International Association
for Cryptologic Research

Security of the many keyed hash-based cryptographic constructions (such as HMAC) depends on the fact that the underlying compression function $g(H,M)$ is a pseudorandom function (PRF). This paper presents key-recovery algorithms for 7 rounds (of 12) of Streebog compression function. Two cases were considered, as a secret key can be used: the previous state $H$ or the message block $M$. The proposed methods implicitly show that Streebog compression function has a large security margin as PRF in the above-mentioned secret-key settings.

Payment channels have been a promising solution to blockchain scalability. While payment channels for script-empowered blockchains (such as Bitcoin and Ethereum) have been well studied, developing payment channels for scriptless blockchains (such as Monero) is considered challenging. In particular, enabling bidirectional payment on scriptless blockchains remains an open challenge. This work closes this gap by providing AuxChannel, the first bi-directional payment channel protocol for scriptless blockchains, meaning that building payment channels only requires the support of verifiably encrypted signature (aka adaptor signature) on the underlying blockchain. AuxChannel leverages verifiably encrypted signature to create a commitment for each off-chain payment and deploys a verifiable decentralised key escrow service to resolve dispute. To enable efficient construction of AuxChannel, we introduce a new cryptographic primitive, named Consecutive Verifiably Encrypted Signature (CVES), as a core building block and it can also be of independent interest for other applications. We provide and implement a provably secure instantiation on Schnorr-based CVES. We also provide a formal security analysis on the security of the proposed AuxChannel.

The Department of Mathematical Sciences at NTNU is looking for a postdoc in public-key cryptography. The position is hosted by Jiaxin Pan. This position is funded by a project from the Research Council of Norway with focus on provable security. Potential topics are, but not limited to, digital signatures, zero-knowledge proofs, and post-quantum cryptography.

The candidate will work on theoretical aspects of public-key cryptography and is expected to publish at IACR conferences (such as Crypto, Eurocrypt, Asiacrypt, etc.) and renowned security conferences (such as IEEE S&P, ACM CCS, etc.). Thus, a track record of publications at these conferences is preferrable for the successful candidate.

Further details: The position holder will participate in many activities of the Cryptology Lab at NTNU which has 9 faculty members working on both applied and theoretical aspects of cryptology. The working place is in Trondheim, Norway. Trondheim is a modern European city with a rich cultural scene. It offers great opportunities for education (including international schools) and possibilities to enjoy nature, culture and family life and has low crime rates and clean air quality.

Application: More details are given here: https://www.jobbnorge.no/en/available-jobs/job/220131/postdoctoral-fellow-in-cryptography. We only accept applications from this jobbnorge.no page.

The deadline for application is the 31st of March, 2022.

Closing date for applications:

Contact: Jiaxin Pan

More information: https://www.jobbnorge.no/en/available-jobs/job/220131/postdoctoral-fellow-in-cryptography

Event date: 13 July to 17 July 2022
Submission deadline: 21 February 2022
Notification: 15 April 2022

Event date: 6 June 2022
Submission deadline: 4 March 2022
Notification: 8 April 2022

Project: Next Generation Wireless Research and Standardization on 5G and Beyond

Applications are invited from Indian nationals for the positions of “Junior Research Fellow.”

Number of Positions: One (1)

Salary : 31,000 per month + 24% HRA

Qualifications:
1ST class Post Graduate Degree in Basic Science with NET* qualification or Graduate Degree in Professional Course with NET* qualification or Post Graduate Degree in Professional Course with NET* qualification.

Desired Qualifications:

a. Degree in computer Science with coding proficiency and any other working experience relevant to the projects.

b. Have some familiarity with one or more of the following: Cryptography, UAS, 5G Security.

c. Special preference will given to people who have prior experience working with 5G standard.

