International Association
for Cryptologic Research

Currently most practical attacks on cryptographic protocols like TLS are based on side channels, such as padding oracles. Some well-known recent examples are DROWN, ROBOT and Raccoon (USENIX Security 2016, 2018, 2021). Such attacks are usually found by careful and time-consuming manual analysis by specialists. In this paper, we consider the question of how such attacks can be systematically detected and prevented before (large-scale) deployment. We propose a new, fully automated approach, which uses supervised learning to identify arbitrary patterns in network protocol traffic. In contrast to classical scanners, which search for known side channels, the detection of general patterns might detect new side channels, even “unexpected” ones, such as those from the ROBOT attack. To analyze this approach, we develop a tool to detect Bleichenbacher-like padding oracles in TLS server implementations, based on an ensemble of machine learning algorithms. We verify that the approach indeed detects known vulnerabilities successfully and reliably. The tool also provides detailed information about detected patterns to developers, to assist in removing a potential padding oracle. Due to the automation, the approach scales much better than manual analysis and could even be integrated with a CI/CD pipeline of a development environment, for example.

We introduce Checkable Subspace Sampling Arguments, a new information theoretic interactive proof system in which the prover shows that a vector has been sampled in a subspace according to the verifier's coins. We show that this primitive provides a unifying view that explains the technical core of most of the constructions of universal and updatable pairing-based (zk)SNARKs. This characterization is extended to a fully algebraic framework for designing such SNARKs in a modular way, which leads to a new construction that is more efficient than the state-of-the-art in several dimensions.

White-box cryptography is often used in embedded applications. Although white-box cryptography with provable security has been proposed recently, the circuit size is much larger than that of usual block ciphers. We address this problem in a different way from previous works. In particular, we propose a white-box symmetric cipher using quantum memory. The size of our cipher is a polynomial in input-length and output-length of an underlying function. The security against classical attacks is reduced to the security of the underlying classical pseudo-random function. We show that quantum attacks using the generalized Grover algorithm to our cipher are ineffective.

Shuffling is one of the most important techniques for privacy-preserving protocols. Its applications are manifold, including, for example, e-voting, anonymous broadcast, or privacy-preserving machine-learning. For many applications, such as secure e-voting, it is crucial that the correctness of the shuffling operation be (publicly) verifiable. To this end, numerous proofs of shuffle have been proposed in the literature. Several of these proofs are actually employed in the real world.

In this work, we propose a generic compiler which can transform any "shuffle-compatible" Sigma-protocol (including, among others, Sigma-protocols for re-randomization, decryption, or key shifting) into a Sigma-protocol for permutations of the underlying relation. The resulting proof of shuffle is black-box, easily implementable, simple to explain, and comes with an acceptable computational overhead over the state-of-the-art. Because we machine-checked our compiler in Coq, the new proof of shuffle is particularly suitable for applications that require a superior level of security assurance (e.g., high-stake elections).

We construct a concretely efficient Zero Knowledge (ZK) Oblivious RAM (ORAM) that consumes $2 \log n$ oblivious transfers (OTs) of length-$2\sigma$ secrets per access of an arithmetic value, for statistical security parameter $\sigma$ and array size $n$. This is an asymptotic and concrete improvement over previous best (concretely efficient) ZK ORAM Bub- bleRAM of Heath and Kolesnikov ([HK20a], CCS 2020), whose access cost is $1/2 \log^2 n$ OTs of length-$2\sigma$ secrets.

ZK ORAM is essential for proving statements that are best expressed as RAM programs, rather than Boolean or arithmetic circuits.

Our construction is private-coin ZK. We integrate it with [HK20a]’s ZK Proof (ZKP) protocol and prove the resulting ZKP system secure.

We implemented PrORAM in C++. Compared to the state-of-the-art BubbleRAM, our PrORAM is $~10\times$ faster for arrays of size $2^{20}$ of $40$-bit values.

