International Association
for Cryptologic Research

Functional commitments (Libert et al.~[ICALP'16]) allow a party to commit to a vector $\vec v$ of length $n$ and later open the commitment at functions of the committed vector succinctly, namely with communication logarithmic or constant in $n$. Existing constructions of functional commitments rely on trusted setups and have either $O(1)$ openings and $O(n)$ parameters, or they have short parameters generatable using public randomness but have $O(\log n)$-size openings. In this work, we ask whether it is possible to construct functional commitments in which both parameters and openings can be of constant size. Our main result is the construction of the first FC schemes matching this complexity. Our constructions support the evaluation of inner products over small integers; they are built using groups of unknown order and rely on succinct protocols over these groups that are secure in the generic group and random oracle model.

Mysten is looking for a remote applied cryptographer & researcher interested in cryptographic protocols & their application to blockchains. You would work with us to design, check & implement mission-critical algorithms a range of areas, including primitives such as pairing-based crypto, signature aggregation & distributed key generation, random beacons, efficient accumulators & zero-knowledge proofs.

This role gives the opportunity to work closely with a senior team of experts in theoretical computer science, cryptography, language & systems design, while enjoying a high degree of ownership & autonomy in working conditions & task prioritization. We regularly publish to conferences like CCS, S&P, CRYPTO, NDSS, FC, AsicCCS, PETS, CT-RSA, ESORICS, ACNS etc.

While the following guidelines reflect some of our thinking about a background we would like to see in a candidate, we are committed to diversity, & more surprising profiles with a good argument to fit & capability are encouraged to apply.

Our ideal candidate would have:
- 2+ years of experience in hands-on software engineering for cryptographic operations, such as signature schemes, accumulators, key management, data encryption & compression.

- Understanding of fundamental cryptographic algorithms & underlying math for any of the following: hash functions, finite field arithmetic, polynomials (FFT) & elliptic curves.

- Experience implementing high-performance & parallelizable protocols in languages such as Rust, Go, Java, or C/C++.

- Experience implementing ZKP circuits or proof systems (Groth16, Halo, Plonk, STARKs, Marlin) is considered a plus.

Our team is 100% remote & we are hiring across the world. Here at Mysten Labs, you’ll be joining a world class team with tremendous growth potential. We raised our 1st funding round ($36m series A) from top Silicon Valley VCs led by Andreessen Horowitz (a16z) with participation from Redpoint, Lightspeed, Coinbase Ventures, Electric Capital, Standard Crypto, NFX, Slow Ventures, Scribble Ventures, Samsung Next, Lux Capital & many other great funds & angels!

Closing date for applications:

Contact: Kostas Chalkias (Chief Cryptographer) kostas {at} mystenlabs.com

More information: https://jobs.lever.co/mystenlabs/3733dd29-260f-41ac-80a6-127bd84aabd1

Full-time remote position

You’ll be building the first ZK rollup in the Polkadot ecosystem with other exciting projects like Whirlpool Cash needing your expertise after.

As a high level blockchain developer with exposure to zero knowledge proofs, or cryptographer in the blockchain space with relevant programming skills, you’ll be working on cutting edge technology that will help shape DeFi.

Responsibilities

Design, implement and build a ZK rollup in Polkadot ecosystem (Rust-Substrate)

Collaborate with our team of elite level rust, cryptography and substrate experts

Research ZK protocols and their underlying mathematical concepts. Study, understand and communicate the latter cryptographic primitives (e.g: signatures, NIZK, key derivation) relevant in the blockchain space.

Produce technical specifications for designs & instantiations of cryptographic protocols

Investigate new zero-knowledge applications im Whirlpool that allow the user to manage their deposits without compromising their privacy

Ensure thorough project quality and security

Write highly secure Rust code

Requirements & skills:

Fluency in Rust, C++, Golang or similar languages, we are working primarily with Rust Substrate.

Experience in cryptography and blockchain infrastructure development

Familiarity with zero-knowledge schemes (Plonk and Plonky preferred).

Passion for Crypto/DeFi

Nice to have:

Experience with scalability techniques such layer 2s (Optimistic and zk-based).

Experience with implementing recursive zk-proofs.

Experience with XMCP and relay-para-chain structure.

Is interested in the Polkadot ecosystem

Perks: Competitive Crypto payments, all made in USDC.

100% remote work. No geographic restrictions.

The ability to work as an independent contractor: We treat you as your own agent and support you accordingly!

Annual Working Equipment Allowance.

Monthly Gym & Fitness Bonus

Global WeWork membership

Annual Personal Development Budget

Closing date for applications:

Contact: Maya Jerath

More information: https://incredulous.bamboohr.com/jobs/view.php?id=124

Medical Data Privacy and Privacy-Preserving ML on Healthcare Data (MDPPML) group at the University of Tübingen is looking for motivated Ph.D. students in the area of Privacy Enhancing Technologies.