*The requirement of qualifying NET/GATE examination for the selection to the post of JRF/SRF may be relaxed for the candidates who have graduate from Centrally Funded Technical Institute (CFTIs) with a CGPA of more than 8.000 (80% aggregate marks)

How to Apply: Candidates should only apply using the application form download the given link.(https://ird.iitd.ac.in/sites/default/files/ird_nforms/ird_rec_4.pdf)

A duly completed application form along with the candidate’s detailed CV must be mailed at: 5g.bhartischool@gmail.com

The last date for submitting the completed applications by e-mail is 10/02/2022 by 5.00 pm

Closing date for applications:

Contact:
Dr. Dhiman Saha
Assistant Professor
Department of EECS, IIT Bhilai
Email: decipheredlab@iitbhilai.ac.in, get@de.ci.phe.red
For more info on the research group visit: http://de.ci.phe.red

More information: https://lnkd.in/gNfMQ7PB

limited to 2 years, full time, with possibility for extension

Our chair performs research and teaching in the area of IT Security with a strong focus on Network Security and Online Privacy. Our goal is to advance the state of the art in research and to educate qualified computer scientists in the area of IT Security who are able to meet the challenges of the growing demand on securing IT Systems and provide data protection in various areas of our life and society

Tasks:
- Active research in the area of intrusion detection systems (IDS) for critical infrastructures, secure cyber-physical systems, and artificial intelligence / machine learning for traffic analysis
- Implementation and evaluation of new algorithms and methods
- Cooperation and knowledge transfer with industrial partners
- Publication of scientific results
- Assistance with teachingy

The employment takes place with the goal of doctoral graduation (obtaining a PhD degree).

Requirements:
- Master’s degree (or equivalent) in Computer Science or related disciplines
- Strong interest in IT security and/or networking and distributed systems
- Knowledge of at least one programming language (C++, Java, etc.) and one scripting language (Perl, Python, etc.) or strong willingness to quickly learn new programming languages
- Linux/Unix skills
- Knowledge of data mining, machine learning, statistics and result visualization concepts is of advantage
- Excellent working knowledge of English; German is of advantage Excellent communication skills

Applications containing the following documents:
- A detailed Curriculum Vitae
- Transcript of records from your Master studies
- An electronic version of your Master thesis, if possible should be sent in a single PDF file as soon as possible, but not later than 20.02.2022 at itsec-jobs.informatik@lists.b-tu.de.

Closing date for applications:

Contact: Andriy Panchenko

More information: https://www.b-tu.de/en/fg-it-sicherheit

The Safety-Security-Interaction (SSI) group at the Carl von Ossietzky University of Oldenburg invites applications for a full-time position as Doctoral Researcher (Research Assistant/Ph.D. Student) in the domain of Cybersecurity for an initial period of 3 years.

More information: https://uol.de/en/jobs?stelle=68597

Deadline for applications: 21 February 2022, 23:59 CET

Closing date for applications:

Contact: Prof. Dr. Andreas Peter (andreas.peter@uol.de)

More information: https://uol.de/en/jobs?stelle=68597

Event date: 10 June 2022
Submission deadline: 4 March 2022
Notification: 8 April 2022

Event date: 18 September to 21 September 2022

Event date: to
Submission deadline: 15 June 2022
Notification: 24 August 2022

Event date: 25 April to 29 April 2022
Submission deadline: 18 February 2022
Notification: 4 March 2022

PKC 2022 will be held virtually on March 8-11, 2022.

The registration for PKC 2022 is now open: https://pkc.iacr.org/2022/registration.php

Registration is free for IACR members; non-IACR members will be asked to pay the IACR membership fee during registration.

The School of Computer Science & Information Technology (CSIT) seeks to appoint a lecturer (assistant professor) in Computer Science (Cybersecurity) to complement and strengthen the Schools’ research and teaching interests. Computer security has been a topic of research and teaching in the School for over thirty years. The school continues to grow with the appointment of new staff with cyber security expertise, introduction of new courses, and significant development of our cybersecurity research portfolio.

The school strategy is to expand its research and teaching in the area of Cybersecurity and candidates with such expertise are encouraged to apply. The School seeks to appoint a committed computer science academic, a dynamic and thoughtful individual who will contribute to its research-led teaching ethos and research agenda.

The School of CSIT has 32 full-time academic staff and offers degrees at bachelors, masters and doctoral level. It offers a welcoming and open working environment, with excellent administrative and technical support, and an inclusive collegiate experience. Academic staff in the school have leadership roles in major national and international research initiatives, including the SFI funded research centers CONNECT (Centre for Future Networks and Communications), CONFIRM (Centre for Smart Manufacturing), Insight (Centre for Data Analytics), LERO (Irish Software Research Centre), and the SFI research spokes BAV (Blended Autonomous Vehicles) and ENABLE (Smart Communities). In addition, school academics lead and host the SFI Centre for Research Training in Advanced Networks for Sustainable Societies and the SFI Centre for Research Training in Artificial Intelligence. The Cork area is home to a cybersecurity cluster of about 25 companies, including multinationals that are well-known for their security products and services, many of whom the School engages with for student internships, research sponsorship and collaboration.