We consider the problem of finding low-weight multiples of polynomials over binary fields; a problem which arises in stream cipher cryptanalysis or in finite field arithmetic. We first devise memory- efficient algorithms based on the recent advances in techniques for solving the knapsack problem. Then, we tune our algorithms using the celebrated Parallel Collision Search (PCS) method to decrease the time cost at the expense of a slight increase in space. Both our memory-efficient and time-memory trade-off algorithms improve substantially the state-of-the-art.

We propose a new framework for trapdoor sampling over lattices. Our framework can be instantiated in a number of ways. In a departure from classical samplers, it allows for example to sample from uniform, affine, ``product affine'' and exponential distributions. It allows for example to sample from uniform, affine and ``product affine'' distributions. Another salient point of our framework is that the output distributions of our samplers are perfectly indistinguishable from ideal ones, in contrast with classical samplers that are statistically indistinguishable. One caveat of our framework is that all our current instantiations entail a rather large standard deviation.

Event date: 6 September 2021
Submission deadline: 21 May 2021
Notification: 2 July 2021

The Cryptanalysis Taskforce at Nanyang Technological University in Singapore led by Prof. Jian Guo is seeking for candidates to fill 2 post-doctoral research fellow positions on symmetric-key cryptography. Topics include but are not limited to the following sub-areas:

• tool aided cryptanalysis, such as MILP, CP, STP, and SAT
• machine learning aided cryptanalysis and designs
• privacy-preserving friendly symmetric-key designs
• quantum cryptanalysis
• theory and Proof
• cryptanalysis against SHA-3 and AES

Established in 2014, the Cryptanalysis Taskforce is a group dedicated for research in symmetric-key cryptography, it is currently comprised by 4 (senior) postdocs and 2 PhD students. Since establishment, the team has been active in both publications in and services for IACR. It has done quite some cryptanalysis work on various important targets such as SHA-3 and AES, and is expanding its interests to the areas mentioned above, with strong funding support from the university and government agencies in Singapore. We offer competitive salary package with extremely low tax (around 5%), as well as excellent environment dedicating for top-venues publication orientated research in Singapore. The contract will be initially for one and half years, and has the possibility to be extended. Candidates are expected to have proven record of publications in IACR conferences. Interested candidates are to send their CV and 2 reference letters to Jian Guo. Review of applicants will start immediately until the positions are filled. More information about the Cryptanalysis Taskforce research group can be found via http://team.crypto.sg [Our recruitment continues despite COVID-19]

Closing date for applications:

Contact: Asst Prof Jian Guo, guojian@ntu.edu.sg

More information: http://team.crypto.sg

The Faculty of Engineering and the Nuremberg Campus of Technology at Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU) invite applications for an

Assistant Professor for Computer Science

at the Department of Computer Science at the Chair for Applied Cryptography. The professorship is to be filled by the earliest possible starting date for an initial period of three years. Upon successful evaluation, the appointment will be extended for another three years.

We seek to appoint a top early-career scientist who will develop outstanding expertise in the field of theoretical and applied cryptography and has excellent scientific expertise within the broad area of cryptography and/or areas of IT security closely related to cryptography. We welcome applications from candidates with research experience in the following topics:

• Efficient proof systems
• Homomorphic cryptography
• Postquantum cryptography
• Cryptography and machine learning
• Anonymity and privacy
• Cryptocurrencies
• Blockchain-based cryptography

Outstanding candidates with experience in neighbouring areas will be considered. Successful candidates demonstrate initial academic achievements and the capacity for independent research at the highest international standards. You have substantial research experience abroad and/or experience in managing research projects and in raising third-party funding. A university degree and an outstanding doctoral degree as well as a passion for education and pertinent teaching experience are also prerequisites. Candidates who are able and willing to teach in English are desired.

Please submit your complete application documents (CV, research/teaching statement, list of publications, list of lectures and courses taught, copies of certificates and degrees, list of third-party funding) online at https://berufungen.fau.de by 21.06.2021.

