International Association
for Cryptologic Research

Event date: 29 May 2022
Submission deadline: 7 March 2022
Notification: 15 April 2022

Event date: 5 July to 7 July 2022
Submission deadline: 10 January 2022

The chair of IT Security in the Faculty of Mathematics, Computer Science, Physics, Electrical Engineering and Information Technology at the Brandenburg University of Technology Cottbus-Senftenberg (located in direct vicinity between Berlin and Dresden) is currently seeking a highly motivated:
Junior Researcher / PhD Student, limited to 2 years, full time, with possibility for extension
Our chair performs research and teaching in the area of IT Security with a strong focus on Network Security and Online Privacy. Our goal is to advance the state of the art in research and to educate qualified computer scientists in the area of IT Security who are able to meet the challenges of the growing demand on securing IT Systems and provide data protection in various areas of our life and society. More information about us can be found at https://www.b-tu.de/en/fg-it-sicherheit.
Tasks:
Active research in the area of intrusion detection systems (IDS) for critical infrastructures, secure cyber-physical systems, and artificial intelligence / machine learning for traffic analysis.
Implementation and evaluation of new algorithms and methods.
Cooperation and knowledge transfer with industrial partners.
Publication of scientific results.
Assistance with teaching.
The employment takes place with the goal of doctoral graduation (obtaining a PhD degree). Requirements:
Master’s degree (or equivalent) in Computer Science or related disciplines.
Strong interest in IT security and/or networking and distributed systems.
Knowledge of at least one programming language (C++, Java, etc.) and one scripting language (Perl, Python, etc.) or strong willingness to quickly learn new programming languages.
Linux/Unix skills.
Knowledge of data mining, machine learning, statistics and result visualization concepts is of advantage.
Excellent working knowledge of English; German is of advantage
Excellent communication skills.
For more information about the vacant position please contact Prof. A. Panchenko (E-Mail: itsec-jobs.informatik@lists.b-tu.de).
We value diversity and therefore welcome all applications.

Closing date for applications:

Contact: Prof. Andriy Panchenko

More information: https://www.b-tu.de/en/fg-it-sicherheit

The Networked Wireless Systems Lab (NeWS Lab) at Indian Institute of Technology Hyderabad (IITH) is looking for a Post-Doc to work on the 5G security research. The position is for one year and would be extended based on the performance. The applicant should be an Indian national and have or expected to have a PhD degree in the area of network security and willing to work on the 5G security. Interested candidates can send their CV with names of potential references with the subject line "Application for Postdoc Position in 5G Security".

Closing date for applications:

Contact: Dr. Antony Franklin, Associate Professor, Department of Computer Science and Engineering, Indian Institute of Technology Hyderabad, India.

More information: https://newslab.iith.ac.in/

The Security and Networking Lab (SECAN-Lab), headed by Prof. Dr. Thomas Engel, part of the Department of Computer Science at the Faculty of Science, Technology and Medicine (FSTM), is currently looking for a Postdoc in Security of Automotive Networks. Your Role... The successful applicant will be integrated in SECAN-Lab, a research group which addresses both fundamental and applied research in computer networking, privacy, and security, applied to in-car and vehicular communication (V2X) scenarios. The yearly gross salary for every Postdoctoral researcher at the UL is EUR 75.285 (full time) The position takes a key role within two major projects: SETICA (SEcuring TIme Critical traffic in (next gen) Automotive networks) – a project jointly funded by the Luxembourg National Research Fund (FNR) and Honda R&D Europe, Germany, under the FNR-BRIDGES funding program. 5G-MOBIX – a EU H2020 project that focuses on developing and testing Cooperative, Connected, and Automated Mobility (CCAM) use cases using 5G core technological innovations along multiple cross-border corridors and urban trial sites. In the context of the SETICA project, the successful candidate will research methods for securing time critical traffic in next generation automotive networks. This includes methods and solutions for time synchronization and Time Sensitive Networking (TSN) security, SDN support for securing TSN, as well as building a security-enabled testbed as basis for the aforementioned research items. In the context of 5G-MOBIX, the successful candidate will focus on disseminating the project results to the international community and actively participate in the ongoing standardization activities related to 5G for CCAM. Your Mission Scientifically co-advising doctoral dissertations in the relevant area Presentation of research findings at workshops and conferences Publication of scientific papers in peer-reviewed international journals Dissemination of project results via reports, deliverables, and standardization activities Participation in teaching activities

Closing date for applications:

Contact: Prof. Dr. Thomas Engel (admin-engel@uni.lu).

