International Association
for Cryptologic Research

Today, resistance to physical defaults is a necessary criterion for masking schemes. In this context, the focus has long been on designing masking schemes guaranteeing security in the presence of glitches. Sadly, immunity against glitches increases latency as registers must stop the glitch propagation. Previous works could reduce the latency by removing register stages but only by impractically increasing the circuit area. Nevertheless, some relatively new attempts avoid glitches by applying DRP logic styles. Promising works in this area include LMDPL, SESYM - both presented at CHES - and Self-Timed Masking - presented at CARDIS - enabling to mask arbitrary circuits with only one cycle latency. However, even if glitches no longer occur, there are other physical defaults that may violate the security of a masked circuit. Imbalanced delay of dual rails is a known problem for the security of DRP logic styles such as WDDL but not covered in formal security models. In this work, we fill the gap by presenting the delay-extended probing security model, a generalization of the popular glitch-extended probing model, covering imbalanced delays. We emphasize the importance of such a model by a formal and practical security analysis of LMDPL, SESYM, and Self-Timed Masking. While we formally prove the delay-extended security of LMDPL and Self-Timed Masking, we show that SESYM fails to provide security under our defined security model what causes detectable leakage through experimental evaluations. Hence, as the message of this work, avoiding glitches in combination with d-probing security is not enough to guarantee physical security in practice.

A decisive contribution to the all-embracing protection of cryptographic software, especially on embedded devices, is the protection against SCA attacks. Masking countermeasures can usually be integrated into the software during the design phase. In theory, this should provide reliable protection against such physical attacks. However, the correct application of masking is a non-trivial task which often causes even experts to make mistakes. In addition to human-caused errors, micro-architectural CPU effects can lead even a seemingly theoretically correct implementation to fail satisfying the desired level of security in practice. This originates from different components of the underlying CPU which complicates the tracing of leakage back to a particular source and hence avoids to make general and device-independent statements about its security. In this work, we adapt PROLEAD for the evaluation of masked software, which has recently been presented at CHES 2022 and originally developed as a simulation-based tool to evaluate masked hardware designs. We enable to transfer the already known benefits of PROLEAD into the software world. These include (1) evaluation of larger designs compared to the state of the art, e.g. a full AES masked implementation, and (2) formal verification under the well-established robust probing security model. In short, together with an abstraction model for the micro-architecture, the robust probing model allows us to efficiently detect micro-architectural leakages while being independent of a concrete CPU design. As a concrete result, using PROLEAD_SW we evaluated the security of several publicly available masked software implementations and revealed multiple vulnerabilities.

In this note we explain how to compute $n$ KZG proofs for a polynomial of degree $d$ in time superlinear of $(t+d)$. Our technique is used in lookup arguments and vector commitment schemes.

The applicability of lattice reduction to a wide variety of cryptographic situations makes it an important part of the cryptanalyst's toolbox. Despite this, the construction of lattices and use of lattice reduction algorithms for cryptanalysis continue to be somewhat difficult to understand for beginners. This tutorial aims to be a gentle but detailed introduction to lattice-based cryptanalysis targeted towards the novice cryptanalyst with little to no background in lattices. We explain some popular attacks through a conceptual model that simplifies the various components of a lattice attack.

We are looking for bright and motivated PhD students to work in the topics of information security and cryptography.

The students are expected to work on topics that include security and privacy issues in authentication. More precisely, the students will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.

Key Responsibilities:

• Perform exciting and challenging research in the domain of information security and cryptography.
• Support and assist in teaching computer security and cryptography courses.

Profile:

• The PhD students are expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
• Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
• Excellent programming skills.
• Excellent written and verbal communication skills in English

The Chair of Cyber Security, https://cybersecurity.unisg.ch/, is a part of the Institute of Computer Science (ICS) at the University of St.Gallen. The chair was established in autumn semester 2020 and is led by Prof. Dr. Katerina Mitrokotsa. Our research interests are centered around information security and applied cryptography, with the larger goal of safeguarding communications and providing strong privacy guarantees. We are currently active in multiple areas including the design of provably secure cryptographic protocols and cryptographic primitives that can be employed for reliable authentication, outsourcing computations in cloud-assisted settings, network security problems as well as secure and privacy-preserving machine learning. As a doctoral student you will be a part of the Doctoral School of Computer Science (DCS), https://dcs.unisg.ch.

Please apply asap.