Closing date for applications:

Contact: Dominique Schröder

More information: https://www.fau.de

Chaincode Labs is currently seeking a Postdoctoral Researcher with a passion for ensuring privacy and security within Bitcoin and related technologies.

Chaincode Labs is a NYC research and development center focused on open-source contributions, original research, training new engineers, and building implementations of new systems and ideas. Past research efforts have contributed to faster block relay, more reliable fee estimation, more bandwidth-efficient transaction relay, and more (1, 2). Candidates joining Chaincode should expect to make similarly significant contributions.

The person in this role will be expected to focus their research on applied cryptography and their applications in relation to the variety of challenges facing Bitcoin. This individual will disseminate, both internally and externally, the results of research activities through publications, seminar participation, internal documentation, etc. They will be encouraged to publish their findings in top conferences and peer-reviewed journals.

We are a well funded and staffed organization and have the resources to write software and provide critical infrastructure support.

Applicants Can Expect

• Competitive compensation
• Excellent health care benefits
• Paid time off
• Retirement savings plans, generous parental leave, and commuter benefits

A beautifully designed and centrally located Manhattan workspace Chaincode Labs is an equal opportunity employer and does not discriminate in its hiring process with applicants, whether internal or external, because of race, creed, color, age, national origin, ancestry, religion, gender, sexual orientation, gender identity, disability, genetic information, veteran status, military status, application for military service or any other class per local, state or federal law.

Closing date for applications:

Contact: Caralie Chrisco
caralie@chaincode.com

More information: http://www.chaincode.com

As Principal Engineer, you will be leading the product architecture & development on multiple fronts. You will contribute to the execution of one of the most ambitious tech projects in Europe right now: building a security standard for a trillion-dollar crypto industry. You will join an amazing team of leaders (Chief Technology Officer, Chief Science Officer, Cryptographers, Engineers, etc.), in a highly challenging and collaborative environment. Responsibilities: * Research cryptographic protocols for digital asset custody. * Research, design, implement and maintain all decentralized finance systems incubated/supported by Xkey. * Work closely with chief science officer, CTO, DevOps engineers and security engineers, to ensure the systems are of high-quality by the product standards as well as engineering standards and delivered to the market in a timely manner. * Promote technology best practice within the team. Requirements: The focus of this position is on Multi Party Computation/Threshold Signature Scheme. The candidate should have good experience in one of the following areas and be familiar with others: * Qualification in Computing/Mathematics/Electronic Engineering or other relevant fields preferred * Strong knowledge of programming language, such as Rust, C++, or Go. * Design, analysis and Implementation of MPC/TSS

Closing date for applications:

Contact: Houda Ferradi

More information: https://jobs.stationf.co/companies/xkey-1/jobs/principal-software-engineer_paris

The PKC conference will be held as a virtual event this year, starting on Monday, May 10. There will be brief presentations on 53 papers, two invited talks, and social events. The program is online at https://pkc.iacr.org/2021/program.php

Technology Innovation Institute (TII) is a publicly funded research institute, based in Abu Dhabi, United Arab Emirates. It is home to a diverse community of leading scientists, engineers, mathematicians, and researchers from across the globe, transforming problems and roadblocks into pioneering research and technology prototypes that help move society ahead.

Cryptography Research Centre

In our connected digital world, secure and reliable cryptography is the foundation of digital information security and data integrity. We address the world’s most pressing cryptographic questions. Our work covers post-quantum cryptography, lightweight cryptography, cloud encryption schemes, secure protocols, quantum cryptographic technologies and cryptanalysis.

