IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
09 May 2022
Institute of Systems Architecture, Chair of Systems Engineering (www.inf.tu-dresden.de/sya/se)
Job PostingClosing date for applications:
Contact: Prof. Dr. Christof Fetzer se@mailbox.tu-dresden.de
08 May 2022
University of Warsaw
Job PostingClosing date for applications:
Contact: Stefan Dziembowski
More information: https://szkolydoktorskie.uw.edu.pl/en/mathematics-and-computer-sciences-recruitment-2022-2023/
Spanish National Research Council
Job PostingClosing date for applications:
Contact: david.arroyo@csic.es
More information: https://comfuturo.es/
Luxembourg Institute of Science and Technology, Luxembourg
Job Posting(1) To predict software security defects before deployment and prevent security breaches.
(2) To develop a set of algorithms that allow quantifying software exploitability and facilitate the work of correcting its errors.
(3) To develop and apply new model-checking techniques to verify the security of software.
(4) To specify and develop two workflow-disruptive techniques which leverages Intel SGX enclave trusted but with the lowest impact on the software lifecycle and on its performance.
(5) To implement and test the developed solutions.
(6) To develop ex-ante information security policies for the demonstration and implement periodic reviews to objectively evaluate adherence to the policies.
Closing date for applications:
Contact: Dr. Qiang Tang (qiang.tang@list.lu)
IO Global, remote working opportunity
Job PostingWe are leaders in the research field, with more than a hundred research papers published in the most influential cryptography conferences and journals (NDSS, ICDCS, EUROCRYPT, CRYPTO, SODA, ACM CCS, Financial Cryptography, ESORICS, S&P, Euro S&P, etc).
Your mission
- Define short, mid, and long term roadmaps for implementation of cryptographic primitives
- Synchronize with the Director of Engineering (or, by default, the CTO) to validate the roadmap, requirements, and strategy for the cryptographic engineering team
- Define and structure the team that is required to satisfy this roadmap
- Provide secure implementations of the cryptographic primitives required by IO projects
- Read and review cryptographic research papers and contribute when possible to implement them as prototypes
- Design, specify, implement, and improve cryptographic primitives in production-grade software directly or delegate to and supervise the applied cryptographers in charge of it
- Review, integrate, and improve common cryptographic primitives, and translate them to other programming languages or delegate/supervise the applied cryptographers in charge of it.
- A STEM Master’s or PhD degree Solid experience in managing small teams of cryptographic engineers
- Solid understanding of cryptography, its basic theories, and uses
- Senior expertise in developing cryptographic primitives in C/C++ and Rust
- Senior expertise in standard cryptography domains
- Ability to learn new domains like zero-knowledge proofs and MPC and project innovation roadmaps
- Clear understanding and experience of implementing cryptographic primitives delivered by researchers
Closing date for applications:
Contact: Aadil S.
More information: https://apply.workable.com/io-global/j/69087296EB/
Lund University
Job PostingThe Deal: Come here, do good research, share your knowledge. We'll pay you and help you shape your career towards your next goal! For further, official details, follow the link in the ad title.
Eyebird view of your role: You will be part of the research ecosystems around the SSF project SMARTY: Secure Software Update Deployment for the Smart City (RIT17-0035). This will give you access to an exciting workplace where you can foster research in collaboration with your new colleagues. As you'll be joining the security section of the SMARTY team, you will work with one senior researcher (Elena Pagnin) and one PhD student towards the following goals:
- Improving the efficiency of PQ primitives to better suit modern resourceful IoT devices.
- Investigating the potential of lightweight MPC for networks of IoT devices.
- Advancing the research frontiers in PETs, VC, and in other cryptographic schemes suitable for real-time system.
Funding & Timing: You get a 2-year, full-time employment as a Postdoctor at Lund university. The position is available immediately and with a flexible start date. There is an option to renew the contract for 1 additional year subject to acquiring funding (either by the candidate or by the host).
Closing date for applications:
Contact: Applications only via the official link: https://lu.varbi.com/en/what:job/jobID:500134/
More information: https://lu.varbi.com/en/what:job/jobID:500134/
04 May 2022
Apple
Job PostingClosing date for applications:
Contact: ysierra (at) apple.com
More information: https://jobs.apple.com/en-us/details/200312812/cryptographic-engineer
QPQ Global
Job PostingWhat do we give you?