Closing date for applications:

Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)

More information: https://jobs.unisg.ch/offene-stellen/funded-phd-student-in-applied-cryptography-privacy-preserving-biometric-authentication-m-f-d/e7a9e90b-02cd-45d0-ad4f-fc02131eaf86

We are looking for an excellent, motivated, post-doctoral researcher to work in the area of information security and cryptography. The post-doctoral researcher will join Katerina Mitrokotsa's research group (Chair of Cyber Security), working in the area of information and communication security with a focus on authentication protocols, verifiable delegation of computation, and secure multi-party computation. The position is available for one plus one year after a successful review evaluation.

Key Responsibilities:

• The post-doctoral fellow is expected to perform exciting and challenging research in the area of information security and cryptography including the design of provably secure cryptographic protocols.
• The post-doctoral fellow shall be involved in the supervision of PhD and master students

Your profile:

• The post-doctoral researcher is expected to have a PhD degree in Computer Science, Engineering or Mathematics and a strong background in theoretical computer science and cryptography
• Have an excellent publication record in top venues Competitive research record in cryptography or information security
• Strong mathematical and algorithmic CS background
• Good skills in programming is beneficial
• Excellent written and verbal communication skills in English

The Chair of Cyber Security, is a part of the Institute of Computer Science (ICS) at the University of St. Gallen. The chair was established in autumn semester 2020 and is led by Prof. Dr. Katerina Mitrokotsa. Our research interests are centered around information security and applied cryptography, with the larger goal of safeguarding communications and providing strong privacy guarantees. We are currently active in multiple areas including the design of provably secure cryptographic protocols and cryptographic primitives that can be employed for reliable authentication, outsourcing computations in cloud-assisted settings, network security problems as well as secure and privacy-preserving machine learning.

Please apply asap.

Closing date for applications:

Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)

More information: https://jobs.unisg.ch/offene-stellen/postdoc-fellow-in-cryptography-information-security-m-w-d/c35410fb-40bb-41f2-b298-8be150d8f9b6

Event date: 2 July to 8 July 2023
Submission deadline: 12 February 2023
Notification: 2 April 2023

Event date: 5 July to 7 July 2023
Submission deadline: 7 February 2023
Notification: 15 April 2023

Event date: 18 November to 20 November 2023
Submission deadline: 30 March 2023
Notification: 10 June 2023

Event date: 19 June to 22 June 2023
Submission deadline: 9 March 2023
Notification: 19 April 2023

Quantstamp, the leader in Web3 security, is looking for an applied cryptographer. We are looking for professionals that are able to understand existing cryptographic protocols, as well as adapt them to specific requirements.

Technical Skills

• Our ideal candidate knows at least one zk-SNARK/zk-STARK proof system, or has a strong enough technical background to understand one (and this should have some direct connection to cryptography).
• Ability to code and develop software. You should have experience with at least one major language, like Python, Java, or C; the exact language is not too important.
• You should be familiar with versioning software (specifically, GitHub), testing, and a familiarity with algorithms and data structures. 
• Ability to read and interpret academic papers
• Ability to communicate ideas

Why Quantstamp?

• Compensation package and perks on par with Big Tech
• Remote-first company (work from anywhere in the world)
• Quarterly retreats in exotic locations

Curious about us?
Check us out: https://www.youtube.com/watch?v=IxqAlOJ7V3o

Closing date for applications:

Contact: Leonardo Passos, Hiring Manager

More information: https://jobs.ashbyhq.com/quantstamp/6ae4fc70-98bb-42e1-9f24-c40e7af441cc

Applications are invited for a Post-Doctoral Research Fellow position to conduct research into the design and implementation of practical, robust and physically secure post-quantum cryptographic architectures. This research is part of the EPSRC Quantum Communications Hub project. Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline and a PhD, or expect, within 6 months, to obtain a PhD, in a relevant subject. Applicants should have at least 3 years relevant research experience in one or more of the following: embedded systems design; FPGA or ASIC hardware design; expertise in post-quantum cryptography. Evidence of a strong publication record commensurate with career stage and experience is also essential.

Closing date for applications:

Contact: Ciara Rafferty

More information: https://www.qub.ac.uk/sites/QUBJobVacancies/ResearchJobs/

Michael Backes (https://cispa.de/en/people/backes) and Yang Zhang (https://yangzhangalmo.github.io/) at CISPA Helmholtz Center for Information Security (https://cispa.de/en) are looking for multiple fully-funded Ph.D. students and Post-Docs working on

• Trustworthy machine learning
• Online misinformation

CISPA is one of the world-leading research institutes concentrating on information security and privacy. It is constantly ranked top-1 in the field worldwide, see, e.g., CSrankings.org:  (http://csrankings.org/#/index?sec&world). Located in Saarbruecken, Germany, CISPA is the newest member of the Helmholtz Association (https://www.helmholtz.de/en/), the largest scientific organization in Germany fully committed to scientific excellence and to tackling the grand research challenges in their respective fields. The working language of CISPA is English and knowledge of German is not required.

