International Association
for Cryptologic Research

Kyber is a candidate in the third round of the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) Standardization. However, because of the protocol's independence assumption, the bound on the decapsulation failure probability resulting from the original analysis is not tight. In this work, we give a rigorous mathematical analysis of the actual failure probability calculation, and provides the Kyber security estimation in reality rather than only in a statistical sense. Our analysis does not make independency assumptions on errors, and is with respect to concrete public keys in reality. Through sample test and experiments, we also illustrate the difference between the actual failure probability and the result given in the proposal of Kyber. The experiments show that, for Kyber-512 and 768, the failure probability resulting from the original paper is relatively conservative, but for Kyber-1024, the failure probability of some public keys is worse than claimed. This failure probability calculation for concrete public keys can also guide the selection of public keys in the actual application scenarios. What's more, we measure the gap between the upper bound of the failure probability and the actual failure probability, then give a tight estimate. Our work can also re-evaluate the traditional $1-\delta$ correctness in the literature, which will help re-evaluate some candidates' security in NIST post-quantum cryptographic standardization.

With the rapid growth of the blockchain market, privacy and security issues for digital assets are becoming more and more important. In the most widely used public blockchains such as Bitcoin and Ethereum, all activities on user accounts are publicly disclosed and also violate privacy regulations such as EU GDPR. Encryption of accounts and transactions may protect privacy, but it also raises issues of validity and transparency: encrypted information alone cannot verify the validity of a transaction and makes it difficult to meet antimoney laundering, i.e. auditability.

To solve the above problem, we propose an auditable zero-knowledge transfer framework called Azeroth. Azeroth connects a zero-knowledge proof for an encrypted transaction, enabling to check its validation while protecting its privacy. Azeroth also allows authorized auditors to audit transactions. Azeroth is designed as a smart contract for flexible deployment on top of an existing blockchain. According to the result of our experiment, the additional time required to generate a proof is about 901ms.The security of Azeroth is formally proven under the cryptographic assumptions.

Event date: 23 August to 26 August 2022
Submission deadline: 6 March 2022
Notification: 16 May 2022

Event date: to
Submission deadline: 23 November 2022
Notification: 23 January 2023

Event date: to
Submission deadline: 1 September 2022
Notification: 1 November 2022

Event date: to
Submission deadline: 1 June 2022
Notification: 1 August 2022

Event date: to
Submission deadline: 1 June 2022
Notification: 1 August 2022

Event date: to
Submission deadline: 1 March 2022
Notification: 1 May 2022

We have a vacancy for a Postdoctoral Fellow in Fully Homomorphic Encryption (FHE) at IIK. The first year of the position is funded by Intel and we will work in collaboration with our partners there, our main point of contact being Flavio Bergamaschi. The project leader on the NTNU side is Dr. Anamaria Costache. The project, has two main deliverable goals. The first one is cryptanalysis of existing schemes, and the second one is developing a framework to assess the threat model while deploying an HE solution.

Closing date for applications:

Contact: Anamaria Costache

More information: https://www.jobbnorge.no/en/available-jobs/job/221390/postdoctoral-fellow-in-fully-homomorphic-encryption#?p=1

Panther Protocol is building an end-to-end privacy protocol for digital assets (zAssets), which can be deployed in a compliant way on any public blockchain. We have ambitious plans to provide financial privacy and give economic freedom to people and institutions, in a compliant way. We are looking to expand our team with extraordinary individuals who share our core values in financial privacy and freedom. Successful applicants will join an experienced and dynamic international team with a cumulative experience of 46 years in the Blockchain industry, 66 years in Finance, and 40+ years in Cryptography. You can read more about the project on our website: https://pantherprotocol.io/ We are recruiting an Applied Mathematician that will work closely with our CTO, Game Theorist and the larger team consisting of Researchers and Software Developers. Work with the team on interesting problems and implementing solutions from published papers for the areas that we work on - DeFi , Game Theory and Blockchain using C/Rust or other programming language.

Closing date for applications:

Contact: Martin Raeburn

More information: https://apply.workable.com/panther-protocol/j/8C5930FE61/

The Institute of Information Security at University of Stuttgart offers

fully-funded Postdoc and PhD positions in formal verification.

