IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
19 February 2018
Technische Universität Darmstadt, Germany
Job PostingThe ENCRYPTO group is member of the Center for Research in Security and Privacy (CRISP) and the profile area Cybersecurity at TU Darmstadt (CYSEC). We develop methods and tools to optimize and automatically generate cryptographic protocols. See http://encrypto.de for details.
The candidate will do cutting-edge research on cryptographic protocols that scale to real-world problem sizes, including secure multi-party computation and private information retrieval.
The candidate is expected to have a completed Master (or equivalent) degree with excellent grades in IT security, computer science, electrical engineering, mathematics, or a closely related field. Solid knowledge in IT security, applied cryptography, efficient algorithms, circuit design, and excellent programming skills are required. Additional knowledge in cryptographic protocols, parallel computing, compiler construction, programming languages, and software engineering is a plus.
Review of applications starts immediately until the position is filled.
More details and info on how to apply: http://encrypto.de/jobs/CRISP2018
Closing date for applications:
Contact: Thomas Schneider, thomas.schneider (at) crisp-da.de
More information: http://encrypto.de/jobs/CRISP2018
University of Surrey, Guildford, UK
Job PostingThe student will be based in the Department of Computer Science at the University of Surrey, UK. The PhD project aims at exploring post-quantum cryptography into blockchain technology. The candidate may need to do research on the following areas (but not limited to): blockchain (cryptocurrencies, smart-contracts), distributed consensus protocols, and post-quantum cryptography (signature, encryption). We expect the candidate to undertake not only theoretical-centre research but also some level of implementation.
The candidate should be passionate about applied research and development of cutting-edge security technologies. With a strong desire to work on problems with real-world impact and commercial value, the candidate is expected to conduct high-quality applied research by working closely with a team of security domain experts. (Highly motivated, independent and resourceful team player, strong analytical thinking, interpersonal and problem solving skills)
Entry Requirements
Essential:
1. Bachelor degree in Computer Science, Computer Engineering, Mathematics, Electrical Engineering, or related field (UK equivalent of 2:1 classification or above)
2. Interest in cryptography and information security
3. Adequate programming skills in Java, C/C++, Python
4. Fluent written and verbal communication skills in English
Desirable:
1. Master degree in Computer Science, Computer Engineering, Mathematics, Electrical Engineering, or related field (UK equivalent of Merit classification or above)
2. Knowledge of post-quantum cryptography and block-chain
3. Strong programming skills in Java, C/C++, Python
Closing date for applications: 31 March 2018
Contact: Dr. Kaitai Liang, email: k.liang (at) surrey.ac.uk
More information: http://www.jobs.ac.uk/job/BHD180/phd-opportunity-in-exploring-post-quantum-cryptography-into-block-chain-technology/
Karlstad University, Sweden
Job PostingThe PhD student will work on secure and privacy-preserving networked systems within the research profile High Quality Networked Services in a Mobile World (HITS), funded by the Knowledge Foundation of Sweden, and a recently accepted EU H2020 innovation action. Duties include applied cryptography, reasoning about security and privacy properties of cryptographic systems, and to construct provably secure systems. Experience with secure logging, Certificate Transparency, or blockchain-related systems are of particular relevance. Further, the PhD student is expected to contribute to research across research areas at the Computer Science subject to analyse and engineer networked systems. The networked systems relate to technologies such as software defined networking, programmable data planes, and network middleboxes that analyse network traffic.
The duties will be performed within both national and international research projects with collaborating academic and industry partners. A successful candidate needs to have excellent written and spoken English, a solid background in the previously mentioned technologies and research areas, good programming experience, be strongly motivated to deconstruct highly complex networked systems, and the ability to develop into an independent researcher.
A PhD student in Sweden is employed, pays no fees related to the PhD position, and has a decent monthly salary. The position is limited to four years. If the PhD student takes other research, teaching or administrative tasks besides her/his PhD research, it can be prolonged for up to one more year. Democratic principles, equality and diversity are cornerstones of the University. We value the enriching presence of diverse backgrounds and competencies among students and staff.
Closing date for applications: 11 March 2018
Contact: Tobias Pulls, senior lecturer +46 (0) 54-700 24 75, tobias.pulls (at) kau.se
More information: https://kau.varbi.com/en/what:job/jobID:193337/
17 February 2018
Panaji, Goa, India, 11 November - 14 November 2018
TCCSubmission deadline: 17 May 2018
Notification: 30 August 2018
Barcelona, Spain, 3 September - 7 September 2018
Event CalendarSubmission deadline: 18 April 2018
Notification: 5 June 2018
14 February 2018
University College Cork, Ireland
Job PostingThe School of CSIT has 26 full-time academic staff and offers degrees at bachelors, masters and doctoral level. It has very close engagement with industry sponsors, including those in the cluster of over 20 cyber-security companies that are based in Cork. The School has a strong research track record, and ranked very highly in the recent Research Quality Review. Professors in the School have leadership roles in three large-scale national research centres: CONNECT – Research Centre for Future Networks; Insight – Centre for Data Analytics; and Lero – Irish Software Research Centre. For further information on the School, please visit https://www.ucc.ie/en/compsci/
Appointment may be made on the Professorial Salary Scale: €111,196 – €140,962 (Scale B), €109,129-€133,980 (Scale A). In all instances the successful appointment will be at the first point of the scale. For an information package including full details of the post, selection criteria and application process see https://www.ucc.ie/hr/vacancies
Closing date for applications: 6 March 2018
Contact: Informal enquiries can be made, in confidence, to the Head of School, Professor Cormac J. Sreenan, head (at) cs.ucc.ie
More information: https://goo.gl/biAAB7
SECAN LAB, University of Luxembourg, Luxembourg
Job PostingFor further details and how to apply, please visit https://secan-lab.uni.lu/jobs
For further information or for an informal discussion, please contact us by email: secanlab.jobs (at) uni.lu
Closing date for applications: 24 February 2018
Contact: secanlab.jobs (at) uni.lu
More information: https://secan-lab.uni.lu/jobs
Ruhr-University Bochum
Job Posting- security and safety in autonomous systems
- side-channel prevention on the processor level
- formal methods for security and privacy
- applied cryptography in software and hardware
Successful applicands for the open positions will become part of the Horst Görtz Institute for IT-Security (HGI), one of the largest research centers in IT-Security within Europe.