Position: Senior MPC Researcher

Conduct research on state-of-the-art MPC protocols

Analyze project requirements and provide technical and functional recommendations

Design and implementation of building blocks to utilize privacy-preserving cryptographic techniques to cloud computing and machine learning applications

Propose new projects and research directions

Skills required for the job

4+ years of work experience

Knowledge of MPC protocols

Experience in C desired, C++, Rust or Go relevant as well. Solid software engineering skills, such as agile methodologies, versioning, and best practices

Quick learner, geared towards implementation. Eager to develop new skills and willing to take ownership of projects

Experience with MPC frameworks (e.g. Scale-Mamba, MP-SPDZ, Obliv-C) is a plus

Familiarity with HE and ZK, and other advance cryptographic primitives, is a plus

Qualifications

MSc or PhD degree in Cryptography, Applied Cryptography, Information Theory, Mathematics or Computer Science

Closing date for applications:

Contact: Mehdi Messaoudi - Talent Acquisition Manager

More information: https://career22.sapsf.com/sfcareer/jobreqcareer?jobId=1323&company=technolo01

Technology Innovation Institute (TII) is a publicly funded research institute, based in Abu Dhabi, United Arab Emirates. It is home to a diverse community of leading scientists, engineers, mathematicians, and researchers from across the globe, transforming problems and roadblocks into pioneering research and technology prototypes that help move society ahead.

Cryptography Research Centre

In our connected digital world, secure and reliable cryptography is the foundation of digital information security and data integrity. We address the world’s most pressing cryptographic questions. Our work covers post-quantum cryptography, lightweight cryptography, cloud encryption schemes, secure protocols, quantum cryptographic technologies and cryptanalysis.

Position: Senior FHE Researcher

Conduct research on state-of-the-art FHE schemes

Analyze project requirements and provide technical and functional recommendations

Supervise the design and implementation of FHE building blocks to machine learning applications

Propose new projects and research directions

Skills required for the job

4+ years of work experience in the field

Knowledge of partially-, somewhat-, and fully homomorphic encryption schemes

Deep understanding of lattice-based cryptography

Quick learner, geared towards implementation

Eager to develop new skills and willing to take ownership of projects

Strong track record of publishing in top tier conferences

Experience in C, C++, Rust or Go is a plus. Software engineering skills, such as agile methodologies, versioning, and knowledge with hardware languages is also a plus

Qualifications

MSc or PhD degree in Cryptography, Applied Cryptography, Information Theory, Mathematics or Computer Science

Closing date for applications:

Contact:
Mehdi Messaoudi - Talent Acquisition Manager

More information: https://careers.tii.ae/job/Abu-Dhabi-Senior-FHE-Researcher/571308722/

Applications are invited for a postdoc position at the IMDEA Software Institute in Madrid, Spain. The successful candidate will work under the supervision of Alexey Gotsman (https://software.imdea.org/~gotsman/) on distributed computing aspects of blockchains, including algorithms, abstractions, correctness proofs and lower bounds. Concrete research topics will be determined based on the common interests of the candidate and the supervisor. Candidates should have, or expect shortly to obtain, a PhD in Computer Science, with expertise in distributed computing theory, applied cryptography or distributed systems. The position is initially for one year, with possibilities for extension. The starting date can be flexible, given the current public health situation. IMDEA provides for travel expenses and an internationally competitive salary. The working language at the institute is English. Applicants interested in the position should submit their application at https://careers.software.imdea.org/ using reference code 2021-05-postdoc-blockchains. The deadline for applications is June 25, 2021.

Closing date for applications:

Contact: Alexey Gotsman (https://software.imdea.org/~gotsman/)

More information: https://software.imdea.org/open_positions/2021-05-postdoc-blockchains.html

