International Association
for Cryptologic Research

The University of Luxembourg seeks to hire an outstanding post-doc in the area of information assurance. The position is in the APSIA (Applied Security and Information Assurance Research) Group. APSIA has around 20 members and is headed by Professor Peter Y.A. Ryan. APSIA specialises in the mathematical foundations of information assurance: the mathematical modelling and analysis of information flows, the design and analysis of cryptographic primitives and protocols (both classical and quantum), secure verifiable voting systems and anonymous marking systems and game-theoretic analysis of non-interference and coercion-resistance. The group has expertise in both the symbolic (formal methods) and the computational (“provable security”) styles of analysis and is investigating the links and synergies between them. The group has also established itself as a leading centre for the socio-technical aspects of security.

2 years extendable up to 5 years

Role

To contribute to the research goals of the group, as outlined above. Expertise outside those listed above, but complementary expertise will also be considered.

Profile

PhD in Computing Science, (Applied) Mathematics, Theoretical Physics or related domain.

Experience in cryptography, information assurance, mathematical modelling will be considered as an advantage

Fluent written and verbal communication skills in English.

A proven interest in information security is essential.

Strong background in mathematics is essential.

Commitment, team spirit and a critical mind.

We offer

The university offers a two year employment that may be extended up to five years. The University offers highly competitive salaries and is an equal opportunity employer. You will work in an exciting international environment and will have the opportunity to participate in the development of a newly created research centre.

Further Information<

The Institute of Technology at the University of Washington Tacoma is seeking applications for multiple full-time lecturer positions for the Computer Science and Systems (CSS) program. These are full-time 9-month renewable positions with an initial appointment term of one year, beginning September 2016. Reappointments after the initial year are from 1-5 years. This position requires a Master’s degree or higher or foreign equivalent in Computer Science or a closely related field. Successful candidates will be expected to commit to high-quality teaching and excellent communication. While our current teaching needs are in the areas of systems (e.g. machine organization, computer architecture, operating systems) and theory-based courses (e.g. data structures, discrete mathematics, algorithms), candidates with teaching interests in other areas, particularly programming and software development, are encouraged to apply as well.

The Institute of Technology at the University of Washington Tacoma is seeking applications for a tenure-track Assistant Professor position for the Computer Science and Systems program. This is a full-time position with a nine-month service period and begins September 2016. A Ph.D. (or foreign equivalent) in Computer Science or related field is required. We are particularly interested in candidates with demonstrated skill in teaching, who can pursue a vigorous research agenda and are familiar with industry practices. Priority areas are software engineering (systems analysis/requirements engineering/testing; secure coding/design for security; data integration; project/program management; and software systems architecture) and distributed systems. Qualified applicants in all areas of computer science will be considered.

Wireless Sensor Networks (WSN) has become more and more important in many applications especially those required a high level of security such as: commercial, military and telemedicine applications. However, security in WSN suffers from several kinds of attacks (ranging between passive and active attacks). Eavesdropping attack remains the most powerful attack, since it has the capability to compromise the confidentiality of the whole packet content. In this context, several solutions and techniques have been presented in the literature, to ensure a secure transmission of packets in a large scale WSN. Unfortunately, many of these solutions failed to meet the main characteristics of WSN (limited energy consumption, low power, large bandwidth), and are considered as not efficient candidates to deal with tiny devices. For this reason, a novel homomorphic lightweight security scheme HLDCA-WSN based on dynamic permutation layer that is performed on a set of packets (denoted by generation) is proposed and discussed in this paper. HLDCA-WSN scheme overcomes passive attacks and ensures a significant reduction of computational complexity, energy cost, and communication overhead. Moreover, the dynamic property of the proposed scheme adds more robustness against traditional and physical attacks. The efficiency of the HLDCA ciphering scheme is demonstrated by an extensive security analysis and

simulation results.

Sharing information to others is common nowadays, but the question is with whom to share. To address this problem, we propose the notion of secret transfer with access structure (STAS). STAS is a two-party computation protocol that enables the server to transfer a secret to a client who satisfies the prescribed access structure.

