International Association
for Cryptologic Research

Company's mission: Original solutions for the security and economic demands of data and data owners.

Seniority level: Open to discussion. Lack of industry experience can be compensated by academic achievements.

Industry: Information Technology, Cybersecurity, Data Science.

Available employment types: full-time, part-time, in-person, remote.

Responsibilities:

• Stay current with advances in cryptography, related areas, and the underlying mathematical subjects.
• Understand and implement existing cryptographic constructions in the literature and industry.
• Help to design and to evaluate new cryptographic schemes and protocols.

Minimum Qualifications:

• Ph.D. in Computer Science, Mathematics, Engineering, or another related field.
• Fluency in at least one of the following programming languages: C, C++, Python, Ruby, Go, Java.
• Reasonable proficiency in several topics in discrete mathematics (in particular, logic, group theory, probability, number theory, and linear algebra).

Preferred:

• Track record of peer-reviewed publications related to cryptography and mathematics in general.
• Experience with cryptanalysis.

Benefits:

• Work with challenging problems for deploying real-world applications of significant impact in the industry.
• Direct contact with crypto experts in in-depth discussions and analysis of ongoing projects.
• Learn from veterans from the industry of new technologies.
• Incentives for writing scientific papers, patents, and participating in academic conferences and other related events.
• Budget for investing in continued education (books, courses, seminars, certifications, among others).
• Visa sponsorship (when applicable).
• Dental, vision, and health insurance (for full-time employees).
• Salary to be defined according to the seniority and employment level.

Closing date for applications:

Contact: David Silva, david@x-logos.com

DFINITY has a world-class team of computer science researchers that is experiencing rapid growth as we approach the Internet Computer’s public launch. We have multiple openings across a broad range of seniority and fields with a focus on security and practical performance. Below are some examples of relevant research areas - but unique combinations or variations are ok.

• Cryptography
• Distributed systems
• Formal verification
• Networking
• Computer
• Operating systems
• Embedded system
• Pen testing

Please see our careers page for more information.

Closing date for applications:

Contact: Jens Groth: jens AT dfinity.org

More information: https://dfinity.org/careers

Do you like designing and implementing secure systems? Are you passionate about code simplicity, quality, and performance? Do you think that cryptographic tools such as zero-knowledge proofs and threshold crypto are heavily under-utilized? This is a unique opportunity to work with exceptional engineering teams creating the Internet Computer and bring advanced cryptographic algorithms to practical use. For more information about the position, please refer to our careers page.

Closing date for applications:

Contact: Jens Groth: jens AT dfinity.org

More information: https://dfinity.org/careers

We would like to announce open postdoc and (fully-funded) phd positions.

We are searching for candidates who are enthusiastic about driving forward the field of quantum cryptography (including post-quantum crypto), especially provable quantum security. The research takes place in the context of an ERC project that targets formally verified quantum cryptographic proofs.

For more information, see the link below. Please forward this to anyone potentially interested, and do not hesitate to contact me.

Closing date for applications:

Contact: Dominique Unruh, unruh@ut.ee

More information: https://crypto.cs.ut.ee/Main/PostdocInPost-QuantumCryptography

We revisit private optimization and learning from an information processing view. The main contribution of this paper is twofold. First, different from the classic cryptographic framework of operation-by-operation obfuscation, a novel private learning and inference framework via either data-dependent or random transformation on the sample domain is proposed. Second, we propose a novel security analysis framework, termed probably approximately correct (PAC) inference resistance, which bridges the information loss in data processing and prior knowledge. Through data mixing, we develop an information theoretical security amplifier with a foundation of PAC security.

We study the applications of such a framework from generalized linear regression models to modern learning techniques, such as deep learning. On the information theoretical privacy side, we compare three privacy interpretations: ambiguity, statistical indistinguishability (Differential Privacy) and PAC inference resistance, and precisely describe the information leakage of our framework. We show the advantages of this new random transform approach with respect to underlying privacy guarantees, computational efficiency and utility for fully connected neural networks.