The Clemson School of Mathematical & Statistical Sciences (SMSS) seeks to fill a Postdoctoral position in their Coding Theory, Cryptography, and Number Theory group. This is a 9-month position (August 15 2021-May 15 2022) with job duties consisting of teaching two courses per year and conducting research. Additionally, the postdoc will be expected to participate in some of the other activities associated with the RTG grant that can be found on the grant webpage (http://www.math.clemson.edu/ccnt). Applications should include a cover letter, curriculum vitae, research statement, teaching statement, unofficial transcript, and four letters of reference at least one of which addresses the applicant’s teaching. The cover letter should indicate how the applicant's work relates to the research areas of the grant and a statement that the applicant is "eligible for positions which require US citizenship or US permanent residency" (please use this exact wording). Applications must be completed through http://apply.interfolio.com/87198 and will be accepted until the position has been filled. Completed applications for the postdoctoral position received before May 15th, 2021 will receive full consideration. The appointment is initially for one academic year but may be renewable for two additional years contingent upon funding and performance. The potential second and third years of the postdoc would carry a teaching load of two courses per semester as well as some light service duties. The SMSS contains two divisions: Mathematics and Statistics & Operations Research, and includes the areas of algebra and discrete mathematics, data science, computational mathematics, operations research, probability and mathematical statistics, and pure and applied analysis. The school offers the full range of Baccalaureate, Master’s, and Doctoral degrees. For further information regarding the school, its research areas and programs, please visit the web site (http://www.math.clemson.edu).

Closing date for applications:

Contact: Felice Manganiello

More information: http://apply.interfolio.com/87198

We consider the strong secret key (SK) agreement problem for the satellite communication setting, where a remote source (a satellite) chooses a common binary phase shift keying (BPSK) modulated input for three statistically independent additive white Gaussian channels (AWGN) whose outputs are observed by, respectively, two legitimate receivers (Alice and Bob) and an eavesdropper (Eve). Legitimate receivers have access to an authenticated, noiseless, two-way, and public communication link, so they can exchange multiple rounds of public messages to agree on a SK hidden from Eve. Without loss of generality, the noise variances for Alice's and Bob's measurement channels are both fixed to a value Q>1, whereas the noise over Eve's measurement channel has a unit variance, so Q represents a channel quality ratio. The significant and not necessarily expected effect of quantizations at all receivers on the scaling of the SK capacity with respect to a sufficiently large and finite channel quality ratio Q is illustrated by showing 1) the achievability of a constant SK for any finite BPSK modulated satellite output by proposing a thresholding algorithm as an advantage distillation protocol for AWGN channels and 2) the converse (i.e., unachievability) bound for the case when all receivers apply a one-bit uniform quantizer to noisy BPSK modulated observations before SK agreement, for which the SK capacity is shown to decrease quadratically in Q. Our results prove that soft information not only increases the reliability and the achieved SK rate but also increases the scaling of the SK capacity at least quadratically in Q as compared to hard information.

Event date: 12 December to 15 December 2021
Submission deadline: 7 September 2021
Notification: 12 October 2021

Cryptography and Information Security Laboratory is currently looking for a Post-doctoral researcher. Our laboratory is conducting the latest research on the development of cyber threat prediction and response technologies, lightweight cryptography for IoT environment, field-oriented digital forensic, design and development of encryption technologies, etc. We are highly recognized externally for excellent research results. The applicant will have the opportunity to work on our ongoing projects with a team of scientists in the lab and collaborators. We offer an excellent research environment and a highly competitive salary.

Current Research Directions:

Analysis of malware and malicious traffic based on machine learning

Cyber threat prediction and threat intelligence analysis

Design and cryptanalysis of symmetric-key cryptosystems

Fast and efficient implementation of ciphers

Mobile, memory, AI forensics

IoT and Convergence security

Required Qualifications:

Candidate must have recently received (or expect soon) Ph.D. degree in or related to Information Security, Computer Science fields.

Good publication record and prior development experience are highly desirable.

Appointment term: 1 year commitment to postdoctoral training is expected (can be extended depending on performance).

Appointment start date: 2021.09.01 (if possible, is it advisable to start in June or July).

Required Application Materials:

CV

Statement of research interests

Contact information

Closing date for applications:

Contact: Interested candidates should email their application materials to professor Changhoon Lee (chlee@seoultech.ac.kr) before May 31.

More information: https://cis.seoultech.ac.kr