International Association
for Cryptologic Research

In privacy-preserving transaction protocols, confidential asset designs permit transfer of quantities of distinct asset types in a way that obscures their types and values. Spark is a protocol that provides flexible privacy properties relating to addressing, transaction sources and recipients, and value transfer; however, it does not natively support the use of multiple confidential asset types. Here we describe Spats, a new design for confidential assets compatible with Spark that focuses on efficient and modular implementation. It does so by extending coin value commitments to bind and mask an asset type, and asserting in zero knowledge that this type is maintained throughout transactions. We describe the cryptographic components and changes to the Spark protocol necessary for the design of Spats.

This paper studies users’ privacy perceptions of UTXO-based blockchains such as Bitcoin. In particular, it elaborates -- based on interviews and questionnaires -- on a mental model about employing privacy-preserving techniques when doing blockchain transactions. Additionally, it evaluates users' awareness of blockchain privacy issues and examines their preferences towards existing privacy-enhancing solutions, i.e., add-on techniques to Bitcoin versus built-in techniques in privacy coins. Using Bitcoin as an example, we shed light on existing discrepancies between users' privacy perceptions and preferences and current implementations.

One of the most significant challenges is the secure user authentication. If it becomes breached, confidentiality and integrity of the data or services may be compromised. The most widespread solution for entity authentication is the password-based scheme. It is easy to use and deploy. During password registration typically users create or activate their account along with their password through their verification email, and service providers are authenticated based on their SSL/TLS certificate. We propose a password registration scheme based on identity-based cryptography, i.e. both the user and the service provider are authenticated by their short-lived identity-based secret key. For secure storage a bilinear map with a salt is applied, therefore in case of an offline attack the adversary is forced to calculate a computationally expensive bilinear map for each password candidate and salt that slows down the attack. New adversarial model with new secure password registration scheme are introduced. We show that the proposed protocol is based on the assumptions that Bilinear Diffie-Hellman problem is computationally infeasible, bilinear map is a one-way function and Mac is existentially unforgeable under an adaptive chosen-message attack.

Over the past years, the interest in Blockchain technology and its applications has tremendously increased. This increase of interest was however accompanied by serious threats that raised concerns over user data privacy. Prominent examples include transaction traceability and identification of senders, receivers, and transaction amounts. This resulted in a multitude of privacy-preserving techniques that offer different guarantees in terms of trust, decentralization, and traceability. CoinJoin is one of the promising techniques that adopts a decentralized approach to achieve privacy on the Unspent Transaction Output (UTXO) based blockchain. Despite the advantages of such a technique in obfuscating user transaction data, making them usable to common users requires considerable development and integration efforts. This paper provides a comprehensive usability study of three main Bitcoin wallets that integrate the CoinJoin technique, i.e., Joinmarket, Wasabi, and Samourai. The evaluation includes usability and fundamental design criteria to find the ease of use of these wallets \textcolor {black}{based on cognitive walkthrough during coin mixing. The comparison of the wallets with respect to usability and privacy criteria can be used for future evaluation of privacy wallets. The finding of this study can provide better insights for UTXO-based wallet developers.

We present a much-improved practical protocol, based on the hardness of Module-SIS and Module-LWE problems, for proving knowledge of a short vector $s$ satisfying $As=t\bmod q$. The currently most-efficient technique for constructing such a proof works by showing that the $\ell_\infty$ norm of $s$ is small. It creates a commitment to a polynomial vector $m$ whose CRT coefficients are the coefficients of $s$ and then shows that (1) $A\cdot \mathsf{CRT}(m)=t\bmod\,q$ and (2) in the case that we want to prove that the $\ell_\infty$ norm is at most $1$, the polynomial product $(m - 1)\cdot m\cdot(m+1)$ equals to $0$. While these schemes are already quite good for practical applications, the requirement of using the CRT embedding and only being naturally adapted to proving the $\ell_\infty$-norm, somewhat hinders the efficiency of this approach.