We propose a novel MPC framework, Manticore, in the multiparty setting, with full threshold and semi-honest security model, supporting a combination of real number arithmetic (arithmetic shares), Boolean arithmetic (Boolean shares) and garbled circuits (Yao shares). In contrast to prior work [MZ17, MR18], Manticore never overflows, an important feature for machine learning applications. It achieves this without compromising efficiency or security. Compared to other overflow-free recent techniques such as MP-SPDZ [EGKRS20] that convert arithmetic to Boolean shares, we introduce a novel highly efficient modular lifting/truncation method that stays in the arithmetic domain. We revisit some of the basic MPC operations such as real-valued polynomial evaluation, division, logarithm, exponential and comparison by employing our modular lift in combination with existing efficient conversions between arithmetic, Boolean and Yao shares. Furthermore, we provide a highly efficient and scalable implementation supporting logistic regression models with real-world training data sizes and high numerical precision through PCA and blockwise variants (for memory and runtime optimizations). On a dataset of 50 million rows and 50 columns distributed among two players, it completes in one day with at least 10 decimal digits of precision.Our logistic regression solution placed first at Track 3 of the annual iDASH’2020 Competition. Finally, we mention a novel oblivious sorting algorithm built using Manticore.

Gaussian sampling over the integers is one of the fundamental building blocks of lattice-based cryptography. In particular, it can't be avoided in trapdoor sampling until now. However, it's still a challenging work how to construct a generic, efficient, and isochronous Gaussian sampler. In this paper, our contribution is three-fold.

First, we propose a secure, efficient exponential Bernoulli sampling algorithm. It can be applied to Gaussian samplers based on rejection samplings. We apply it to FALCON, a candidate of round 3 of the NIST post-quantum cryptography standardization project, and reduce its signature generation time by 13.66%-15.52%.

Second, we develop a new Gaussian sampler based on rejection sampling. Our Algorithm can securely sample from Gaussian distributions with different standard deviations and arbitrary centers. We apply it to PALISADE (S&P'18), an open-source lattice cryptography library. The new implementation of trapdoor sampling in PALISADE has better performance while resisting timing attacks.

Third, we improve the efficiency of the COSAC sampler (PQC'20). The new COSAC sampler is 1.46x-1.63x faster than the original and has the lowest expected number of trials among all Gaussian samplers based on rejection samplings. But it needs a more efficient algorithm sampling from the normal distribution to improve its performance.

The module learning with errors (MLWE) problem is one of the most promising candidates for constructing quantum-resistant cryptosystems. In this work, we propose an open-source framework to automatically adjust the level of parallelism for MLWE-based key exchange protocols to maximize the protocol execution efficiency. We observed that the number of key exchanges handled by primitive functions in parallel, and the dimension of the grids in the GPUs have significant impacts on both the latencies and throughputs of MLWE key exchange protocols. By properly adjusting the related parameters, in the experiments, we show that performance of MLWE based key exchange protocols can be improved across GPU platforms.

Deep learning-based side-channel analysis (SCA) became the de facto standard in the profiling SCA. Still, this does not mean it is trivial to find neural networks that perform well for any setting. Based on the developed neural network architectures, we can distinguish between small neural networks that are easier to tune and less prone to overfitting but can have insufficient capacity to model the data. On the other hand, large neural networks would have sufficient capacity but can overfit and are more difficult to tune. This always brings an interesting trade-off between simplicity and performance.

This paper proposes using a pruning strategy and recently proposed Lottery Ticket Hypothesis to improve the deep learning-based SCA. We demonstrate that we can find smaller neural networks that perform on the level of larger networks, where we manage to reduce the number of weights by more than 90% on average. Additionally, we show that pruning can help prevent overfitting and the effects of imbalanced data, reaching top attack performance for small networks when larger networks do not manage to break the target at all.

Xagawa and Yamakawa (PQCrypto 2019) proved the transformation SXY can tightly turn DS secure PKEs into IND-qCCA secure KEMs in the quantum random oracle model (QROM). But transformations such as KC, TPunc that turn PKEs with standard security (OW-CPA or IND-CPA) into DS secure PKEs still suffer from quadratic security loss in the QROM. In this paper, we give a tighter security reduction for the transformation KC that turns OW-CPA secure deterministic PKEs into modified DS secure PKEs in the QROM. We use the Measure-Rewind-Measure One-Way to Hiding Lemma recently introduced by Kuchta et al. (EUROCRYPT 2020) to avoid the square-root advantage loss. Moreover, we extend it to the case that underlying PKEs are not perfectly correct. Combining with other transformations, we finally obtain a generic KEM from any IND-CPA secure PKE. Our security reduction has roughly the same tightness as the result of Kuchta et al. without any other assumptions and we achieve the stronger IND-qCCA security. We also give a similar result for another KEM transformation achieving the same security notion from any OW-CPA secure deterministic PKE.