Successful candidates are expected to carry out research on tool-supported formal verification methods for security-critical systems and security protocols in our new REPROSEC initiative (https://reprosec.org/). See, e.g., our work at ACM CCS 2021 and EuroS&P 2021 on DY*.

The positions are available immediately with an internationally competitive salary, ranging from about 4.000 Euro to 6.200 Euro monthly gross salary. The employment periods are between one and six years, following the German Wissenschaftszeitvertragsgesetz (WissZeitVg).

The Institute of Information Security offers a creative international environment for top-level international research in Germany's high-tech region.

You should have a Master's degree or a Ph.D. (or should be very close to completion thereof) in Computer Science, Mathematics, Cyber Security, or a related field. We value excellent analytical skills and

• solid knowledge of logic, proofs and/or formal verification techniques (Theorem Proving, Type Checking, etc.), and
• solid programming experience.

Knowledge in cryptography/security is not required, but a plus. Knowledge of German is not required.

See https://www.sec.uni-stuttgart.de/institute/job-openings/ for the official job announcement and details of how to apply.

The deadline for applications is

March 13th, 2022.

Late applications will be considered until the positions are filled.

Closing date for applications:

Contact: Prof. Ralf Küsters

University of Stuttgart, Institute of Information Security ralf.kuesters@sec.uni-stuttgat.de

More information: htttps://sec.uni-stuttgart.de

One Ph.D. position opening, focusing on homomorphic encryption and related neural network accelerator design, at Dr. Jiafeng Harvest Xie's Security and Cryptography (SAC) Lab (https://www.ece.villanova.edu/~jxie02/lab/) in Department of Electrical and Computer Engineering, Villanova University, Villanova, PA, USA.

Villanova University ranks #49 National Universities in the USA. The campus is located at Villanova, Pennsylvania (west suburban of Philadelphia). Famous alumni include the current First Lady of the USA!

The neighborhood around campus is quiet and safe and is regarded as the most comfortable area in Philadelphia. Currently, all our students are working from home with on-campus optional.

Requirements: Preferred to be in the majors of CE/CS/EE. Applied Mathematics/Cryptography related majors are also good!

Proficiency in both speaking and writing of English.

Skillful in programming Languages such as VHDL/Verilog, C/C++, Python. FPGA-based experience is a desirable plus. Great enthusiasm for doing research-oriented tasks. Excellent teamwork member.

Degree: both BS and MS graduates are welcome to apply.

Deadline: better to start in Fall 2022 (Summer 2022 is also ok). The position is open until it is filled.

The lab atmosphere is peaceful and harmonious. Advisor and senior Ph.D. student will guide you to get started and you will not be fighting alone!!!

Email: jiafeng.xie@villanova.edu

Closing date for applications:

Contact: Jiafeng Harvest Xie

More information: https://www.ece.villanova.edu/~jxie02/lab/

At the Department of Computer Science which is part of the Faculty of Computer Science, Electrical Engineering and Mathematics this PostDoc position is to be filled in the working group Codes and Cryptography. It's a full-time position in the field of post-quantum cryptography, available immediately and with a flexible start date.

The position is limited to a period of 3 years.

Your tasks:

• Research in the field of post-quantum cryptography

• Teaching to the extent of 4 hours a week

• Participation in the Department of Computer Science

Your profile:

• Doctorate degree in the field of cryptography

• Expertise in one of these areas: post-quantum cryptography, lattice-based cryptography

• Experience in the field of quantum algorithms or quantum complexity is an advantage

If you are interested, please send an email including your detailed CV and a list of publications to bloemer@upb.de. Applications will be reviewed continuously until the position is filled.