Requirements:

• A bachelor/master degree in Computer Science, Information Security, or Mathematics
• Excellent English (knowledge of German is not required)
• Excellent programming skills
• Good knowledge about machine learning/data mining

What we offer:

• Full-time working contract (12-month E13-level salary, ~2,500 euros per month)
• Excellent research environment
• Strong supervision
• World-class collaborations

To apply, please send your CV to Yang Zhang (zhang@cispa.de)

Closing date for applications:

Contact: Yang Zhang

The Complex Cyber Infrastructure (CCI) group of the University of Amsterdam is looking for an ambitious researcher in the broad area of security and privacy, to further strengthen our research and education in this field. Depending on qualifications and experience, the new colleague will be employed either as Assistant Professor or as Associate Professor.

Closing date for applications:

Contact: Zoltan Mann (z.a.mann at uva.nl)

More information: https://vacatures.uva.nl/UvA/job/Assistant-or-Associate-Professor-in-Security-and-Privacy/761330802/

The University of Innsbruck, located in the heart of the alps, has a tenure track opportunity in the field of cryptography.

The Department of Computer Science is looking for an ambitious researcher to build a bridge between the interdisciplinary approach taken by its Security & Privacy Lab and theoretical research groups, like Computational Logic and Theoretical Computer Science. Research activities would focus on producing evidence on the security or privacy of cryptographic systems covering theory and/or implementation. The individual should be comfortable teaching multiple approaches to cryptography. The ideal candidate would build a research group on cryptography in the course of the tenure process, the details of which are negotiated in the first year of employment as routinely done in the Austrian academic system.

Tyrol, Austria is one of the most livable places in Europe with world-class healthcare, excellent social security, and free education from kindergarden to university.

Applications are due on 7 March 2023. Follow the link above for more details.

Closing date for applications:

Contact: Rainer Böhme -- rainer.boehme at uibk.ac.at

More information: https://informationsecurity.uibk.ac.at/pdfs/vacancy_cryptography_2023.pdf

We are looking for a German-speaking

Head of Cryptology Unit (m/f/d)

in the middle of Germany starting at the earliest possible date.

The most important resource for the Cyberagentur are satisfied, motivated and hard-working employees. Our goal is to offer an inspiring and creative environment in a great team. Our mission is to identify tomorrow’s topics in cyber security and related key technologies. We fund and supervise exciting and outstanding research projects. By doing so, we support Germany’s future technological leadership as well as the nation’s digital sovereignty.

Modern cryptographic methods are essential building blocks of the cyber security for tomorrow and beyond. At the Cyberagentur, you will work on current topics such as encrypted computing, zero trust and holistic authentication. With your team, you will accompany attractive calls for tenders in the field of cryptology research, be an essential part of the evaluation of research projects, and accompany commissioned research projects from initiation to completion, thus ensuring the quality and usability of the results. Internally, you will contribute to our knowledge management in this domain. Furthermore, you will take appropriate measures to ensure that Germany remains an attractive location for research in cryptology.

Have we aroused your interest? Then apply now!

You can find the exact details of the position in German on our career page.

Closing date for applications:

Contact: Matthias Strauß

Head of HR

More information: https://app.connectoor.de/jobview?jobid=62d93ff0ddb2330e1d8b456e

We are looking for a German-speaking

Research Officer Cryptology (m/f/d)

in the middle of Germany starting at the earliest possible date.

The most important resource for the Cyberagentur are satisfied, motivated and hard-working employees. Our goal is to offer an inspiring and creative environment in a great team. Our mission is to identify tomorrow’s topics in cyber security and related key technologies. We fund and supervise exciting and outstanding research projects. By doing so, we support Germany’s future technological leadership as well as the nation’s digital sovereignty.

Modern cryptographic methods are essential building blocks of the cyber security for tomorrow and beyond. At the Cyberagentur, you will work on current topics such as encrypted computing, zero trust and holistic authentication. With your team, you will accompany attractive calls for tenders in the field of cryptology research, be an essential part of the evaluation of research projects, and accompany commissioned research projects from initiation to completion, thus ensuring the quality and usability of the results. Internally, you will contribute to our knowledge management in this domain. Furthermore, you will take appropriate measures to ensure that Germany remains an attractive location for research in cryptology.