In this work, we show that there is a more direct and more efficient way to prove that the coefficients of $s$ have a small $\ell_2$ norm which does not require an equivocation with the $\ell_\infty$ norm, nor any conversion to the CRT representation. We observe that the inner product between two vectors $ r$ and $s$ can be made to appear as a coefficient of a product (or sum of products) between polynomials which are functions of $r$ and $s$. Thus, by using a polynomial product proof system and hiding all but one coefficient, we are able to prove knowledge of the inner product of two vectors modulo $q$. Using a cheap, approximate range proof, one can then lift the proof to be over $\mathbb{Z}$ instead of $\mathbb{Z}_q$. Our protocols for proving short norms work over all (interesting) polynomial rings, but are particularly efficient for rings like $\mathbb{Z}[X]/(X^n+1)$ in which the function relating the inner product of vectors and polynomial products happens to be a ``nice'' automorphism.

The new proof system can be plugged into constructions of various lattice-based privacy primitives in a black-box manner. As examples, we instantiate a verifiable encryption scheme and a group signature scheme which are more than twice as compact as the previously best solutions.

Event date: 30 May to 3 June 2022
Submission deadline: 7 March 2022
Notification: 11 March 2022

Event date: 4 October to 7 October 2022
Submission deadline: 15 May 2022
Notification: 24 June 2022

IO Global is searching for a Cryptography Engineer to join our expanding team of crypto engineers. As a Software Engineer at IOG, you will have the exciting challenge of working on cutting-edge research and technology focusing on the market’s needs. You will be working with Cardano-related projects, such as Cardano Core Cryptographic Primitives, Hydra, Mithril, or Sidechains.

Duties will include:

• Reviewing specifications produced by architects and formal methods specialists
• Contributing to the design of algorithms
• Bridging ideas from academic papers to production ready systems
• Implementing Cryptographic primitives in Rust and C

Your expertise

• Solid background in Mathematics. A degree in computer science or mathematics is desirable but not essential
• Deep understanding of Elliptic Curve Cryptography
• Familiarity with advanced cryptographic protocols (eg. Zero Knowledge Proofs, Distributed Key Generation, Threshold Signatures)
• Experience with systems programming (C/C++/Rust)
• Skilled in software development methods such as agile programming and test-driven development
• Experience in developing cryptography protocols would be a bonus, as would blockchain experience.

If you are interested, apply directly, or send me an email!

Closing date for applications:

Contact: Iñigo Querejeta Azurmendi

More information: https://apply.workable.com/io-global/j/EF38633ABE/

ESSENTIAL CRITERIA 1. Completion of a PhD or professional doctorate or equivalent standing* in computing or a relevant discipline area from a recognised tertiary institution. Candidates without a PhD will be considered if significant experience, along with relevant industry certification in the discipline area, is demonstrated. 2. Demonstrated teaching and research expertise in computing or a relevant discipline, preferably in one or more of the areas of Network Design and Analysis, Cyber Security, Artificial Intelligence/Machine Learning (particularly, Federated Learning), Database Design and Development, and Web Technology. High Level computational and programming skills is needed as is experience in mobile app development, cloud-based solution design and deployment. 3. Demonstrated experience in delivering engaged and reflective approaches to teaching that produce the best possible outcomes for students. 4. Demonstrated experience in engaging in research that provides the opportunity to collaborate with others, seeks to attract funding to support research, advances knowledge, and engages with industry. 5. High level oral and written communication and interpersonal skills, relating well to people at all levels using diplomacy, tact and sound judgement, with an ability to build constructive and effective relationships. 6. Alignment with the core University values of Respect, Integrity, and Excellence. * In determining experience relative to qualifications, regard is had to teaching experience, experience in research, experience outside tertiary education, creative achievement, professional contributions and/or technical achievement. Achievement relative to opportunity is also actively considered as part of recognising and valuing the diversity of career and life experiences.

Closing date for applications:

Contact: Professor Linda Galligan, Head of School (Mathematics, Physics and Computing) on +61 7 4631 2263 or HES-HoS-Sciences@usq.edu.au.

More information: https://usq.nga.net.au/cp/index.cfm?event=jobs.checkJobDetailsNewApplication&returnToEvent=jobs.listJobs&jobid=03A5994C-44D1-C050-4D35-C847AB85CC42&CurATC=EXT&CurBID=5766E0EF%2D89B4%2D4384%2DA729%2D9DB40135F721&JobListID=22FC4F47%2DE994%2D46A3%2DB8C9%2D9BC901269F43&jobsListKey=b71963e8%2Da44f%2D46f7%2Db8d2%2Dc71be1699c6d&persistVariables=CurATC,CurBID,JobListID,jobsListKey,JobID&lid=37755940068