Closing date for applications:

Contact: Prof. Dr. Johannes Blömer (bloemer@upb.de)

More information: https://cs.uni-paderborn.de/en/cuk-1/research

Do you have a Master/PhD, research or coding experience in the area of Applied Cryptology? Do you want to design, code and co-invent the next generation of Distributed Systems protocols?
At QPQ, we are building the Internet of Economics, a new approach to a compliant and regulated financial systems infrastructure. Join a team of mathematicians, computer scientists, engineers and self-taught individuals. We give you
- A stimulating, Socratic intellectual environment. As Socratic implies, we want you to have a voice. We do not recruit brilliant people to put them in boxes, we recruit brilliant people so they can push the horizons even further
- Hybrid office approach – we have been a distributed workforce from the start. This role is centred around our European axis, so we expect you to live within +/- 2 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures
- Competitive salary, travel expense budget and many opportunities to participate in the company’s growth
Responsibilities:
- Perform research and engineering on cryptographic protocols
- Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations
Requirements:
- Master or Ph.D. in cryptography or a closely related field
- Be able to prototype protocols/schemes/algorithms in at least one relevant programming language
- Have a thorough approach and be committed to high quality output
- Be eager to learn new topics and tools, proactive, self-driven approach and problem-solving mindset
- Good communication and collaboration skills
- Able to proactively identify which activities can benefit the project the most in the shortest period of time, communicate, and execute on their ideas without needing to be micromanaged
- Full-time availability with flexible working hours
- Nice to be familiar with blockchain, DeFi space and general understanding of full-stack system architecture
- Nice to have knowledge of zk proof systems

Closing date for applications:

Contact: Apply as soon as possible with a CV, a video, or anything that will showcase your abilities. Person in contact: Emanuele Ragnoli (eragnoli@qpq.io)

We are building the Internet of Economics, a new approach to a compliant and regulated financial systems infrastructure. Join a team of mathematicians, computer scientists, engineers and self-taught individuals. What do we give you?
• A stimulating, Socratic intellectual environment. As Socratic implies, we want you to have a voice. We do not recruit brilliant people to put them in boxes, we recruit brilliant people, so they can push the horizons even further
• Hybrid office approach. This role is centred around our European axis, so we expect you to live within +/- 2 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures
• Competitive salary, travel expense budget and many opportunities to participate in the company’s growth
Responsibilities:
- Perform research and engineering on cryptographic protocols;- Have a leading role in the cryptography team in defining and applying protocols
- Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations
Requirements:
- Master or Ph.D./Multi-year working experience in cryptography or a closely related field
- Knowledge of modern cryptographic primitives
- Be able to prototype protocols/schemes/algorithms in at least one relevant programming language
- Be familiar with the blockchain and DeFi space
- General understanding of full-stack system architecture
- Have a thorough approach and be committed to high quality output. Have prior research/code already published in the space
- Excellent communication and collaboration skills
- Be eager to learn new topics and tools, proactive, self-driven approach and problem-solving mindset
- Able to proactively identify which activities can benefit the project the most in the shortest period of time, communicate, and execute on their ideas without needing to be micromanaged
- Full-time availability with flexible working hours
- Nice to have knowledge of modern, efficient zk-proofs

Closing date for applications:

Contact: Apply as soon as possible with a CV, a video, or anything that will showcase your abilities. Person in contact: Emanuele Ragnoli (eragnoli@qpq.io)

The University of Birmingham’s Centre for Cyber Security and Privacy is looking for a research fellow (postdoc) to work on our EPSRC-funded project "CAP-TEE: Capability Architectures in Trusted Execution".

In this project, we use capability architectures (as e.g. developed by the CHERI project) to protect trusted execution against such state-of-the-art attacks. We address a wide range of threats from software vulnerabilities such as buffer overflows to hardware attacks like fault injection and side-channel analysis. CAP-TEE provides a strong, open-source basis for the future generation of more secure TEEs.

Applicants should have a PhD, or be close to completing a PhD, in a relevant subject (security, crypto, electrical engineering, maths, etc.). We also consider non-PhD applicants with strong industry experience. We expect experience in writing system-level or low-level code in programming languages such as C, C++, or Rust. Skills in other relevant areas, e.g. FPGA development, side-channel attacks, or binary analysis/exploitation, are desirable.