More information: https://recruitment.uni.lu/en/details.html?nPostingId=66756&nPostingTargetId=102388&id=QMUFK026203F3VBQB7V7VV4S8&LG=UK&mask=karriereseiten&sType=Social%20Recruiting

We consider the problem of constructing an unconditionally secure cipher for the case when the key length is less than the length of the encrypted message. (Unconditional security means that a computationally unbounded adversary cannot obtain information about the encrypted message without the key.) In this article, we propose data compression and randomization techniques combined with entropically-secure encryption. The resulting cipher can be used for encryption in such a way that the key length does not depend on the entropy or the length of the encrypted message; instead, it is determined by the required security level.

We introduce distance-comparison-preserving symmetric encryption (DCPE), a new type of property-preserving encryption (PPE) that preserves relative distance between plaintext vectors. DCPE is naturally suited for nearest-neighbor search on encrypted data. To achieve meaningful security, we divert from prior work on PPE and ask for approximate correctness, which is natural given the prevalence of approximate nearest neighbor (ANN) search. We conduct a thorough study of what security approximate DCPE can provide and how to construct it.

Based on a relation we prove between approximate DCP and approximate distance-preserving functions, we design our core approximate DCPE scheme we call Scale-And-Perturb ($\mathsf{SAP}$). The encryption algorithm of $\mathsf{SAP}$ processes data on-the-fly. To boost security, we also introduce two preprocessing techniques: (1) normalizing the plaintext distribution, and (2) shuffling, wherein the component-wise encrypted dataset is randomly permuted. We prove (under suitable restrictions) that $\mathsf{SAP}$ achieves an indistinguishability-based security notion we call Real-or-Replaced ($\mathsf{RoR}$). In particular, our $\mathsf{RoR}$ result implies that our scheme prevents membership inference attacks by Yeom et al. (CSF 2018). Moreover, we show for i.i.d. multivariate normal plaintexts, we get security against approximate frequency-finding attacks, the main line of attacks against property-preserving encryption. This follows from a one-wayness $(\mathsf{OW})$ analysis. Finally, carefully combining our $\mathsf{OW}$ and $\mathsf{RoR}$ results, we are able characterize bit-security of $\mathsf{SAP}$.

Our overall findings are that our scheme not only has superior bit-security to OPE but resists specific attacks that even ideal order-revealing encryption (Boneh et al., EUROCRYPT 2015) does not. This suggests it could be sufficient for certain ANN applications, a subject on which we encourage further study.

We derive the first adaptively secure IBE and ABE for t-CNF, and selectively secure ABE for general circuits from lattices, with $1-o(1)$ leakage rates, in the both relative leakage model and bounded retrieval model (BRM).

To achieve this, we first identify a new fine-grained security notion for ABE -- partially adaptive/selective security, and instantiate this notion from LWE. Then, by using this notion, we design a new key compressing mechanism for identity-based/attributed-based weak hash proof system (IB/AB-wHPS) for various policy classes, achieving (1) succinct secret keys and (2) adaptive/selective security matching the existing non-leakage resilient lattice-based designs. Using the existing connection between weak hash proof system and leakage resilient encryption, the succinct-key IB/AB-wHPS can yield the desired leakage resilient IBE/ABE schemes with the optimal leakage rates in the relative leakage model. Finally, by further improving the prior analysis of the compatible locally computable extractors, we can achieve the optimal leakage rates in the BRM.

As a building block, gadgets and associated algorithms are widely used in advanced lattice cryptosystems. The gadget algorithms for power-of-base moduli are very efficient and simple, however the current algorithms for arbitrary moduli are still complicated and practically more costly despite several efforts. Considering the necessity of arbitrary moduli, developing simpler and more practical gadget algorithms for arbitrary moduli is crucial to improving the practical performance of lattice based applications.

