IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
10 May 2016
Wacław Banasik, Stefan Dziembowski, Daniel Malinowski
Motivated by this, we address the following question: ``is it possible to create non-trivial efficient smart contracts using the standard transactions only?'' We answer this question affirmatively, by constructing efficient Zero-Knowledge Contingent Payment protocol for a large class of NP-relations. This includes the relations for which efficient sigma protocols exist. In particular, our protocol can be used to sell a factorization $(p,q)$ of an RSA modulus $n=pq$, which is an example that we implemented and tested its efficiency in practice.
As another example of the ``smart contract without scripts'' we show how our techniques can be used to implement the contract called ``trading across chains''.
Maryam Rajabzadeh Asaar, Mahmoud Salmasizadeh, Mohammad Reza Aref
09 May 2016
CableLabs
The program will run for two months in Louisville, Colorado. Researchers will be paid as consultants for the duration of their project and will receive relocation compensation for their extended stay. Researchers are to submit their CV or resume and a brief research proposal outlining the problem they want to research, their method and approach, and modest resource requirements to conduct the work. While the format and structure of proposals is left to the imagination of candidates, Dr. Karen Kelsky describes an excellent approach to compiling research proposals on her blog at http://theprofessorisin.com/2011/07/05/dr-karens-foolproof-grant-template/. The program will culminate with presentations to a panel at a special session at the CableLabs Summer Conference where findings will be presented.
Accepted proposals will be notified in early June. Participants will be given two to three weeks to arrive in Louisville and will be provided an orientation and experts to help you understand how your research applies to the cable industry. A mentor will support the researcher, but work must be conducted independently. All research will be novel; reworking previously conducted research is not acceptable.
Closing date for applications: 31 August 2016
Contact: Steve Goeringer
More information: https://www.smartrecruiters.com/CableLabs/92009588-software-cryptographic-researcher
Hong Kong Applied Science and Technology Research Institute
•Lead the team to conduct research and development projects in the area of cyber security.
•Lead and develop cyber threat intelligence and defense technologies.
•Transfer knowledge to relevant domains and/or partners for product realization and commercialization.
•To study new security threats and cloud computing security.
•To perform security review and assessment on information security and e-commerce systems.
Key Requirements:
•PhD/Master’s Degree in Computer Science, Computer Engineering, Electronic Engineering, Information Engineering or related discipline.
•10+ years experience in hands-on R&D projects, especially on software system.
•5+ years in planning, organizing, leading and implementing novel R&D projects, especially on information security and data analytics related areas.
•Sound knowledge of OS security and virtualization security.
•Experience in financial technologies such as algorithm trading, blockchain, etc. is a big plus.
•Strong interpersonal and communications skills.
•Good team player and passionate about producing quality software and enhancing user experience.
•Good command of both written and spoken English and Chinese.
Closing date for applications: 18 May 2016
Contact: charlenechoo (at) astri.org
More information: http://www.astri.org/careers/work-at-astri/jobs/director-cyber-security/
07 May 2016
Thomas Espitau, Pierre-Alain Fouque, Benoît Gérard, Mehdi Tibouchi
06 May 2016
Zhengjun Cao, Lihua Liu
Peter Hyun-Jeen Lee, Siamak F. Shahandashti
Boris Skoric
Alhassan Khedr, Glenn Gulak
Roberto Avanzi
These techniques are used to define some components of QARMA, a new family of lightweight tweakable block ciphers. QARMA is targeted to a very specific set of use cases, such as memory encryption, generation of very short tags by truncation, and the construction of keyed hash functions, in fully unrolled hardware implementations.
The structure of the cipher is inspired by PRINCE. However, it differs from reflector constructions in that it is a three-round Even-Mansour scheme with a non-involutory keyed middle permutation designed to thwart various classes of attacks. QARMA aims a providing conservative security margins while still achieving best-in-class latency.
QARMA exists in 64- and 128-bit block sizes, with 128- and 256-bit keys, respectively. Implementors are also offered a reduced set of S-Boxes to choose from.
Simon Cogliani, Houda Ferradi, R\'emi G\'eraud, David Naccache
These protocols are constructed by introducing a bias in the challenge send by the prover. This bias is chosen so as to maximize the security versus effort trade-off. We illustrate the benefits of this approach on several well-known zero-knowledge protocols.
Franziskus Kiefer, Mark Manulis
We construct an efficient BPR protocol in the standard model for ASCII-based password policies using some techniques underlying the recently introduced Zero-Knowledge Password Policy Checks (ZKPPC). However, we do not rely on the full power of costly ZKPPC proofs and in fact show that BPR protocols can be modelled and realised simpler and significantly faster (as supported by our implementation) without using them as a building block. Our BPR protocol can directly be used to replace ZKPPC-based registration procedure for existing VPAKE protocols.
