IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
02 November 2021
TU Darmstadt, Germany
Job PostingJob description: You'll work in the research training group/doctoral college Privacy&Trust for Mobile Users funded by the German Research Foundation (DFG). In our subproject, we build cryptography-based private machine learning services for mobile applications and investigate their legal applicability (data protection) and economic feasibility in interdisciplinary collaborations. You conduct research, implement prototypes, and publish&present the results at top venues. You'll participate in teaching and supervise thesis students & student assistants.
We offer: We demonstrate that privacy is efficiently protectable in real-world applications via cryptographic protocols. Our open and international working environment facilitates excellent research in a sociable team. TU Darmstadt is a top research university for IT security, cryptography and CS in Europe. Darmstadt is a very international, livable and well-connected city in the Rhine-Main area around Frankfurt. Knowledge of German is beneficial, but not required, and TU Darmstadt offers corresponding support.
Your profile:
- Completed Master's degree (or equivalent) at a top university with excellent grades in IT security, computer science, or a similar area.
- Extensive knowledge in applied cryptography/IT security and very good software development skills. Knowledge in cryptographic protocols (ideally MPC) is a plus.
- Experience with/motivation for working with other disciplines, e.g., law or economics.
- Self-motivated, reliable, creative, can work independently, and want to do excellent research.
- Our working language is English: able to discuss/write/present scientific results in English. German is beneficial but not required.
Closing date for applications:
Contact: Thomas Schneider (application@encrypto.cs.tu-darmstadt.de)
More information: https://encrypto.de/2021-RTG-EN
01 November 2021
Asiacrypt
Registration is now open: https://asiacrypt.iacr.org/2021/registration.php
For questions please contact the General Chair: asiacrypt2021@iacr.org
29 October 2021
Sonia Belaïd, Matthieu Rivain, Abdul Rahman Taleb, Damien Vergnaud
ePrint ReportIn this paper, we generalize the random probing expansion approach by considering a dynamic choice of the base gadgets at each step in the expansion. This approach makes it possible to use gadgets with high number of shares --which enjoy better asymptotic complexity in the expansion framework-- while still tolerating the best leakage rate usually obtained for small gadgets. We investigate strategies for the choice of the sequence of compilers and show that it can reduce the complexity of an AES implementation by a factor $10$. We also significantly improve the asymptotic complexity of the expanding compiler by exhibiting new asymptotic gadget constructions. Specifically, we introduce RPE gadgets for linear operations featuring a quasi-linear complexity as well as an RPE multiplication gadget with linear number of multiplications. These new gadgets drop the complexity of the expanding compiler from quadratic to quasi-linear.
Jelizaveta Vakarjuk, Nikita Snetkov, Jan Willemson
ePrint ReportChris Brzuska, Sabine Oechsner
ePrint ReportAbubakr Abdulgadir, Kamyar Mohajerani, Viet Ba Dang, Jens-Peter Kaps, Kris Gaj
ePrint ReportLuke Beckwith, Duc Tri Nguyen, Kris Gaj
ePrint ReportHyeonbum Lee, Jae Hong Seo
ePrint ReportXianrui Qin, Cailing Cai, Tsz Hon Yuen
ePrint ReportNext, we give a generic construction of blind ECDSA based on an additive homomorphic encryption and a corresponding zero-knowledge proof. Our concrete instantiation is about 40 times more bandwidth efficient than the blind ECDSA in AsiaCCS 2019.
After that, we give the first formal proof of one-more unforgeability for blind ECDSA, under a new model called algebraic bijective random oracle. The security of our generic blind ECDSA relies on the hardness of a discrete logarithm-based interactive assumption and an assumption of the underlying elliptic curve.
Finally, we analyze the hardness of the ECDSA-ROS problem in the algebraic bijective random oracle model.
Apheris, Berlin, Germany
Job PostingAs a Privacy and Cryptography Engineer at Apheris, your primary focus will be driving development of privacy and cryptographic modules in our product core and push it to customers together with a team of great software engineers and data scientists. You will be working on challenging deep tech projects closely together with customers from various industries with a focus on Healthcare, Pharma and Sustainability. With your engineering expertise, you will be responsible for meeting project and product goals and act accordingly to upcoming bottlenecks. You will design and build new features and enhance our product core with innovative technologies, participate in code reviews, and promote engineering best practices in our tech team. We empower you to be a major contributor to the success of projects, customer’s satisfaction, and the advancement of our product core.
What you will do- Implement privacy and cryptographic modules into our product in a secure, robust and scalable way
- Be a hands-on engineering contributor and promote best practices in our tech team
- Contribute to the writing of scientific whitepapers, Jupyter Notebook tutorials and blog posts about privacy and cryptographic algorithms and their usage in our product
- Contribute to team deliverables following an agile methodology and participate in retrospective sessions to continuously improve the teams’ way of working
- Master or PhD in Computer Science, Mathematics or Cryptography, or equivalent practical experience
- 3 or more years of relevant work experience
- Expert coding skills in Python, including common data science and ML libraries. Further languages are a plus (e.g.,R, C, C++, Go, Rust)
- Solid understanding of privacy technologies and machine learning
- ...
Closing date for applications:
Contact: See link to full text of the job description
More information: https://apheris.jobs.personio.de/job/492987?_pc=222318
Microsoft Research, Redmond, WA
Job PostingThe Cryptography and Privacy Research Group is hiring interns for the summer of 2022. We are seeking strong candidates to work with our renowned researchers on various topics. We are particularly interested in privacy-preserving ML, privacy and transparency techniques for digital identity systems and public key infrastructures, account/identity/password recovery, and web privacy/security, including fraud detection and prevention. We encourage all PhD students with relevant technical background in any of these topics to apply as soon as possible, as we will start interviewing immediately.