In this work, we propose two new gadget sampling algorithms for arbitrary moduli. Our first algorithm is for gadget Gaussian sampling. It is simple and efficient. One distinguishing feature of our Gaussian sampler is that it does not need floating-point arithmetic, which makes it better compatible with constrained environments. Our second algorithm is for gadget subgaussian sampling. Compared with the existing algorithm, it is simpler, faster, and requires asymptotically less randomness. In addition, our subgaussian sampler achieves an almost equal quality for different practical parameters. Overall these two algorithms provide simpler options for gadget algorithms and enhance the practicality of the gadget toolkit.

Pseudorandom states, introduced by Ji, Liu and Song (Crypto'18), are efficiently-computable quantum states that are computationally indistinguishable from Haar-random states. One-way functions imply the existence of pseudorandom states, but Kretschmer (TQC'20) recently constructed an oracle relative to which there are no one-way functions but pseudorandom states still exist. Motivated by this, we study the intriguing possibility of basing interesting cryptographic tasks on pseudorandom states.

We construct, assuming the existence of pseudorandom state generators that map a $\lambda$-bit seed to a $\omega(\log\lambda)$-qubit state, (a) statistically binding and computationally hiding commitments and (b) pseudo one-time encryption schemes. A consequence of (a) is that pseudorandom states are sufficient to construct maliciously secure multiparty computation protocols in the dishonest majority setting.

Our constructions are derived via a new notion called pseudorandom function-like states (PRFS), a generalization of pseudorandom states that parallels the classical notion of pseudorandom functions. Beyond the above two applications, we believe our notion can effectively replace pseudorandom functions in many other cryptographic applications.

Information security plays a major role in the dynamics of today’s interconnected world. Despite the successful implementation and effectiveness of modern cryptographic techniques, their inherent limitations can be exploited by quantum computers. In this article we discuss Grover’s quantum searching algorithm and its impact on the security of modern symmetric ciphers. More specifically, we present its formal description and give an implementation of the algorithm using IBM’s Qiskit framework, which allows us to simulate and run the program on a real device.

Applications today rely on cloud databases for storing and querying time-series data. While outsourcing storage is convenient, this data is often sensitive, making data breaches a serious concern. We present Waldo, a time-series database with rich functionality and strong security guarantees: Waldo supports multi-predicate filtering, protects data contents as well as query filter values and search access patterns, and provides malicious security in the 3-party honest-majority setting. In contrast, prior systems such as Timecrypt and Zeph have limited functionality and security: (1) these systems can only filter on time, and (2) they reveal the queried time interval to the server. Oblivious RAM (ORAM) and generic multiparty computation (MPC) are natural choices for eliminating leakage from prior work, but both of these are prohibitively expensive in our setting due to the number of roundtrips and bandwidth overhead, respectively. To minimize both, Waldo builds on top of function secret sharing, enabling Waldo to evaluate predicates non-interactively. We develop new techniques for applying function secret sharing to the encrypted database setting where there are malicious servers, secret inputs, and chained predicates. With 32-core machines, Waldo runs a query with 8 range predicates over $2^{18}$ records in 3.03s, compared to 12.88s for an MPC baseline and 16.56s for an ORAM baseline. Compared to Waldo, the MPC baseline uses 9 − 82× more bandwidth between servers (for different numbers of records), while the ORAM baseline uses 20 − 152× more bandwidth between the client and server(s) (for different numbers of predicates).

Horizen Labs is a blockchain technology company that designs, develops, and delivers powerful, scalable, and reliable distributed ledger solutions for business.

Our Core Engineering Team is an innovative and collaborative group of researchers and software engineers who are dedicated to the design and development of world-class blockchain-based products. We are looking for a cryptographer, or applied cryptographer, to join our growing crypto team based in Milan, Italy. Currently, the team is developing a protocol suite for SNARK-based proof-composition, but its duties reach beyond that, developing privacy-enhancing solutions for our sidechain ecosystem.