This paper introduces M-Circuits, a program representation which generalizes arithmetic and binary circuits. This new representation is motivated by the way modern multi-party computation (MPC) systems based on linear secret sharing schemes actually operate. We then show how this representation also allows one to construct zero knowledge proof (ZKP) systems based on the MPC-in-the-head paradigm. The use of the M-Circuit program abstraction then allows for a number of program-specific optimizations to be applied generically. It also allows to separate complexity and security optimizations for program compilation from those for application protocols (MPC or ZKP).

Being one of the winning algorithms of the CAESAR competition and currently a second round candidate of the NIST lightweight cryptography standardization project, the authenticated encryption scheme Ascon (designed by Dobraunig, Eichlseder, Mendel, and Schl{\"{a}}ffer) has withstood extensive self and third-party cryptanalysis. The best known attack on Ascon could only penetrate up to $7$ (out of $12$) rounds due to Li et al. (ToSC Vol I, 2017). However, it violates the data limit of $2^{64}$ blocks per key specified by the designers. Moreover, the best known distinguishers of Ascon in the AEAD context reach only 6 rounds. To fill these gaps, we revisit the security of 7-round Ascon in the nonce-respecting setting without violating the data limit as specified in the design. First, we introduce a new superpoly-recovery technique named as \textit{partial polynomial multiplication} for which computations take place between the so-called degree-$d$ homogeneous parts of the involved Boolean functions for a $2d$-dimensional cube. We apply this method to 7-round Ascon and present several key recovery attacks. Our best attack can recover the 128-bit secret key with a time complexity of about $2^{123}$ 7-round Ascon permutations and requires $2^{64}$ data and $2^{101}$ bits memory. Also, based on division properties, we identify several 60 dimensional cubes whose superpolies are constant zero after 7 rounds. We further improve the cube distinguishers for 4, 5 and 6 rounds. Although our results are far from threatening the security of full 12-round Ascon, they provide new insights in the security analysis of Ascon.

Many lattice-based encryption schemes are subject to a very small probability of decryption failures. It has been shown that an adversary can efficiently recover the secret key using a number of ciphertexts that cause such a decryption failure. In PKC~2019, D'Anvers~et~al. introduced `failure boosting', a technique to speed up the search for decryption failures. In this work we first improve the state-of-the-art multitarget failure boosting attacks. We then improve the cost calculation of failure boosting and extend the applicability of these calculations to permit cost calculations of real-world schemes. Using our newly developed methodologies we determine the multitarget decryption failure attack cost for all parameter sets of Saber and Kyber, showing among others that the quantum security of Saber can theoretically be reduced from 172 bits to 145 bits in specific circumstances. We then discuss the applicability of decryption failure attack in real-world scenarios, showing that an attack might not be practical to execute.

In this paper we prove quantum indifferentiability of the sponge construction instantiated with random (invertible) permutations. With this result we bring the post-quantum security of the standardized SHA-3 hash function to the level matching its security against classical adversaries. To achieve our result, we generalize the compressed-oracle technique of Zhandry (Crypto'19) by defining and proving correctness of a compressed permutation oracle. We believe our technique will find applications in many more cryptographic constructions.

Quantum Key Distribution or QKD provides symmetric key distribution using the quantum mechanics/channels with new security properties. The security of QKD relies on the difficulty of the quantum state discrimination problem. We discover that the recent developments in PT symmetry can be used to expedite the quantum state discrimination problem and therefore to attack the BB84 QKD scheme. We analyze the security of the BB84 scheme and show that the attack significantly increases the eavesdropping success rate over the previous Hermitian quantum state discrimination approach. We design and analyze the approaches to attack BB84 QKD protocol exploiting an extra degree of freedom provided by the PT-symmetric quantum mechanics.