In this paper, we focus on the case of STAS for threshold access structure, i.e. threshold secret transfer (TST). We also discuss how to replace it with linear secret sharing to make the access structure more expressive. Our proposed TST scheme enables a number of applications including a simple construction of oblivious transfer with threshold access control, and (a variant of) threshold private set intersection (t-PSI), which are the first of their kinds in the literature to the best of our knowledge. Moreover, we show that TST is useful a number of applications such as privacy-preserving matchmaking with interesting features.

The underlying primitive of STAS is a variant of oblivious transfer (OT) which we call OT for sparse array. We provide two constructions which are inspired from state-of-the-art PSI techniques including oblivious polynomial evaluation and garbled Bloom filter (GBF). We implemented the more efficient construction and provide its performance evaluation.

In this article, we propose a method to perform linear algebra on a matrix with nearly sparse properties. More precisely, although we require the main part of the matrix to be sparse, we allow some dense columns with possibly large coefficients. We modify Block Wiedemann algorithm and show that the contribution of these heavy columns can be made negligible compared to the one of the sparse part of the matrix. In particular, this eases the computation of discrete logarithms in medium and high characteristic finite fields, where nearly sparse matrices naturally appear.

Many deployments of secure multi-party computation (MPC) in practice have used information-theoretic three-party protocols that tolerate a single, semi-honest corrupt party, since these protocols enjoy very high efficiency.

We propose a new approach for secure three-party computation (3PC) that improves security while maintaining practical efficiency that is competitive with traditional information-theoretic protocols. Our protocol is based on garbled circuits and provides security against a single, malicious corrupt party. Unlike information-theoretic 3PC protocols, ours uses a constant number of rounds. Our protocol only uses inexpensive symmetric-key cryptography: hash functions, block ciphers, pseudorandom generators (in particular, no oblivious transfers) and has performance that is comparable to that of Yao\'s (semi-honest) 2PC protocol.

We demonstrate the practicality of our protocol with an implementation based on the JustGarble framework of Bellare et al. (S&P 2013). The implementation incorporates various optimizations including the most recent techniques for efficient circuit garbling. We perform experiments on several benchmarking circuits, in different setups. Our experiments confirm that, despite providing a more demanding security guarantee, our protocol has performance comparable to existing information-theoretic 3PC.

Side channel analysis and active fault analysis are

now major threats to even mathematically robust cryptographic

algorithms that are otherwise resistant to classical cryptanalysis.

It is necessary to design suitable countermeasures to protect

cryptographic primitives against such attacks. This paper focuses

on designing encryption schemes that are innately secure against

fault analysis. The paper formally proves that one such design

strategy, namely the use of key-dependent SBoxes, is only

partially secure against DFA. The paper then examines the

fault tolerance of encryption schemes that use a key-independent

secret tweak value for randomization. In particular, the paper

focuses on a linear tweak based and a non-linear tweak based

version of a recently proposed block cipher DRECON. The paper

demonstrates that while both versions are secure against classical

DFA, the non-linear tweak based version provides greater fault

coverage against stronger fault models. This fact, together with

the DPA resistance provided by the use of variable S-Boxes,

makes DRECON a strong candidate for the design of secure

cryptographic primitives. All claims have been validated by

experimental results on a SASEBO GII platform.

Recently, Choi et al. proposed certificateless short signature scheme in random oracle model and the author claims that it is provably secure. Certificateless Public Key Cryptography is a new paradigm, where it allows resolving the inherent key escrow and key management problem. Attack to certificateless signature scheme are of two types as Type-I where the adversary can replace the public key of the user and cannot able to retrieve the master secret key from Key Generator Center (KGC). In Type-II, the adversary can able to obtain the master secret key and cannot replace the public key of the user. In this paper we have proven that, the proposed scheme is not secure against Type-I adversary. To prove, we solve linear Diophantine equation

and obtain the partial-private key of the user.

Multilinear maps have many cryptographic applications.

The first candidate construction of multilinear maps was proposed by

Garg, Gentry, and Halevi (GGH13) in 2013,

and a bit later another candidate was suggested by Coron, Lepoint, and Tibouchi (CLT13) over the integers.

However, both of them turned out to be insecure from so-called zeroizing attack (HJ15, CHL$^+$15).