Responsabilities

• Design privacy-enhancing technology built on SNARK-based protocols
• Perform collaborative research and assist technical colleagues in their development work
• Participate in standards-setting

Requirements

• Ph.D. in mathematics, computer science, or cryptography
• Solid foundations in zero-knowledge and cryptographic protocols
• Publications in acknowledged venues on applied or theoretical cryptography, preferably cryptographic protocols or PETs
• Strong problem-solving skills
• The ability to work in a team setting as well as autonomously
• Foundations in blockchain technology and experience in reading Rust are a plus

We offer

• A competitive salary plus pre-series A stock options
• Flexible working hours, including the possibility of remote working
• The opportunity to work with talented minds on challenging topics in this field, including the most recent advancements in zero-knowledge
• A nice and informal team setting to conduct research and development of high-quality open source solutions

If you are interested in this position, you might want to take a look at our recent publications (IACR eprints 2021/930, 2021/399, 2020/123) and our latest podcast on zeroknowledge.fm (Episode 178). For further questions, please contact the email below.

Closing date for applications:

Contact: recruiting@horizenlabs.io

More information: https://horizenlabs.io/careers/job/?gh_jid=4116067004

The Basque Center for Applied Mathematics (BCAM), in Bilbao, is offering a postdoc position for 2 years, with starting date as soon as possible. We are seeking for excellent candidates with a PhD in Mathematics or Computer Science interested in post quantum cryptography with a with good background on mathematical areas related with it, number theory, computational algebra and algebraic geometry, etc. Good programming skills is a plus. The working language is English.

BCAM is an research center of applied mathematics located in Bilbao. Its research is transversal, covering from core developments in mathematics to the most applied aspects. It enjoys the Severo Ochoa distinction (the highest rank distinction for research centers in Spain). The position is the framework of the creation of a new research line in (post-quantum) cryptography, which falls within the Basque strategy on Quantum computing, Quantum Cryptography and Quantum save Cryptography. The research line will be lead by Prof. Ignacio Luengo (UCM, Madrid), with the collaboration of Prof. Jintai Ding (Tsinghua University).

Applications at: http://www.bcamath.org/en/research/job/ic2021-12-postdoctoral-fellow-on-post-quantum-cryptography

Closing date for applications:

Contact: Enquiries about the position can be sent to iluengo@mat.ucm.es

More information: http://www.bcamath.org/en/research/job/ic2021-12-postdoctoral-fellow-on-post-quantum-cryptography

Several PhD positions in the domains of cryptography, computer security, privacy, and blockchain-based systems are available at the University of Connecticut (UConn) - Computer Science and Engineering department starting 2022, led by Prof. Ghada Almashaqbeh.

The positions provide a great opportunity for students with interest in interdisciplinary projects that combine knowledge from various fields towards the design of secure systems and protocols. We target real-world timely problems and aim to provide secure and practical solutions backed by rigorous foundations and efficient implementations/thorough performance testing. We are also interested in conceptual projects that contribute in bridging the gap between theory and practice of Cryptography. For more information about our current and previous projects please check https://ghadaalmashaqbeh.github.io/research/.

For interested students, please send your CV to ghada@uconn.edu and provide any relevant information about the topics you want to work on and the skills/related background you have.

Closing date for applications:

Contact: Ghada Almashaqbeh

More information: https://ghadaalmashaqbeh.github.io/

The Section of Artificial Intelligence, Cybersecurity, and Programming Languages at the Department of Mathematics and Computer Science at the University of Southern Denmark (main campus, Odense) invites applications for tenure-track assistant professor positions in Computer Science.

Application deadline: 15 February 2022.

Link to the call: https://www.sdu.dk/da/service/ledige_stillinger/1180362?sc_lang=en

The University of Southern Denmark wishes its staff to reflect the diversity of society and thus welcomes applications from all qualified candidates regardless of personal background.

Closing date for applications:

Contact:

Please feel free to reach out to Professor Fabrizio Montesi (fmontesi@imada.sdu.dk) or Assistant Professor Ruben Niederhagen (niederhagen@imada.sdu.dk) for more information.