Candidates should apply before 12 noon (Irish Local Time) on Tuesday, 22nd February 2022

Closing date for applications:

Contact: Informal enquiries can be made, in confidence, to the Head of School, Professor Utz Roedig: u.roedig@ucc.ie

Applications must be submitted online via the University College Cork vacancy portal: https://ore.ucc.ie/

More information: https://www.ucc.ie/en/compsci/vacancies/

We are looking for a research associate to join an ambitious project (EnnCore - https://enncore.github.io/) in the space of Secure and Privacy-preserving AI Models.

You will enjoy designing, developing and evaluating novel AI models (deep neural networks) that are privacy-preserving and robust against attacks. The project will involve the continuous interaction with experts in explainable AI and formal software verification. You will also have the opportunity to build, use cases and to collaborate with domain experts in areas such as cancer research and energy trading. You will design, develop and evaluate new models in the context of their accuracy, privacy-protection and robustness. This position may include research on a diverse set of techniques such as federated learning, homomorphic encryption, multiparty computation and adversarial methods.

The post is initially for one year, with the possibility for extensions. Interviews are anticipated to take place a week after the closing date.

You should have a PhD in Computer Science or a closely related field together with a track record of international publications in applied machine learning or secure computation. Examples of fields of interests are:

• Federated Learning
• Homomorphic Encryption
• Secure Multiparty Computation
• Differential Privacy
• Safety Mechanisms in AI Systems
• Adversarial Methods

Closing date for applications:

Contact: Mustafa A. Mustafa: mustafa.mustafa[at]manchester.ac.uk

More information: https://www.jobs.manchester.ac.uk/displayjob.aspx?jobid=21631

We are looking for an Applied Researcher to enhance our research works at SupraOracles. The team is actively researching and developing in the core areas of fault tolerant distributed systems, formal verification, program analysis, interoperable blockchains, and cryptography and applying them in pushing the limits of blockchain technology in terms of scalability and reliability. An ideal candidate brings in his / her expertise from the domains of mathematics, cryptography, formal methods, probability theory to rigorously analyse, reason and solve the challenging problems. This exciting work involves interacting with researchers, building prototypes, experimenting, articulating, designing algorithms and implementing them. We thrive on trust and honesty. We believe in the positive and ethical impacts these cutting-edge technologies in a decentralized environment can make on the world. Your alignment and cultural fitment to these core values and beliefs are of considerable value to us. Responsibilities Studying, comprehending and discussing research papers Theoretical / mathematical and empirical evaluation of the research ideas Implementing prototypes and / or production ready software Lucid and articulate communication via discussions, reports / presentations / papers Are you the right person for this role? The ideal candidate for us has: Masters or PhD in computer science Published papers at top tier peer-reviewed venues in any of the fields of cryptography, distributed systems design, formal methods, algorithms Experience working in a research lab Good familiarity in a couple of programming languages in the list of Java, Rust, GoLang, JavaScript/NodeJS, Solidity (this mainly depends upon the project) Experience in working with GitHub codebases Hands-on experience on open source projects Standard algorithms and data structure knowledge Basic understanding of cryptography and smart contract development Pro-active communication and collaboration abilities with native-level proficiency in written and oral English Preferred: Mathematics background with strong hold on probability modelling and analysis.

Closing date for applications:

Contact: Lee

More information: https://boards.greenhouse.io/supraoracles/jobs/4278334004

In this paper, we present an AES-based authenticated-encryption with associated-data scheme called Rocca, with the purpose to reach the requirements on the speed and security in 6G systems. To achieve ultrafast software implementations, the basic design strategy is to take full advantage of the AES-NI and SIMD instructions as that of the AEGIS family and Tiaoxin-346. Although Jean and Nikolić have generalized the way to construct efficient round functions using only one round of AES (aesenc) and 128-bit XOR operation and have found several efficient candidates, there still seems to exist potential to further improve it regarding speed and state size. In order to minimize the critical path of one round, we remove the case of applying both aesenc and XOR in a cascade way for one round. By introducing a cost-free block permutation in the round function, we are able to search for candidates in a larger space without sacrificing the performance. Consequently, we obtain more efficient constructions with a smaller state size than candidates by Jean and Nikolić. Based on the newly-discovered round function, we carefully design the corresponding AEAD scheme with 256-bit security by taking several reported attacks on the AEGIS family and Tiaxion-346 into account. Our AEAD scheme can reach 178 Gbps which is almost 5 times faster than the AEAD scheme of SNOW-V. Rocca is also much faster than other efficient schemes with 256-bit key length, e.g. AEGIS-256 and AES-256-GCM. As far as we know, Rocca is the first dedicated cryptographic algorithm targeting 6G systems, i.e., 256-bit key length and the speed of more than 100 Gbps.

Payment channel network (PCN), not only improving the transaction throughput of blockchain but also realizing cross-chain payment, is a very promising solution to blockchain scalability problem. Most existing PCN constructions focus on either atomicity or privacy properties. Moreover, they are built on specific scripting features of the underlying blockchain such as HTLC or are tailored to several signature algorithms like ECDSA and Schnorr. In this work, we devise a Generalized Multi-Hop Locks (GMHL) based on adaptor signature and randomizable puzzle, which supports both atomicity and privacy preserving(unlinkability). We instantiate GMHL with a concrete design that relies on a Guillou-Quisquater-based adaptor signature and a novel designed RSA-based randomizable puzzle. Furthermore, we present a generic PCN construction based on GMHL, and formally prove its security in the universal composability framework. This construction only requires the underlying blockchain to perform signature verification, and thus can be applied to various (non-/Turing-complete) blockchains. Finally, we simulate the proposed GMHL instance and compare with other protocols. The results show that our construction is efficient comparable to other constructions while remaining the good functionalities.

Industry 4.0 is all about doing things in a concurrent, secure, and fine-grained manner. IoT edge-sensors and their associated data play a predominant role in today's industry ecosystem. Breaching data or forging source devices after injecting advanced persistent threats (APT) damages the industry owners' money and loss of operators' lives. The existing challenges include APT injection attacks targeting vulnerable edge devices, insecure data transportation, trust inconsistencies among stakeholders, incompliant data storing mechanisms, etc. Edge-servers often suffer because of their lightweight computation capacity to stamp out unauthorized data or instructions, which in essence, makes them exposed to attackers. When attackers target edge servers while transporting data using traditional PKI-rendered trusts, consortium blockchain (CBC) offers proven techniques to transfer and maintain those sensitive data securely. With the recent improvement of edge machine learning, edge devices can filter malicious data at their end which largely motivates us to institute a Blockchain and AI aligned APT detection system. The unique contributions of the paper include efficient APT detection at the edge and transparent recording of the detection history in an immutable blockchain ledger. In line with that, the certificateless data transfer mechanism boost trust among collaborators and ensure an economical and sustainable mechanism after eliminating existing certificate authority. Finally, the edge-compliant storage technique facilitates efficient predictive maintenance. The respective experimental outcomes reveal that the proposed technique outperforms the other competing systems and models.

The need for cross-blockchain interoperability is higher than ever. Today, there exists a plethora of blockchain-based cryptocurrencies, with varying levels of adoption and diverse niche use cases, and yet communication across blockchains is still in its infancy. Despite the vast potential for novel applications in an interoperable ecosystem, cross-chain tools and protocols are few and often limited.

Cross-chain communication requires a trusted third party, as the Fair Exchange problem is reducible to it. However, the decentralised consensus of blockchains can be used as a source of trust, and financial incentives can achieve security. XCLAIM uses these principles to enable collateralised cryptocurrency-backed assets to be created and used. However, full collateralization is inefficient, and to protect against exchange rate fluctuations overcollateralization is necessary. This is a significant barrier to scaling, and as a result, in practice, most systems still employ a centralised architecture.

In this work, we introduce XCC, an extension to the XCLAIM framework which allows for a significant reduction in collateral required. By making use of periodic, timelocked commitments on the backing blockchain, XCC decouples locked collateral from issued CBAs, allowing fractional collateralization without loss of security. We instantiate XCC between Bitcoin and Ethereum to showcase practical feasibility. XCC is compatible with the majority of existing blockchains without modification.