Please contact David Oswald (d.f.oswald@bham.ac.uk) for informal enquiries. You can apply online until 25 March 2022: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=2200004N&tz=GMT%2B00%3A00&tzname=Europe%2FLondon

Closing date for applications:

Contact: David Oswald
d.f.oswald@bham.ac.uk
https://www.cs.bham.ac.uk/~oswalddf/

More information: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=2200004N&tz=GMT%2B00%3A00&tzname=Europe%2FLondon

We are looking for an “R&D researcher Crypto & Privacy” to reinforce our Worldline’s “Trust & Intelligence” Labs team. The Worldline Labs team provides cross functional Research and Development activity for all business units on new IT technologies and their potential value for our Worldline products and offers. The department ensures a first level of technology monitoring and collaborates with academic labs, industrial partners, start-ups and Worldline business lines on innovative projects at country or European level. Your day-to-day responsibilities include: • Select and refine privacy preserving technologies (stay on top of the state-of-the art and experiment with them) • Handling subject as Privacy-preserving Payment, Identity, Machine Learning and Data collaboration missions • Actively support our innovation teams requiring cryptographic solutions • You manage the Biometrics in-shop, IoT decentralized identity and Quantum-safe signatures • Support our Web 3.0 | DLT research with its strong cryptographic foundations • Contribute to the Privacy preserving DLT, anonymous auctions and SSID • Present the value of the technologies you explore to internal and external audiences Skills we can’t do without: • Graduate degree in engineering or Master background in cryptography, mathematics or IT fields. • Confirmed experience (3-4 years) in cryptography or privacy preservation (applied or research oriented), blockchain is a plus. • Proficiency in English is required. French knowledge is a plus. • You are known for you autonomous, ambitious, analytical, business-minded and inventive approach. • Being able to integrate in a diverse team of researchers, engineers and innovators. • Outstanding interpersonal skills, assure support and collaborate with product and customer teams • Several location possible: Paris, Seclin, Blois, Tours, Lyon, Brussels (BE)

Closing date for applications:

Contact: Bianka Kozma

More information: https://performancemanager.successfactors.eu/sf/jobreqpvt?jobId=238453&company=Worldline&st=C933D80914D042FC427C16CDE1126B7032792DE8

Event date: 13 November to 16 November 2022

The algebraic group model (AGM), proposed by Fuchsbauer, Kiltz and Loss (CRYPTO 2018) has received huge attention. One of the most appealing properties of the AGM, is that, the hardness of security games in the generic group model (GGM) can be transferred via a generic reduction in the AGM. More concretely, for any two security games, G and H, if there exists a generic reduction from H to G in the AGM, and H is hard in the GGM, then G is also hard in the GGM.

In this work, we analyze the relationship between the AGM and Shoup’s GGM (Eurocrypt 1997) and give evidence that:

• hardness of security games in Shoup’s GGM cannot be transferred via a generic reduction in the AGM;

• the AGM and Shoup’s GGM are incomparable.

In the wake of the Covid-19 pandemic, countries and organizations started looking towards technology to curb the spread of the disease, for instance, conducting contact tracing with smartphones. Many contact tracing applications are on the market, built on different technology, such as Bluetooth, GPS, Sound, and QR code scanning systems. The use of sound is an area that has potential for further exploration; currently, only NOVID is utilizing this technology. On top of that, there is a need for a decentralized backend solution that is both public and auditable to address data manipulation concerns. One of the possible solutions is using a blockchain as the backend for the system. We propose a blockchain-based contact tracing solution that uses sound and Bluetooth to detect proximity. Our proposed solution uses blockchain as the backend of the system for decentralized storage of contact tracing data. In the proposed system, close contact is established if both Bluetooth and sound are detected between the communicating devices. The practicality of the proposed scheme is assessed by a performance evaluation of the proximity detection system and a proof-of-concept of the blockchain backend. The results show that the sound-amplitude based distance measurement can estimate whether an encounter is a close contact (within 3 meters) using a ‘threshold’ of the amplitude. The use of sound amplitude eliminates situations where the usage of only Bluetooth would show false positives. The proposed approach is the first work that integrates Blockchain, Bluetooth and sound amplitude for proximity detection to the best of our knowledge. Overall, the system shows promising results in distance estimation than if only a Bluetooth implementation is used.