Noise, which cannot be eliminated or controlled by parties, is an incredible facilitator of cryptography. For example, highly efficient secure computation protocols based on independent samples from the doubly symmetric binary source (BSS) are known. A modular technique of extending these protocols to diverse forms of other noise without incurring any loss of round and communication complexity is the following strategy. Parties, beginning with multiple samples from an arbitrary noise source, non-interactively, albeit, securely, simulate the BSS samples. After that, they can use custom-designed efficient multi-party solutions for BSS.

Khorasgani, Maji, and Nguyen (EPRINT--2020) introduce the notion of secure non-interactive simulation (SNIS) as a natural cryptographic extension of concepts like non-interactive simulation and non-interactive correlation distillation in theoretical computer science and information theory. In SNIS, the parties apply local reduction functions to their samples to produce the samples of another distribution. This work studies the decidability problem of whether a sample from the noise $(X,Y)$ can securely and non-interactively simulate BSS samples. As is standard in analyzing non-interactive simulations, our work relies on Fourier analytic techniques to approach this decidability problem. Our work begins by algebraizing the simulation-based security definition of SNIS. Then, using this algebraized definition of security, we analyze the properties of the Fourier spectrum of the reduction functions.

Given $(X,Y)$ and BSS with parameter $\epsilon$, our objective is to distinguish between the following two cases. (A) Does there exist a SNIS from BSS$(\epsilon)$ to $(X,Y)$ with $\delta$-insecurity? (B) Do all SNIS from BSS$(\epsilon)$ to $(X,Y)$ incur $\delta'$-insecurity, where $\delta'>\delta$? We prove that there exists a bounded computable time algorithm achieving this objective for the following cases. (1) $\delta=\bigO{1/n}$ and $\delta'=$ positive constant, and (2) $\delta=$ positive constant, and $\delta'=$ another (larger) positive constant. We also prove that $\delta=0$ is achievable only when $(X,Y)$ is another BSS, where $(X,Y)$ is an arbitrary distribution over $\minusoo\times\minusoo$. Furthermore, given $(X,Y)$, we provide a sufficient test determining if simulating BSS samples incurs a constant-insecurity, irrespective of the number of samples of $(X,Y)$.

Technically, our work proceeds by demonstrating that the weight of the Fourier spectrum of the reduction functions is at most $\bigO{\delta}$ on higher-order components, where $\delta$ is the insecurity of the SNIS.

Keywords: Post-quantum cryptography, multivariate cryptography, multi-party computation, cryptographic protocols.

National Yunlin University of Science and Technology, Douliou, Yunlin County, Taiwan. YUNTECH is looking forward to recruiting young, talented and self-motivated students on two Ph.D. positions at PhD program of “Electrical Engineering and Computer Science” and “Information Management” to work on any of the following areas of applied cryptography under the supervision of Dr. Saru Kumari. Dr. Saru Kumari will join YUNTECH on 1st August 2021.

Design of post-quantum cryptographic protocols

Software and hardware implementation of post-quantum cryptographic protocols

Multi-party computation

Cryptographic protocols and their implementation

Privacy-preserving cryptographic protocols for cloud/edge/fog computing

Multivariate cryptographic protocols

Requisites for Ph.D. students:

A bachelor & master degree in Computer Science/Information Security

Strong mathematical background

Proficient written and verbal communication skills in English

Basic knowledge of blockchain technology

Elementary knowledge of crypto-currencies and their security

What we provide: As one of the best engineering and technology universities, YUNTECH provides students with excellent academic and practical training, an excellent research environment, and strong supervision by world-class scholars. We help graduates to develop their career in information and telecommunication industry and semiconductor industry, the outstanding industry of Taiwan in the world. Students recommended by Dr Kumari will get a full tuition waiver and a monthly stipend.

How to apply:

CV (highlighting their interests and strengths)

Transcripts

via email with the subject line:- “Application for Ph.D. in applied cryptography at YUNTECH”, to Dr Saru Kumari at saryusiirohi@gmail.com keeping cc Hsin-I Huang (Sandy) at hsinyier@yuntech.edu.tw

Application guide: https://reurl.cc/qmLgbg
Application deadline: May 21, 2021.