Candidates are invited to apply until February 28. Please include in your application a motivation letter, CV and transcript of records.
For any additional information, please contact Tim Güneysu
Closing date for applications: 28 February 2018
Contact: Tim Güneysu
Chair for Security Engineering,
Ruhr Universität Bochum
Universitätsstr. 150
44780 Bochum
+49 234 32 24626
tim.gueneysu (at) rub.de
Bram Cohen, Krzysztof Pietrzak
ePrint ReportThe construction proposed by [MMV'13] is based on a hash function and can be proven secure in the random oracle model, or assuming inherently sequential hash-functions, which is a new standard model assumption introduced in their work.
In a proof of sequential work, a prover gets a "statement" $\chi$, a time parameter $N$ and access to a hash-function $H$, which for the security proof is modelled as a random oracle. Correctness requires that an honest prover can make a verifier accept making only $N$ queries to $H$, while soundness requires that any prover who makes the verifier accept must have made (almost) $N$ sequential queries to $H$. Thus a solution constitutes a proof that $N$ time passed since $\chi$ was received. Solutions must be publicly verifiable in time at most polylogarithmic in $N$.
The construction of [MMV'13] is based on "depth-robust" graphs, and as a consequence has rather poor concrete parameters. But the major drawback is that the prover needs not just $N$ time, but also $N$ space to compute a proof.
In this work we propose a proof of sequential work which is much simpler, more efficient and achieves much better concrete bounds. Most importantly, the space required can be as small as $\log(N)$ (but we get better soundness using slightly more memory than that).
An open problem stated by [MMV'13] that our construction does not solve either is achieving a "unique" proof, where even a cheating prover can only generate a single accepting proof. This property would be extremely useful for applications to blockchains.
Lorenzo Grassi, Christian Rechberger
ePrint ReportIn this paper we present new techniques to analyze this special set of inputs that is so versatile, and report on new properties. Classically, in differential cryptanalysis, statements about the probability distribution of output differences, like mean or variance, are of interest. So far such statements where only possible for up to 4 rounds of AES. In this paper we consider the probabilistic distribution of the number of different pairs of corresponding ciphertexts that lie in certain subspaces after 5 rounds. We rigorously prove that the following two properties (independent of any key or constant additions) hold for 5 rounds of the AES permutation: the mean value is bigger for AES than for a random permutation; the variance is approximately by a factor 36 higher for AES than for a random permutation. While the distinguisher based on the variance is (almost) independent of the details of the S-Box and of the MixColumns matrix, the mean value distinguisher does depend on the details of the S-Box and may give rise to a new design criterion for S-Boxes.
Of independent interest is the technique that we developed for this rigorous analysis. To the best of our knowledge this seems to be the first time that such a precise differential analysis was performed. Practical implementations and verification confirm our analysis.
Christoph Dobraunig, Maria Eichlseder, Lorenzo Grassi, Virginie Lallemand, Gregor Leander, Eik List, Florian Mendel, Christian Rechberger
ePrint ReportSanjam Garg, Peihan Miao, Akshayaram Srinivasan
ePrint ReportKen Goss, Wei Jiang
ePrint ReportZhi Hu, Lin Wang, Chang-An Zhao
ePrint ReportHoussem Maghrebi, Emmanuel Prouff
ePrint ReportKamil Kluczniak, Man Ho Au
ePrint ReportPayment systems like ZCash attempt to offer much stronger anonymity by hiding the origin, destination and value of a payment. The ZCash system is able to offer strong anonymity, mainly due to use of Zero-Knowledge Succinct Non-interactive Arguments of Knowledge (ZK-SNARK) of arithmetic circuit satisfiability. One drawback of ZCash is that the arithmetic circuit is rather large, thus requires a large common reference string and complex prover for the ZK-SNARK. In fact, the memory and prover complexity is dominated by the ZK-SNARK in use and is mainly determined by the complexity of the circuit.
In this paper we design a Decentralized Anonymous Payment system (DAP), functionally similar to ZCash, however with significantly smaller arithmetic circuits, thus greatly reducing the memory and prover complexity of the system. Our construction is based on algebraic primitives, from the realm of elliptic curve and lattice based cryptography, which satisfiability might be efficiently verified by an arithmetic circuit.