As a fix of CLT13, Coron, Lepoint, and Tibouchi proposed another candidate of new multilinear maps over the integers (CLT15).

In this paper, we describe an attack against CLT15.

Our attack shares the essence of cryptanalysis of CLT13

and exploits low level encodings of zero as well as other public parameters.

As in the CHL$^+$15, this leads to find all the secret parameters of $\\kappa$-multiliear maps in polynomial time of security parameter.

We extend the searchable symmetric encryption (SSE) protocol of [Cash et al., Crypto\'13] adding support for range, substring, wildcard, and phrase queries, in addition to the Boolean queries supported in the original protocol. Our techniques apply to the basic single-client scenario underlying the common SSE setting as well as to the more complex Multi-Client and Outsourced Symmetric PIR extensions of [Jarecki et al., CCS\'13]. We provide performance information based on our prototype implementation, showing the practicality and scalability of our techniques to very large databases, thus extending the performance results of [Cash et al., NDSS\'14] to these rich and comprehensive query types.

In earlier eighties of XX century A.A.Nechaev has obtained the criterion of full period of a Galois polynomial over primary residue ring modulo power of 2. Also he has obtained necessary conditions of maximal period of the Galois polynomial over such ring in terms of coefficients of this polynomial.

Further A.S.Kuzmin has obtained analogous results for the case of Galois polynomial over primary residue ring of odd characteristic .

Later the first author of this article has carried the criterion of full period of the Galois polynomial over primary residue ring of odd characteristic obtained by A.S.Kuzmin to the case of Galois polynomial over nontrivial Galois ring of odd characteristic.

Using this criterion as a basis we have obtained criterion calling attention to.

This result is an example how to apply results of the previous work of V.N.Tsypyschev in order to construct polynomials of maximal period over nontrivial Galois ring of odd characteristic. During this it is assumed that period of polynomial modulo prime ideal is known and maximal .

The Institute of Technology at the University of Washington Tacoma is seeking applications for a full-time lecturer position for the Information Technology (IT) program, with emphasis on (Server-Side) Web and Database Systems & Administration, Network and System Administration, or Network and System Security. This is a full-time 9-month renewable position with an initial appointment of one year beginning September 2016. This position requires an MS or higher or foreign equivalent in Information Technology, Information Systems, Computer Science, or related field at the time of appointment and industry experience in IT-related areas. The successful candidate will be expected to teach undergraduate fundamental and advanced courses in areas such as Programming, Server-Side Web Programming, Database Systems Design and Administration, Network Administration, System Administration, Network Security, and System Security at the undergraduate level. Candidates with experience in multi-tier web-based database application design, deployment, and administration are encouraged to apply.

The Institute of Technology at the University of Washington Tacoma (UW Tacoma) is seeking a faculty member to join the Institute starting September 2016. Our faculty demonstrate excellence in conducting community-inspired applied research and contribute to the intellectual vibrancy of the university, while teaching rigorous classes at both the undergraduate and graduate levels to prepare students for rewarding careers in computing and engineering professions. Applications are currently being accepted for one tenure-track Assistant Professor in the Information Technology program. This is a full-time position with a 9-month service period. The position requires a Ph.D. (or foreign equivalent) in one of the following domains: Computer Science, Computer Engineering, Electrical Engineering, Systems Engineering, Software Engineering, Information Systems, Information Technology, or a related field. We are seeking candidates with research foci in HCI, cyber security, systems integration, or wireless networks and mobile systems. Outstanding candidates whose research areas complement those of current faculty and those with industry experience and/or demonstrated cross-disciplinary expertise in teaching and research are highly encouraged to apply.

We invite applications for a post-doctoral position in cryptographic currency. The successful candidate will join Dr. Yuliang Zheng’s research group in the Department of Computer and Information Sciences at the University of Alabama at Birmingham, to investigate fundamental theories and technologies that underpin new generations of digital currencies including Bitcoin, Ripple and other cryptocurrencies.

Applicants must have recently completed or be about to complete their PhD degrees in computer science or a related field, and should have a solid understanding of modern cryptography and distributed computing as well as excellent skills in programming for various computing platforms ranging from smartphones and laptop computers to modern servers.