Closing date for applications:

Contact: Dr Saru Kumari at saryusiirohi@gmail.com keeping cc Hsin-I Huang (Sandy) at hsinyier@yuntech.edu.tw

More information: https://eng.yuntech.edu.tw/

There is one Ph.D. position opening at Dr. Jiafeng Harvest Xie's research group at the Department of Electrical and Computer Engineering of Villanova University, Villanova, PA (west of Philadelphia), USA. The research topics of this position primarily focused on cryptanalysis of the post-quantum cryptosystems. Interested ones are warmly welcomed to send their resume/CV to Dr. Xie through email: jiafeng.xie@villanova.edu

Requirements: preferred to be at the majors of Cryptography, Mathematics, Computer Science, Computer Engineering, Electrical Engineering and related others. Familiar with cryptanalysis and fault attack/detection will be desirable. Proficiency in programming languages such as C/C++ etc. Good at English communication and writing. Great enthusiasm of doing research oriented tasks. Excellent team work member.

Degree: both B.S. and M.S. graduates or similar are warmly welcomed to apply. Start date: Fall 2021. It is always better to apply as early as possible. Positions are open until they are filled.

The 2021 U.S. News & World Report ranks Villanova as tied for the 53th best National University in the U.S (Famous Alumni includes the Current First Lady of the United States, etc.).

Brief introduction of Dr. Xie: Dr. Jiafeng Harvest Xie is currently an Assistant Professor at the Department of Electrical and Computer Engineering of Villanova University. His research interests include cryptographic engineering, hardware security, and VLSI digital design. He is the Best Paper Awardee of IEEE HOST 2019. He has served the Associate Editor for Microelectronics Journal, IEEE Access, and IEEE Trans. Circuits and Systems II. He has also been awarded the 2019 IEEE Access Outstanding Associate Editor.

Closing date for applications:

Contact: Jiafeng Xie

More information: https://www1.villanova.edu/villanova/engineering/departments/ece/facultyStaff/biodetail.html?mail=jiafeng.xie@villanova.edu&xsl=bio_long

We aim to analyze and protect post-quantum schemes against side-channel attacks (starting with code-based cryptosystems), in particular implementations submitted to NIST. Having found flaws in these implementations, we will design countermeasures at the compilation (assembly language) level, to appropriately harden the code while preserving the algorithm. During the project, the candidate will work on countermeasures specific to post-quantum schemes and their actual implementation at the compilation level. More than the binaries, the methodology, the tools, and the solutions to various faced practical issues will be of great interest to the community. Depending on the background and interests of the candidate, we are open to adjustments to the research strategies.

Requirements:

PhD in related research areas

integration into the research environment

willingness to supervise Ph.D. student(s)

motivation to publish in A/A∗conferences

Closing date for applications:

Contact: Annelie Heuser, annelie.heuser@irisa.fr

Kudelski Security, a division of the Kudelski Group, is an innovative, independent Swiss provider of tailored cyber and media security solutions to enterprises and public sector institutions. Founded in 2012, Kudelski Security is headquartered in Phoenix, Arizona and Cheseaux-sur-Lausanne, Switzerland, and has offices all around the globe. For more information, please visit: www.kudelskisecurity.com

The Kudelski Security Research Team is looking for one (or more) researchers experienced with cryptography. You’ll join a multi-disciplinary team with members focused on cutting edge areas such as cryptography, quantum security, privacy preserving technologies, and AI security just to name a few. The position can be on-site or remote, and includes attractive salary and benefits depending on your seniority level.

Principal Duties:

A 50% split between activities generating revenue and research

Security audit of source code and architecture of cryptographic implementations

Create viable research projects from your own ideas or from other researchers and engineers

Identify areas of interest for further research and development

Create new intellectual property

Manage the lifecycle of research projects

Represent Kudelski Security in public forums (blogs, conferences, journals) through original publications

Mentor team members in your area

Required:

Proven experience demonstrating knowledge of cryptography (such as blog posts, published source code, academic papers, etc.)

At minimum Bachelor’s degree in computer science, computer engineering, information security or related field of study

Good knowledge of a modern programming language such as Go, Rust, Python as well as C/C++

Comfortable reading code developed in multiple programming languages

5+ years of experience in cybersecurity, research, or applied cryptography

Strong written and verbal communication skills in English

Ability to interface effectively with customers and internal stakeholders

For further information: https://careers.nagra.com/?page=adverti

Closing date for applications:

Contact: tommaso.gagliardoni@kudelskisecurity.com

More information: https://careers.nagra.com/?page=advertisement_display&id=11828