research experience in cryptography are more favourable. As women are underrepresented in this area, women are strongly encouraged to apply.

The PhD candidate will receive a full scholarship (stipend approx. AUD$27,094/annum + the tuition fee waiver valued at approx. AUD$ 30,000/annum).

Any interested applicant will need to send their full CV + record in prior study (Bachelor and Master transcripts) to A/Prof. Guomin Yang (gyang@uow.edu.au) by 1 June 2020, and highlighting their previous experience in cryptography research in the email. Please use the subject “PhD scholarship application to iC2” in the email sent. The successful candidate will be expected to start his/her study from August 2020 (depending on the approval of the required student visa).

Closing date for applications:

Contact: Guomin Yang

As part of our planned expansion in the area of Cybersecurity, the Department of Mathematics and Computer Science at the University of Southern Denmark, Odense, invites applications for an assistant professor position in Computer Science. We interpret the area cybersecurity broadly: the ideal applicant is a computer scientist with a strong theoretical background, conducting research on cybersecurity or research that has cybersecurity as a direct application. We would like to expand on our current security research efforts within Cryptology, Formal Methods, Information Security, Security in DevOps, and Data-driven approaches, so these topics are of particular interest. Application deadline: 30 May 2020.

Closing date for applications:

Contact: Jacopo Mauro mauro@imada.sdu.dk or Joan Boyar joan@imada.sdu.dk

More information: https://www.sdu.dk/da/service/ledige_stillinger/1098235

Mines Saint-Etienne, an IMT graduate school under the supervision of the French Ministry of Economy and Finance, is recruiting an assistant professor in Electronics and Embedded Systems at the Centre of Microelectronics in Provence.

The Centre of Microelectronics in Provence (CMP) is one of the 5 research centres and it is located in Gardanne (France, Bouches-du-Rhône). It is composed of 4 research departments including the Secure Architectures and Systems (SAS) department. The SAS department applies research to guarantee the integrity of electronic components and their contents against physical attacks by developing hardware and/or software protection schemes. The SAS department is a common research team with CEA-Tech. This team is composed of 27 persons (14 associate professors or research engineers and 13 PhD students).

The candidate must hold a PhD degree with knowledge of security and/or embedded system design. You must have a track record of research publications and/or industrial experience to contribute to the development of research interests of the SAS department. You will also demonstrate substantial proven experience of delivering teaching, learning and student support at University level.

Complete application including a cover letter, a CV with the most significant teaching and research experience, a list of publications (10 pages maximum), reference letters, a copy of your PhD degree and a copy of your passport ID should be sent to Elodie EXBRAYAT by mail : elodie.exbrayat@emse.fr before the April 30th 2020.

Closing date for applications:

Contact: Jean-Max DUTERTRE by phone + 33 (0)4 42 61 67 36 or Mail : dutertre@emse.fr for further information on the research department project

More information: https://www.mines-stetienne.fr/en/jobs-opportunities/

The Department of Computer Science at the University of Copenhagen is seeking candidates for a full professorship in Theoretical Computer Science (TCS). More specifically, we are inviting exceptional candidates from the broad fields of algorithms, complexity, and cryptography including privacy.

We are looking for an outstanding, experienced researcher with an innovative mind-set and intellectual curiosity to strengthen and complement the research profile of the Algorithms and Complexity Section, headed by Professor Mikkel Thorup. The Algorithms and Complexity Section is part of an exciting environment including the Basic Algorithms Research Copenhagen (BARC) centre, joint with the IT University of Copenhagen, and involving extensive collaborations with the Technical University of Denmark (DTU) and Lund University on the Swedish side of the Oresund Bridge. We aim to attract top talent from around the world to an ambitious, creative, collaborative, and fun environment. Using the power of mathematics, we strive to create fundamental breakthroughs in algorithms and complexity theory, but we also have a track record of start-ups and surprising algorithmic discoveries leading to major industrial applications.