The cryptography group at Temasek Laboratories@Nanyang Technological University is looking for researchers on symmetric key cryptography and lightweight cryptography to fill up to 3 positions of (senior) research scientists from fresh postdocs to senior researchers. Supported by government research fundings, we concentrate on cutting-edge research, candidates are expected to have good publication record, especially those with conferences/workshops of IACR. Besides an active cryptography research group to work with, we also offer globally competitive salaries, including basic monthly salary and performance-based bonus, besides other allowances.

Review of applications will begin immediately and will continue until all positions are filled. Only shortlisted candidates will be contacted for interview.

The applied cryptography group at Horst Görtz Institute for IT-Security (HGI) at Ruhr-University Bochum has openings for Ph.D. positions. We are looking for outstanding candidates with strong background in Computer Science, Mathematics or Engineering.

Our research focus is on practice-oriented provable security. Topics of interest may include (but are not limited to):

- Provable security of cryptographic implementations

- Randomness generation

- Cryptographic protocols (e.g. cryptocurrencies)

Starting date: earliest possible

Send your documents to sebastian (dot) faust (at) rub (dot) de

Applicants are required to have completed (or be close to completing) a Master or Diploma with excellent grades in Computer Science, Mathematics, or closely related areas. Additional knowledge in related disciplines such as, e.g., complexity theory or IT security is welcome.

Please send your application to Sebastian Faust via e-mail. Applications should contain a CV, a 1-page letter of motivation, copies of transcripts and certificates, and (if possible) names of references. Review of applications will start immediately until the position has been filled.

Founded in 2001, the Horst-Görtz Institute at Ruhr-University Bochum is a leading interdisciplinary research center dedicated to research and education covering all aspects of IT security, with an excellent record of research in cryptography. The Horst-Görtz Institute has 15 professors and over 80 PhD students.

Inquiries are invited for externally-funded post-doc and PhD student positions in applied cryptography at NJIT in Newark, NJ, USA. NJIT is a rapidly expanding R1 research university in metro New York City.

The candidate will support research in applied encryption technologies at the NJIT cryptolab. The candidate will oversee the development of a new lattice encryption library written in C++. Experience with C++ and lattice encryption is essential. Experience writing software as part of technical software teams is essential. A PhD in CS, EE, CmpE, Applied Math or a related field is required.

The ideal candidate will have working knowledge of network security and C++ programming. Software engineering, software testing, high-performance computing, computer engineering and parallel programming experience would be beneficial but not critical. The candidate should be able to write and speak clearly. The ideal candidate will also have experience in embedded computing, open-source development, high performance computing and applications of encryption technologies.

The candidates will be supervised by Prof. Kurt Rohloff in the department of computer science at NJIT. The post-doc position can be renewed subject to continued availability of external funding and success in the position.

The Department of Computer Science at the University of California, Santa Cruz invites applications for two tenure track (Assistant Professor) faculty positions; one in cybersecurity and the other in data privacy. We seek outstanding applicants with appropriate expertise, established records, and exceptional potential for research in the area of cybersecurity or data privacy. In cybersecurity, our focus is toward candidates whose work is in applied areas such as information security, networked system security, secure systems, trustworthy computing, and infrastructure and IoT security. In data privacy, we have a preference for candiates who have expertise in information privacy, privacy in data science, and tools and systems for ensuring data privacy. The successful candidates are expected to develop a research program, advise graduate students in their research area, obtain external funding, develop and teach courses within the undergraduate and graduate curriculum, and perform university and professional service. The candidate must be able to work with students, faculty, and staff from a wide range of social and cultural backgrounds. We are especially interested in candidates who can contribute to the diversity and excellence of the academic community through their research, teaching, and/or service.

We are looking for an excellent, motivated, post-doctoral researcher to work in the area of information security and cryptography.

The post-doctoral researcher will join Katerina Mitrokotsa\'s research group, working in the area of information and communication security with a focus on authentication protocols, verifiable delegation of computation, and secure multi-party computation.

The post-doc position is available for one year which will be extended for one more year after a successful review.

The post-doctoral researcher is expected to have a PhD degree and strong background in theoretical computer science and cryptography.