More information: https://www.sdu.dk/da/service/ledige_stillinger/1180362?sc_lang=en

Multiple Post-Docs in Post-Quantum Cryptography Academia Sinica, at the very edge of Taipei, is the national research institute of Taiwan. Here we have an active group of cryptography researchers, including Dr. Bo-Yin Yang, Dr. Kai-Min Chung, Dr. Tung Chou, and Dr. Ruben Niederhagen, covering wide research topics in cryptography and actively collaborating with researchers from related research areas such as program verification. We are looking for Post-Docs in PQC (Post-Quantum Cryptography). Here PQC is broadly defined. Starting date is early 2022, for terms of 1 year, renewable. Potential PQC research topics include cryptanalysis, implementation, and theory. Bo-Yin is in particular interested in people who have hands on experience with the design, implementation and/or analysis of cryptosystems submitted to NIST\'s post-quantum standardization project, and Kai-Min is looking for people interested in theoretical aspects of Post-Quantum Cryptography, such as security in the QROM model and novel (post-)quantum primitives and protocols. We are also particularly interested in people with diverse background to facilitate collaboration among our group members. Requires background in mathematics, computer science and cryptography. We desire a research track record in some aspects of post-quantum cryptography, but are especially looking for researchers with a broad research spectrum going from mathematical aspects to the practical side such as implementation aspects. We offer about 2200 USD (~2000 EUR) per month (commensurate with what a starting assistant professor makes locally) in salary and include a 5000 USD per year personal academic travel budget.

Closing date for applications:

Contact: Bo-Yin Yang (by at crypto.tw)

Kai-Min Chung (kmchung at iis.sinica.edu.tw)

Identity-based matchmaking encryption (IB-ME) is a generalization of identity-based encryption where the sender and the receiver can both specify a target identity: if both the chosen target identities match the one of the other party, the plaintext is revealed, and otherwise the sender’s identity, the target identity, and the plaintext remain hidden. Previous work showed how to construct IB-ME in the random oracle model. We give the first construction in the plain model, based on standard assumptions over bilinear groups.

At the turn of the century, 80-bit security was the standard. When considering discrete-log based cryptosystems, it could be achieved using either subgroups of 1024-bit finite fields or using (hyper)elliptic curves. The latter would allow more compact and efficient arithmetic, until Lenstra and Verheul invented XTR. Here XTR stands for 'ECSTR', itself an abbreviation for Efficient and Compact Subgroup Trace Representation. XTR exploits algebraic properties of the cyclotomic subgroup of sixth degree extension fields, allowing representation only a third of their regular size, making finite field DLP-based systems competitive with elliptic curve ones. Subsequent developments, such as the move to 128-bit security and improvements in finite field DLP, rendered the original XTR and closely related torus-based cryptosystems no longer competitive with elliptic curves. Yet, some of the techniques related to XTR are still relevant for certain pairing-based cryptosystems. This chapter describes the past and the present of XTR and other methods for efficient and compact subgroup arithmetic.

This paper presents an Identifiable Cheating Entity (ICE) FROST signature protocol that is an improvement over the FROST signature scheme (Komlo and Godberg, SAC 2020) since it can identify cheating participants in its Key Generation protocol. The proposed threshold signature protocol achieves robustness in theKey Generation phase of the threshold signature protocol by introducing a cheating identification mechanism and then excluding cheating participants from the protocol. By enabling the cheating identification mechanism, we remove the need to abort the Key Generation protocol every time cheating activity is suspected. Our cheating identification mechanism allows every participant to individually check the validity of complaints issued against possibly cheating participants. Then, after all of the cheating participants are eliminated, the Key Generation protocol is guaranteed to finish successfully. On the other hand, the signing process only achieves a weak form of robustness, as in the original FROST. We then introduce static public key variant of ICE FROST. Our work is the first to consider static private/public keys for a round-optimized Schnorr-based signature scheme. With static public keys, the group’s established public and private keys remain constant for the lifetime of signers, while the signing shares of each participant are updated overtime, as well as the set of group members, which ensures the long-term security of the static keys and facilitates the verification process of the generated threshold signature because a group of signers communicates their public key to the verifier only once during the group’s lifetime. Our implementation benchmarks demonstrate that the runtime of the protocol is feasible for real-world applications.