RI CODE (https://www.unibw.de/code) established in 2017, with currently 13 professorships and over 100 researchers, is being expanded to one of the largest European research institutes for cyber security.
A new research Privacy and Applied Cryptography (PACY) Lab formed by Prof. Mark Manulis at RI CODE is looking for several PhD/post-doc researchers to work on relevant topics such as:

• computing on encrypted data (ZKP, HE, MPC techniques)
• attribute-based cryptography (encryption & signatures)
• privacy-preserving authentication (incl. MFA, distributed)
• private messaging (e.g. key establishment, anonymity)
• privacy and applied cryptography for social web/metaverse, IoT, blockchain, or New Space

There is an opportunity to engage with ongoing research projects and international partners from academia and industry. Candidates will also gain experience with supporting teaching activities in relevant areas.

Requirements:

• Master's (or equivalent) or PhD in Computer Science, Information Security, Maths or similar
• Knowledge and understanding of privacy-oriented cryptography (theory and/or practice)
• Fluency in written and spoken English, (German desirable)

All positions are available for immediate start and are fully funded at federal salary levels TV-ÖD E13/14 (~50k to 65k EUR p.a. depending on qualifications and experience).

How to apply?
As a first step email Mark Manulis with subject line "Application PACY" including your cover/motivation letter, CV, and transcripts of grades. Search will continue until vacancies are filled.

Closing date for applications:

Contact: Mark Manulis (mark [AT] manulis.eu)

More information: https://www.manulis.eu/pub.html

Panther Protocol is building an end-to-end privacy protocol for digital assets (zAssets), which can be deployed in a compliant way on any public blockchain. We have ambitious plans to provide financial privacy and give economic freedom to people and institutions, in a compliant way. We are looking to expand our team with extraordinary individuals who share our core values in financial privacy and freedom. Successful applicants will join an experienced and dynamic international team with a cumulative experience of 46 years in the Blockchain industry, 66 years in Finance, and 40+ years in Cryptography. You can read more about the project on our website: https://pantherprotocol.io/ We are recruiting for a skilled Cryptography Engineer that will work closely with our CTO, Game Theorist and the larger team consisting of Researchers and Software Developers.

Closing date for applications:

Contact: Martin Raeburn

More information: https://angel.co/company/panther-protocol/jobs/1979044-cryptography-engineer

Are you an Applied Cryptologist that has a track record in the implementation of products with fundamental cryptology features? Do you have a relevant Master and coding experience in the area of Applied Cryptology? Do you want to design, code and co-invent the next generation of Distributed Systems protocols? At QPQ, we are building the Internet of Economics, a new approach to a compliant and regulated financial systems infrastructure.

What do we give you?
• A stimulating, Socratic intellectual environment.
• Hybrid office approach – we have been a distributed workforce from the start. This role is centred around our European axis, so we expect you to live within +/- 3 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures.
• Good salary, travel expense budget and many future opportunities to participate in the company’s growth.
• The mother of all intellectual challenges!

Responsibilities.
• implement and embed in products cryptographic protocols in the privacy space.
• Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations.
• Focus on zero knowledge schemes which provide privacy and compliance.

Requirements.
• MSc or multi-year experience in cryptography or a closely related field.
• Knowledge of modern cryptographic primitives.
• Be able to productize protocols/schemes/algorithms in at least one relevant programming language (C++ or Rust desirable).
• General understanding of full-stack system architecture.
• Have a thorough approach and be committed to high quality output. Have prior research/code already published in the space.
- Excellent communication and collaboration skills.

Closing date for applications:

Contact: opportunities@qpq.io

Are you fascinated by security? Are you willing to take on the challenge of securing the next generation of computer systems and networks? Do you like to work in a team of young researchers? We are seeking a PhD candidate who is interested in interdisciplinary research on side-channel attacks against quantum devices used in quantum networks and beyond.

Closing date for applications:

Contact: Christian Schaffner

More information: https://vacatures.uva.nl/UvA/job/PhD-Position-on-Side-Channel-Attacks-on-Quantum-Devices-Used-in-Quantum-Networks/742058802/

QuSoft, the Dutch research center for quantum software and the Informatics Institute of the University of Amsterdam are currently seeking applications for a tenure-track and a (permanent) assistant professor position in quantum information science. Apply by 1 April 2022.