For summer internships, we typically work closely with Microsoft product groups (Teams, Edge, to name a few) to bring research ideas to real life. The internships often involve prototyping the research results, so a strong candidate is expected to have some proficiency in programming and interest in working alongside our engineers.
More information and application at https://careers.microsoft.com/us/en/job/1195145/Research-Intern-Privacy-and-Cryptography
Closing date for applications:
Contact: Kim Laine (kim.laine@microsoft.com)
KIT, Karlsruhe, Germany
Job PostingClosing date for applications:
Contact: Thorsten Strufe and Javier Parra-Arnau
More information: https://ps.tm.kit.edu/english/200.php
KIT, Karlsruhe, Germany
Job PostingClosing date for applications:
Contact: Thorsten Strufe
More information: https://ps.tm.kit.edu/english/200.php
27 October 2021
Canterbury, United Kingdom, -
Event CalendarSubmission deadline: 21 March 2022
Notification: 6 June 2022
Giesecke+Devrient Mobile Security GmbH, Munich, Germany
Job PostingG+D Mobile Security is looking for a Cryptography Engineer (m/f/d) for its Cryptology department at its Munich Headquarters as soon as possible
Job description:
- Secure implementation of cryptographic algorithms and security relevant OS components for smart cards in assembler
- Optimization regarding run time and memory consumption
- Design and implementation of countermeasures to defend against hardware related attacks against smart cards
- Analysis of the results of side-channel attacks and derivation of effective countermeasures
- Background in mathematics, computer science or electronic engineering
- Ideally PhD in cryptography or 3+ years experience in cryptography or related area
- Programming skills in assembler for 8/16/32 bit embedded microcontrollers
- Ideally experience in embedded security and side-channel-attacks
- High level of responsibility and exciting projects
- Working in an international security technology company
- Very flexible working hours and home office possibilities
- Wide range of training and further education opportunities
- Attractive family benefits such as a summer holiday camp for children
- Other benefits such as an own sports club and a canteen subsidized by the employer
https://careers.gi-de.com/job/Munich-Kryptologen-%28mfd%29-81677/723297801/
Closing date for applications:
Contact: Dr. Harald Vater (Harald.Vater (at) gi-de.com)
University of the West of England
Job PostingClosing date for applications:
Contact: Essam Ghadafi (Essam.Ghadafi@uwe.ac.uk)
More information: https://www.uwe.ac.uk/research/postgraduate-research-study/how-to-apply/studentship-opportunities/iot-over-wireless-networks
Tenure-Track Faculty Positions in all areas related to IT-Security, Privacy and Cryptography (f/m/d)
CISPA Helmholtz Center for Information Security
Job PostingCISPA is located in Saarbrücken, in the tri-border area of Germany, France, and Luxembourg. We maintain an international and diverse work environment and seek applications from outstanding researchers worldwide. The working language is English. A command of German is not required for a successful career at CISPA.
CISPA is looking for candidates that hold a doctoral degree in computer science or related areas and have an outstanding research track record in all areas related to IT-Security, Privacy and Cryptography, especially in, but not limited to the fields of
All applicants are expected to build up a research team that pursues an internationally visible research agenda.
Tenure-track positions are intended for candidates with excellent research credentials and the potential to pursue a program of innovative research. The positions are comparable to tenure-track positions at a leading university, and come with two full time research staff positions and generous support for other expenses.
Closing date for applications:
Contact: scientific-recruiting@cispa.saarland
More information: https://jobs.cispa.saarland/jobs/detail/tenure-track-faculty-positions-in-all-areas-related-to-it-security-privacy-and-cryptography-f-m-d-129
Akash Shah, Nishanth Chandran, Mesfin Dema, Divya Gupta, Arun Gururajan, Huan Yu
ePrint Report1. We initiate the formal study of secure featurization and its use in conjunction with secure inference protocols. 2. We build secure featurization protocols in the one/two/three-server settings that provide a tradeoff between security and efficiency. 3. Finally, we apply our algorithms in the context of secure phishing detection and evaluate our end-to-end protocol on models that are commonly used for phishing detection.
Sebastian Paul, Yulia Kuzovkova, Norman Lahr, Ruben Niederhagen
ePrint ReportIn this work, we propose and investigate a migration strategy towards post-quantum (PQ) authentication for the network protocol Transport Layer Security (TLS). Our strategy is based on the concept of “mixed certificate chains” which use different signature algorithms within the same certificate chain. In order to demonstrate the feasibility of our migration strategy we combine the well-studied and trusted hash-based signature schemes SPHINCS+ and XMSS with elliptic curve cryptography first and subsequently with lattice-based PQC signature schemes (CRYSTALS-Dilithium and Falcon). Furthermore, we combine authentication based on mixed certificate chains with the lattice-based key encapsulation mechanism (KEM) CRYSTALS-Kyber as representative for PQC KEMs to evaluate a fully post-quantum and mutually authenticated TLS 1.3 handshake.
Our results show that mixed certificate chains containing hash-based signature schemes only at the root certificate authority level lead to feasible connection establishment times despite the increase in communication size. By analyzing code size and peak memory usage of our client and server programs we further demonstrate the suitability of our migration strategy even for embedded devices.