IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
17 November 2021
Christopher Battarbee, Delaram Kahrobaei, Dylan Tailor, Siamak F. Shahandashti
15 November 2021
You may vote as often as you wish now through November 16th using the Helios https://heliosvoting.org cryptographically-verifiable election system, but only your last vote will be counted.
Please see for a brief overview of how the Helios system works and https://www.iacr.org/elections/eVoting/ for information on the IACR decision to adopt Helios.
2021 members of the IACR (generally people who attended an IACR event in 2020) should shortly receive, or have already received, voting credentials from system@heliosvoting.org sent to their email address of record with the IACR. Please check your spam folder first if you believe that you haven't received the mail. Questions about this election may be sent to elections@iacr.org.
Information about the candidates can be found below and also at https://iacr.org/elections/2021/candidates.php.
Jean-Pierre Münch, Thomas Schneider, Hossein Yalame
SoK: Password-Authenticated Key Exchange -- Theory, Practice, Standardization and Real-World Lessons
Feng Hao, Paul C. van Oorschot
Luca Notarnicola, Gabor Wiese
Erik Anderson, Melissa Chase, F. Betul Durak, Esha Ghosh, Kim Laine, Chenkai Weng
Kotaro Abe, Makoto Ikeda
Maria Corte-Real Santos, Craig Costello, Jia Shi
Ghada Arfaoui, Pierre-Alain Fouque, Thibaut Jacques, Pascal Lafourcade, Adina Nedelcu, Cristina Onete, Léo Robert
Thomas Espitau, Pierre-Alain Fouque, François Gérard, Mélissa Rossi, Akira Takahashi, Mehdi Tibouchi, Alexandre Wallet, Yang Yu
Clemens Hlauschek, Norman Lahr, Robin Leander Schröder
HQC is a promising code-based key encapsulation scheme and selected as an alternate candidate in the third round of the competition, which puts it on track for getting standardized separately to the finalists, in a fourth round.
Despite having already received heavy scrutiny with regard to side channel attacks, in this paper, we show a novel timing vulnerability in the optimized implementations of HQC, leading to a full secret key recovery. The attack is both practical, requiring only approx. 866,000 idealized decapsulation timing oracle queries in the 128-bit security setting, and structurally different from previously identified attacks on HQC: Previously, exploitable side-channel leakages have been identified in the BCH decoder of a previously submitted version, in the ciphertext check as well as in the PRF of the Fujisaki-Okamoto (FO) transformation employed by several NIST PQC KEM candidates. In contrast, our attack uses the fact that the rejection sampling routine invoked during the deterministic re-encryption of the KEM decapsulation leaks secret-dependent timing information. These timing leaks can be efficiently exploited to recover the secret key when HQC is instantiated with the (now constant-time) BCH decoder, as well as with the RMRS decoder of the current submission. Besides a detailed analysis of the new attack, we discuss possible countermeasures and their limits.
14 November 2021
Novosibirsk, Russia, 7 June - 9 June 2022
Submission deadline: 20 February 2022
Notification: 15 April 2022
Florida Atlantic University, Boca Raton, FL
Closing date for applications:
Contact: For more information and to apply, visit www.fau.edu/jobs and go to Apply Now REQ11778.
More information: http://www.fau.edu/jobs
Dept. of Computer Science, Aarhus University, Denmark
The Cryptography & Security group is focused on the design of cryptographic protocols, distributed ledger technology as well as the development of fundamental cryptographic techniques. Note that this call is open ended, please send your application as soon as possible.
We currently have two open Postdoc positions. The successful candidate will work either with Prof. Ivan Damgård on the SecureDNA project or Prof. Jesper Buus Nielsen as part of the Cobra Research center. He or she will contribute to either of these research projects, as described in more detail here:
SecureDNA: improve efficiency and security of the SecureDNA system by conducting fundamental research in areas such as adaptive protocol security as well as the design of post-quantum cryptographic primitives, e.g., design of threshold PRF and OPRF. Work with the SecureDNA developers towards implementation of these improvements.
Cobra: Design and analysis of blockchain consensus protocols. Design and analysis of cryptographic tools for blockchains, e.g., zero-knowledge, MPC for blockchain, anonymous payments. Design and analysis of layer 2 protocols for blockchains.
The candidate is expected to spend part of the research time collaborating with Concordium Research on blockchain related research topics and can expect to coordinate part of the daily collaboration between COBRA and Concordium Research. There is also time for independent research and no restrictions on collaboration with other researchers.
Requirements: a Ph.D. degree in Computer Science, Applied Mathematics, or a related field. Competitive research record in cryptography or information security. Strong mathematical and algorithmic CS background. Fluent written and verbal communication skills in English
We offer a one-year employment contract, which is extendable based on performance, and highly competitive salaries.
Send your application with all material collected in a single pdf file to the contact person below.
Closing date for applications:
Contact: Malene Andersen, malene.andersen@cs.au.dk
University of Wollongong, Australia
Closing date for applications:
Contact: Prof Willy Susilo
More information: https://ejgl.fa.ap1.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/1795/?utm_medium=jobshare
TU Wien
The successful candidate will conduct world-class research on the formal verification of security properties in cryptocurrencies, smart contracts, and DeFi applications.