Full details: https://vacatures.uva.nl/UvA/job/ivi/742510202/
https://vacatures.uva.nl/UvA/job/QuSoft/742509902/

Closing date for applications:

Contact: Christian Schaffner

More information: https://www.qusoft.org/jobs/

Event date: 27 July to 29 July 2022
Submission deadline: 18 March 2022
Notification: 15 April 2022

Event date: 10 August to 12 August 2022
Submission deadline: 25 April 2022
Notification: 15 June 2022

Event date: 17 October to 21 October 2022
Submission deadline: 22 May 2022
Notification: 25 July 2022

Project 1: (A*STAR) Developing Privacy Enhancing Digital Health Data Sharing

Supervision team: Dr M Mustafa (UoM), Dr LC Cordeiro (UoM), Dr Khin Mi Mi Aung (I²R)

Project 2: (A*STAR) Secure Sharing of Dynamic Data via Privacy-Preserving Distributed Learning Framework

Supervision team: Dr M Mustafa (UoM), Dr LC Cordeiro (UoM), Dr Teo Sin Gee (I²R)

Both projects will advance the state-of-the-art machine learning techniques by developing advanced privacy enhancing technologies utilising the properties of differential privacy, secure multiparty computation and homomorphic encryption. They are part of the joint PhD programme between University of Manchester (UoM) and A*STAR institutions in Singapore, e.g., Institute for Infocomm Research (I²R). The successful applicants will be hosted by both organisations: Year 1 & 4 at UoM in the UK and Year 2 & 3 at I²R in Singapore.

Application Deadline: 01 April 2022

How to Apply : To be considered for these project you MUST submit a formal online application form - full details on how to apply can be found on the BBSRC DTP website www.manchester.ac.uk/bbsrcdtpstudentships

International applicant eligibility requirements: We aim to support the most outstanding applicants from outside the UK. Funding will cover tuition fees and stipend only. This scheme is open to both UK and international applicants. However, we are only able to offer a limited number of studentships to applicants outside the UK. Therefore, full studentships will only be awarded to exceptional quality candidates due to the competitive nature of this scheme.

Some restrictions apply to applicants from certain Asian countries. In general, students from Europe, the Americas, Africa, Australia, New Zealand, Korea and Japan are eligible to apply for the programme. Unfortunately, we cannot accept applications from south-east Asian countries such as Singapore, China and Malaysia.

Closing date for applications:

Contact:

For informal enquiries, please contact Dr Mustafa A. Mustafa - mustafa.mustafa[at]manchester.ac.uk

More information: https://www.bmh.manchester.ac.uk/study/research/astar/projects/

The Embedded System Security Group at University Jean Monnet (Saint-Etienne, France) is looking for motivated PhD students. We are looking for candidates to work on the implementation security of post-quantum NIST finalists. This project aims to develop side-channel attacks and fault attacks against unprotected implementations of the candidates and propose tailored countermeasures.

Your tasks:

Research in the field of post-quantum cryptography

Possible teaching to the extent of 4 hours a week

Your profile:

Master's degree in Computer Science, Mathematics, or a related area by the time of appointment.

Interest in the areas of cryptography and IT security.

Fluency in English (written and spoken).

Knowledge of French is not mandatory.

If you are interested, please send an email including your detailed CV to vincent.grosso@univ-st-etienne.fr and pierre.louis.cayrel@univ-st-etienne.fr. Applications will be reviewed continuously until the position is filled.

Closing date for applications:

Contact: Vincent Grosso (vincent.grosso@univ-st-etienne.fr) and Pierre-Louis Cayrel (pierre.louis.cayrel@univ-st-etienne.fr)

The University of Birmingham’s Centre for Cyber Security and Privacy is looking for a research fellow (postdoc) to work on our EPSRC-funded project on the security analysis of post-quantum cryptography algorithms.

Applicants should have a PhD, or be close to completing a PhD, in a relevant subject (crypto, computer algebra, maths, etc.). Prior track record on post-quantum cryptography and/or cryptanalysis is a plus.

Please contact Christophe Petit (C.Petit.1 at bham dot ac dot uk) for informal enquiries. You can apply online until April 3d, 2022.

Closing date for applications:

Contact: Contact: Christophe Petit C.Petit.1 at bham dot ac dot uk https://christophe.petit.web.ulb.be/

More information: https://bham.taleo.net/careersection/external/jobdetail.ftl?job=2200009O&tz=GMT%2B00%3A00&tzname=Europe%2FLondon