• A stimulating, Socratic intellectual environment.
• Hybrid office approach – we have been a distributed workforce from the start. This role is centred around our European axis, so we expect you to live within +/- 3 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures.
• Good salary, travel expense budget and many future opportunities to participate in the company’s growth.
• The mother of all intellectual challenges!
Responsibilities:
• implement and embed in products cryptographic protocols in the privacy space.
• Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations.
• Focus on zero knowledge schemes which provide privacy and compliance.
Requirements:
• MSc or multi-year experience in cryptography or a closely related field.
• Knowledge of modern cryptographic primitives.
• Be able to productize protocols/schemes/algorithms in at least one relevant programming language (C++ or Rust desirable).
• General understanding of full-stack system architecture.
• Have a thorough approach and be committed to high quality output. Have prior research/code already published in the space.
- Excellent communication and collaboration skills.
Closing date for applications:
Contact: opportunities@qpq.io
University of Warsaw
Job PostingClosing date for applications:
Contact: Stefan Dziembowski
More information: https://www.crypto.edu.pl/post-doc
Technical University of Denmark, Kgs. Lyngby, Denmark
Job PostingClosing date for applications:
Contact: Tyge Tiessen or Christian Majenz (tyti or chmaj at dtu.dk)
More information: https://www.compute.dtu.dk/om-os/ledige-stillinger/job?id=2e9ac066-5deb-4361-a669-7fdcb405f2f8
02 May 2022
Jurian van Geest, Ileana Buhan
ePrint ReportGeorge Teseleanu
ePrint ReportPavel Hubáček, Ľubica Jančová, Veronika Králová
ePrint ReportGiven that DDLog is solved repeatedly with respect to a fixed group in its applications, a natural approach for improving the efficiency of DDLog protocols could be via leveraging some precomputed group-specific advice. To understand the limitations of this approach, we revisit the distributed discrete logarithm problem in the preprocessing model and study the possible time-space trade-offs for DDLog in the generic group model. As our main result, we show that, in a group of size $N$, any generic DDLog protocol for secrets of magnitude $W$ with parties running in time $T$ using precomputed group-specific advice of size $S$ has success probability \[ \epsilon = O\left(\dfrac{T^2}{W} + \dfrac{\max\{S,\log W\} \cdot T^2}{N}\right). \] Thus, assuming $N \geq W \log W$, we get a lower bound $ST^2= \Omega(\epsilon N)$ on the time-space trade-off for DDLog protocols using large advice of size $S= \Omega(N/W)$. Interestingly, for DDLog protocols using \emph{small advice} of size $S=O(N/W)$, we get a lower bound $T^2=\Omega(\epsilon W)$ on the running time, which, in the constant-error regime, asymptotically matches the running time of the DDLog protocol \emph{without any advice} of Dinur et al. (J. Cryptol. 2020). In other words, we show that generic DDLog protocols achieving constant success probability do not benefit from any advice of size $S= O(N/W)$ in the online phase of the DDLog problem.
Vidal Attias, Luigi Vigneri, Vassil Dimitrov
ePrint ReportMd Rasid Ali, Debranjan Pal, Abhijit Das, Dipanwita Roychowdhury
ePrint ReportJeremy Booher, Ross Bowden, Javad Doliskani, Tako Boris Fouotsa, Steven D. Galbraith, Sabrina Kunzweiler, Simon-Philipp Merz, Christophe Petit, Benjamin Smith, Katherine E. Stange, Yan Bo Ti, Christel
ePrint ReportJaime Gutierrez, Jorge Jimenez Urroz
ePrint ReportDimitris Mouris, Charles Gouert, Nektarios Georgios Tsoutsos
ePrint ReportAntonio Guimarães, Edson Borin, Diego F. Aranha
ePrint ReportQian Guo, Andreas Johansson, Thomas Johansson
ePrint ReportThe attack is described using power analysis both on the FPGA reference implementation and a software implementation running on an ARM Cortex-M4. We use a machine-learning-based classification algorithm to determine the error locator polynomial from a single trace. The attack is fully implemented and evaluated in the Chipwhisperer framework and is successful in practice. For the smallest parameter set, it is using about 300 traces for partial key recovery and less than 800 traces for full key recovery, in the FPGA case. A similar number of traces are required for a successful attack on the ARM software implementation.