The Security and Privacy group at TU Wien is internationally renowned, regularly publishes in top security and privacy venues, and consists of an international and diverse team with various expertise in the field of cryptography, security, and privacy.
We offer:
- An international environment: the working language is English, knowledge of German is not required.
- Continuing personal and professional education and flexible working hours
- Central location of workplace with very good accessibility (U1/U2/U4 Karlsplatz)
- A creative environment in one of the most liveable cities in the world
- A highly competitive salary
- a motivation letter
- Bachelor and Master transcripts of records
- a publication list
- a curriculum vitae
- contact information for two referees
Additional details on the call are available at https://secpriv.wien/work/Bot.pdf
Closing date for applications:
Contact: Univ.-Prof. Dr. Matteo Maffei (matteo.maffei@tuwien.ac.at)
More information: https://secpriv.wien/work/Bot.pdf
Institute of Information Security and Dependability at KIT, Germany
You will be a member of the KASTEL Security Research Labs (https://zentrum.kastel.kit.edu) and the Topic "Engineering Secure Systems" of the Helmholtz Association. KASTEL brings together security researchers belonging to various disciplines and offers excellent funding opportunities for your research projects.
Your research will be dealing with cryptographic protocols for privacy-preserving computations, e.g., applied to mobility systems. It will result in both theoretical security concepts (protocol designs, security proofs, etc.) and their practical implementation (e.g., a demonstrator) for some application domain. The contract will initially be limited to 1 year, but can be extended by several years (depending on the candidates performance).
If you are interested, please send me an email and formally apply using the link: ogy.de/cryptojob. Besides your CV including a list of your publications, please also include the names of three references.
Closing date for applications:
Contact: Andy Rupp (andy.rupp@rub.de)
Ruhr-Universitaet, Faculty of Computer Science, Bochum, Germany
TENURE TRACK AND FULL PROFESSORSHIP FOR PRIVACY
The Horst Görtz Institute for IT Security (HGI) in Bochum, Germany is one of the most renowned institutes in the field of IT Security in Europe. The HGI currently hosts 26 faculty members, maintains extensive networks and has produced numerous successful start-ups. HGI is home to the Cluster of Excellence "CASA: Cyber Security in the Age of Large-Scale Adversaries", funded with approximately 30 million euros. This outstanding environment offers excellent working conditions in a highly topical and exciting field. In addition, there is a very good working atmosphere in a young and diverse group of researchers.
The Faculty of Computer Science at Ruhr-Universität Bochum invites applications for an Assistant Professorship with tenure track and a tenured Full Professorship for Privacy. Applicants should have an excellent track record in research and teaching in at least one of the following areas:
We are looking for a scientist with an internationally visible research profile, who complements already existing focus areas. We expect a willingness to cooperate with the HGI as well as an active role in current and planned projects, especially in the Cluster of Excellence "CASA: Cyber Security in the Age of Large Scale Adversaries". The Max Planck Institute for Security and Privacy offers additional possibilities for collaboration.
Official job adds can be found here https://www.stellenwerk-bochum.de/en/node/407452 . Applications are requested by December 15, 2021 to the Dean of the Faculty of Computer Science at Ruhr-Universität Bochum, Alexander May, e-mail: career-casa@rub.de. Further information can be found on our homepages at https://informatik.rub.de/en/ https://casa.rub.de/en/
Closing date for applications:
Contact: Alexander May, Dean of the Faculty of Computer Science at Ruhr-Universitaet Bochum, Germany
More information: https://informatik.rub.de/en/
Australian National University, School of Computing, Canberra, Australia
Based in the School of Computing at the Australian National University several fully funded PhD positions are available in on a project called “Efficient privacy-persevering proofs for secure e-government and e-voting.” The positions are for 3 years.
You will work on applying formal methods, particularly interactive theorem provers, to cryptography. The main focus of the project is verifying zero-knowledge proof systems.
The PhD student is expected to have a master's degree or equivalent, and a strong background in one or more of cryptography, formal methods, and mathematics.
Closing date for applications:
Contact: Thomas Haines
University of Leuven (Campus Diepenbeek)
The department of Electrical Engineering (also known as ESAT (https://www.esat.kuleuven.be/english) of the KU Leuven conducts research at a high international level. It is also responsible for education in the domains of electrical engineering, electronics, and information processing. The department is also co-founder of many spin-off companies. With more than 300 PhD students, 200 master students, and 100 staff members, ESAT is a strong international research and educational department.
The applicant will join the Embedded Systems & Security (ES&S) group (https://iiw.kuleuven.be/onderzoek/ess) that is part of the COSIC research group (https://www.esat.kuleuven.be/cosic).
Closing date for applications:
Contact: Prof. Georges Gielen, Chair, Departement Electrical Engineering-ESAT, georges.gielen(AT)kuleuven.be
More information: https://www.kuleuven.be/personeel/jobsite/jobs/60004322?hl=en&lang=en