Have we aroused your interest? Then apply now!

You can find the details of the position in German on our career page.

Closing date for applications:

Contact: Matthias Strauß

Head of HR

More information: https://app.connectoor.de/jobview?jobid=62d506deddb233fc338b4579

Assistant Professor- Cyber Security Job Description The School of Informatics Computing and Cyber Systems at Northern Arizona University seeks a Tenure Track faculty member in the discipline of Cyber Security, with specialization in cryptography, blockchains, or related software-based cybersecurity areas. This faculty member will teach undergraduate and graduate courses in cybersecurity and related computer science topics along with special topics in their area of research expertise, will mentor MS and PhD students, and should demonstrate a commitment to Diversity, Equity, Inclusion and Justice (DEIJ) through their research and scholastic activities. This faculty member will have the opportunity to closely collaborate within SICCS with world-class researchers studying informatics, data science, ecology, health, cybersecurity, autonomous vehicles, remote sensing, power systems, networks, and sensors, among other topics. SICCS and NAU have robust hardware- and software-based cybersecurity research programs, providing substantial collaborative opportunities. The State of Arizona is a world-class hub for the software industry, with many opportunities for industry engagement in the region. Minimum Qualifications Minimum qualifications include an earned doctoral (Ph.D. or Sc.D.) degree in Computer Science, Cybersecurity or a closely related area before the appointment. Salary Commensurate with experience. Submission Deadline This vacancy will be open until filled or closed. Review of applications will begin on January 19, 2023. Equal Employment Opportunity Northern Arizona University is a committed Equal Opportunity/Affirmative Action Institution. Women, minorities, veterans and individuals with disabilities are encouraged to apply. NAU is responsive to the needs of dual career couples. For more information, and to apply, please visit: https://apptrkr.com/3778561

Closing date for applications:

Contact: Human Resources

More information: https://apptrkr.com/3778561

Are you excited about fundamental questions in quantum information science? Would you like to join the world-leading group of researchers at QuSoft in Amsterdam? We have various open positions for fully funded PhD and PostDoc candidates in the groups of:

• Stacey Jeffery (quantum computing and theoretical computer science);
• Ludovico Lami (quantum resources and entanglement theory);
• John van de Wetering (quantum circuit compilation);
• Christian Schaffner (key management in quantum networks, quantum-safe cryptography)

Applications received by 15 January 2023 will receive full consideration. For full details on the positions and how to apply, see

• https://vacatures.uva.nl/UvA/job/QuSoft-PhD/761215402/
• https://vacatures.uva.nl/UvA/job/PhD-in-Quantum-Safe-Cryptography/748964602/
• https://vacatures.uva.nl/UvA/job/QuSoft-PostDoc/761748202/

PhD: your salary will range between €2,541 in the first year to €3,247 gross per month in the last year of employment. A Master’s degree is required. PostDoc: your salary will range between € 2,960 and € 4,670 gross per month, depending on relevant experience.

In either case, these figures are based on a full working week of 38 hours. They do not include the 8% holiday allowance and the 8,3% year-end allowance the UvA offers. A favourable tax agreement, the ‘30% ruling’, may apply to non-Dutch applicants.

Closing date for applications:

Contact: Christian Schaffner

More information: https://qusoft.org/qusoft-vacancies/

Visa Research is a growing group within Visa. We are located in the Palo Alto. The team itself is highly collaborative, working together not only on projects and research but also known to go hiking and have lunch together. 

Currently, we focus on building research teams in key areas: Data Analytics, Cryptography, and Future of Payment(Blockchain), and Artificial Intelligence. We are looking for outstanding researcher interns as part of the growing team! 

Visa Research’s goal of security is to enable policy-enforced, full lifecycle protection for data at rest, in transit and during computation for all payment-related scenarios. We accomplish this through fundamental and applied research in the areas of security and cryptography.

The internship will focus on developing new and impactful research in the chosen area. You will work closely with our team members to define and solve a state of the art research problem. In most cases, the final deliverable will be a research publication at a top-tier conference. Candidates should have a strong publication record and be able to perform research in both a group and self-guided setting.

Specific areas of interest include but not limited to:

• Secure Multiparty Computation
• Post Quantum Cryptography
• Quantum Cryptography
• Zero Knowledge Proofs
• Blockchain & Consenous Protocols

Closing date for applications:

Contact: Peter Rindal perindal@visa.com

More information: https://jobs.smartrecruiters.com/Visa/743999874588501-intern-visa-research-phd-