05 May 2016
Tokyo, Japan, 5 March - 8 March 2017
Submission deadline: 1 June 2016
Notification: 1 August 2016
Input Output HK (IOHK), Japan and Remote
About IOHK
IOHK is a company developing new cryptocurrencies and related applications. The goals of IOHK Research, our research division, are to advance the science behind cryptocurrencies and to attest the security of our products by careful analysis of their underlying protocols. Our team at IOHK Research focuses on the analysis of protocol specifications and on theoretical research while programming and implementation are handled by a separate team. At IOHK Research you will be responsible for investigating current cryptocurrencies, formalising security models, proposing new techniques, constructing new schemes and analysing their security.
We want the results of our research to impact both our products and the community, so we highly encourage our researchers to collaborate with other institutions and to publish papers in top conferences and journals. Moreover, we intend to open source most of our software, which will be developed based on techniques investigated by the IOHK Research team. We offer a flexible work style with a chance to work in a very dynamic team with talented people from all around the world, including partners from academia and the open source community.
Full-time Positions in Japan and Remote Part-time Positions
We are currently looking for talented cryptographers to join our team in Japan in full-time positions. We also offer part-time positions to outstanding students who are interested in joining our team while working remotely from their current locations. Knowledge specific to cryptocurrencies is not mandatory at the start, as the candidate is expected to spend 1-2 months developing it.
Requirements
This call does not have a definite closing date. You are welcome to apply at any moment.
Closing date for applications: 31 December 2016
Contact: Please send your CV to recruitment (at) iohk.io
More information: https://iohk.io/careers/
Hong Kong Applied Science and technology Research Institute Company Limited
•Develop and implement secure cloud computing and secure software systems.
•Develop cryptographic and encryption technologies.
•Develop mobile security solutions.
•Develop and implement cyber-threat intelligence and defense technologies.
•Perform security review and assessment on information security and e-commerce systems.
•Conduct R&D in various areas which include but not limited to software, network, distributed system, database, and mobile security.
Requirements
•Bachelor’s degree or above in Computer Science, Electrical Engineering or other relevant disciplines.
•More senior candidates with Master or PhD degree, or with minimum five years’ of experience in software development, i.e. design, implementation, test and documentation will be considered as Senior Engineer.
•Familiar with software development or testing, programming languages on C/C++/ObjC/Java/Javascript.
•Certificates or formal training in information security or with experience in security assessment is a plus, but not a necessity.
•Good knowledge of OS security and virtualization security, and implementation experience on the cloud an advantage.
•A team player with good analytical and communications skills.
•Good command of written and spoken English.
Closing date for applications: 15 May 2016
Contact: charlenechoo (at) astri.org
More information: http://www.astri.org/careers/work-at-astri/jobs/senior-engineerssoftware-engineers-information-security-multiple-opening
Hong Kong Applied Science and Technologu Research Institute Company Limited
•Conduct research on advanced ethical hacking, penetration testing, reverse engineering.
•Conduct assessment on network infrastructure, web and mobile security.
•Assisting in IT security enforcement and enhancement.
•Design secure application testing approaches, integrate quality assurance testings with security functionalities.
•Candidate with strong programming background will also be involved in security tool/signature development.
•Design and implement preventive security controls, application code review and analysis, code scanning and testing tools, web application scanning and penetration tests.
•Manage vendor and service provider on security tools and technologies project engagement and delivery.
Requirements:
•Bachelor’s degree or above in Computer Science, Electrical Engineering or other relevant disciplines with a minimum of 5 years of experience in security assessment. Candidates with less experience will also be considered for the Engineer level.
•Experience in financial industry is preferred but not mandatory.
•Demonstrate wide working knowledge of application security.
•Experience in application development life cycle, application testing and code scanning, with exposure in penetration test, finding exploits, vulnerabilities, unauthorized access, or other malicious activities in computer systems.
•Proficient in English, spoken and written.
•High integrity and professional work practice.
•Appreciation of people and cultures of different countries.
Closing date for applications: 15 May 2016
Contact: charlenechoo (at) astri.org
More information: http://www.astri.org/careers/work-at-astri/jobs/senior-engineerengineer-cyber-security-assessment-multiple-openings-8/
Chalmers University of Technology, Sweden
The PhD student is expected to have a MSc degree or equivalent, and strong background in mathematics and/or theoretical computer science, with some background in cryptography.
The position is fully funded for up to five years. The call for expressions of interest will remain open until a suitable candidate is appointed.
Successful candidates will help to design and evaluate cryptographically reliable and privacy-preserving authentication protocols.
Closing date for applications: 31 May 2016
Contact: Katerina Mitrokotsa
Associate Professor
Chalmers University of Technology
Department of Computer Science and Engineering
Chalmers University of Technology
More information: http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=4044
04 May 2016
Vienna, Austria, 24 October - 28 October 2016
Submission deadline: 27 July 2016
Notification: 10 September 2016
ENS de Lyon, France
Interested applicants should provide a detailed resume and references.
Closing date for applications: 30 June 2016
Contact: Damien Stehle (damien.stehle (at) ens-lyon.fr)