The University of Copenhagen was founded in 1479 and is the oldest and largest university in Denmark. It is often ranked as the best university in Scandinavia and consistently as one of the top places in Europe. Within computer science, it is ranked number 1 in the European Union (post-Brexit) by the Shanghai Ranking.

The department offers a friendly and thriving international research and working environment with opportunities to build up internationally competitive research groups. Working conditions at the University of Copenhagen support a healthy work-life balance and Copenhagen is a family-friendly capital city.

The application deadline is May 24, 2020.

For more information, see https://candidate.hr-manager.net/ApplicationInit.aspx/?cid=1307&departmentId=18971&ProjectId=151668

Closing date for applications:

Contact: Head of Section, Professor Mikkel Thorup (mthorup@di.ku.dk; cell phone +45 2117 9123) and Head of Department, Professor Mads Nielsen (madsn@di.ku.dk; cell phone +45 2460 0599).

More information: https://candidate.hr-manager.net/ApplicationInit.aspx/?cid=1307&departmentId=18971&ProjectId=151668

The Institute of Cybersecurity and Cryptology (iC2) at the School of Computing and Information Technology (SCIT), University of Wollongong, Australia, is looking to recruit a new Associate Research Fellow (Level A) who will work on the ARC DP200100144 project titled “Securing Public Cloud Storage with Protection against Malicious Senders”. The Associate Research Fellow will perform the research tasks specified by the project, which include the design of advanced Attribute-Based Encryption and Zero-Knowledge proof systems and their implementations in the cloud platform. The candidate must have solid background and research experience in cryptographic scheme design and implementation. It is expected that the candidate will complete all the research tasks required by the project within the specified timeframe and make significant contributions to the research activities within iC2. The candidate will be mentored by the iC2 Director Professor Willy Susilo to develop novel security solutions for achieving the goals aimed by the ARC DP200100144 project. You will be prompted to respond to a selection criteria questionnaire as part of the application process. Please make sure that you address the selection criteria in addition to submitting your CV. For further information about the position please contact Professor Willy Susilo. Women are underrepresented in this discipline and are encouraged to apply.

Closing date for applications:

Contact: Prof. Willy Susilo (wsusilo at uow dot edu dot au)

More information: https://uowjobs.taleo.net/careersection/in/jobdetail.ftl?job=200507&tz=GMT%2B10%3A00&tzname=Australia%2FSydney

This is a fully-funded Ph.D. position for a UK/EU/International student (tuition fees plus stipend) to pursue a Ph.D. research degree in the Department of Computer Science, University of Warwick. Note that for international students, the overseas tuition gap will be covered as well.

The project is in the area of security and cryptography, in particular, investigating next-generation cryptocurrency that is more scalable, privacy-preserving, and usable than what we have today.

An ideal candidate should have excellent undergraduate and master degrees (equivalent to at least a UK 2.1) in Computer Science or relevant disciplines such as Mathematics and Engineering; a solid mathematical background as well as strong programming skills; experience in security research.

The closing date for application is 30 April 2020.

Interested candidates are encouraged to apply as early as possible. First, express your interest by sending your CV to Prof Feng Hao (feng.hao@warwick.ac.uk). If your background is found suitable, you will be directed to make a formal application. All formal applications will need to be made online through https://warwick.ac.uk/study/postgraduate/apply/research/.

Further information about the research environment: The Department of Computer Science, University of Warwick is one of the leading CS departments in the UK. In the latest 2014 REF (Research Excellence Framework) assessment participated by all UK universities, Warwick Computer Science is ranked the 1st for research output, 2nd for research impact, and 2nd overall among 89 CS departments in the UK. The University of Warwick is consistently ranked among the top 10 universities in the UK. It is also known for its beautiful campus, friendly social environment, vivid student lives, and easy transport links to all major cities in the UK including London.

Closing date for applications:

Contact: Professor Feng Hao

More information: https://warwick.ac.uk/fac/sci/dcs/research/doctoralstudies/fundingadvice/researchstudentships/?newsItem=8a17841b70e3f5d8