Research Topics: Development and analysis of cryptography-based privacy-preserving solutions for real-world healthcare problems. Topics of interest include (but are not limited to): privacy-preserving machine learning, genomic privacy, medical privacy as well as foundations for real-world cryptography.

Your profile:

• Completed Master's degree (or equivalent) at a top university with excellent grades in computer science, or a similar area.
• Knowledge in applied cryptography/security and cryptographic protocols.
• Knowledge in machine learning.
• Very good software development skills.
• Self-motivated, reliable, creative, can work independently and want to do excellent research.

Closing date for applications:

Contact: Dr. Mete Akgün (mete.akguen@uni-tuebingen.de)

We are looking for a Cryptography Architect to join our team to help define the next generation of secure Hardware and Software implementations of Post Quantum Cryptography.

Responsibilities:

Design, implement and analyse post quantum cryptographic algorithms including key exchange algorithms and digital signature schemes

• Investigate new and future algorithms, research potential implementations and optimisation for efficient implementation.
• Develop Architectural descriptions and models of PQ Cryptographic Algorithms
• Interface with the Engineering team, provide specifications for Micro-Architectural planning and implementation.
• Perform security analysis of Post Quantum and Classical Cryptography implementations
• Research and propose secure attack resistant (SCA, Fault) implementations of Post Quantum Algorithms.

Preferred Skills and Qualifications

• PhD or degree in Cryptography, Applied Cryptography, Mathematics or Computer Science
• 2+ years of work experience or research in the field of Post-Quantum Cryptography
• Knowledge of Secure Implementations of cryptography
• Knowledge of Side-channel analysis of cryptographic primitives
• Theoretical understanding of common side-channel countermeasures
• Programming skills , C/C++, Python, Mathematics tools

Closing date for applications:

Contact: Graeme Hickey

More information: https://pqshield.com/

The Chair of Systems Engineering is conducting research in various cooperations with known industry partners and international EU-Third-Party funded projects. Tasks: Independent research in the field of systems engineering, especially in the field of cloud computing, confidential computing and cryptography. The development, publication and presentation of scientific publications at national and international conferences as well as journals are expected. Requirements: - very good university degree (M.Sc., Dipl.) in Computer Science - strong skills in distributed systems - ability to work independently and purposefully in a team - an integrative and cooperative personality with excellent communication and social skills - high engagement - fluency in English - written and oral - interest in interdisciplinary cooperation in all areas of computer science as well as with industrial partners - practical experiences with various programming languages and concepts What we offer: You join a team of enthusiastic scientists who creatively pursue their individual research work. Applications from women are particularly welcome. The same applies to people with disabilities. Your application (in English only) should include: motivation letter, CV, copy of degree certificate and proof of English language skills. Complete applications should be sent to se@mailbox.tu-dresden.de Interested? And you want to know more about it? Please contact: Prof. Dr. Christof Fetzer se@mailbox.tu-dresden.de

Closing date for applications:

Contact: Prof. Dr. Christof Fetzer se@mailbox.tu-dresden.de

Warsaw Doctoral School of Mathematics and Computer Science is looking for Ph.D. students. If you are interested in doing a Ph.D. in cryptography or blockchain at the University of Warsaw please contact Stefan Dziembowski (s.dziembowski+phd@uw.edu.pl)

Closing date for applications:

Contact: Stefan Dziembowski

More information: https://szkolydoktorskie.uw.edu.pl/en/mathematics-and-computer-sciences-recruitment-2022-2023/

The Research group on Cryptology and Information Security (GiCSI) of the Spanish National Research Council is seeking highly motivated professionals in applying for the Comfuturo call (https://comfuturo.es/) to conduct research in the area of cryptographic privacy-enhancing technologies, blockchain-based protocols and security protocols. ComFuturo is a 60-month programme that offers 15 ComFuturo 36-month fellowships to Experienced Researchers of any nationality who have obtained their PhD in the last 10 years and who have not resided or carried out their main activity (work or studies) in Spain for more that 12 months in the last 3 years. The ComFuturo fellows will be selected through a single call and an objective and transparent process which will include an external evaluation. The Spanish National Research Council will recruit, hire and host them. The gross salary is estimated to be around 39.000 - 43.000 €/year. The Research Group in Cryptography and Security is looking for candidates with interest in working in applied cryptography and collaborate with the on-goin H2020 SPIRS project (https://www.spirs-project.eu/) and the Horizon Euroep GOIT project (https://wiki.f-si.org/index.php Horizon_2021_Coordination_and_Support_Action_(CSA)_proposal). Candidates interested in conducting research in quantum-safe cryptography are also welcomed.

Closing date for applications:

Contact: david.arroyo@csic.es

More information: https://comfuturo.es/

LIST is looking for a highly motivated candidate with proven skills in healing the security issues that befall modern software during its development lifecycle, to work on a research project funded by EC with a three-years duration. The recently introduced area of DevSecOps - in medium to large companies - unfortunately lacks automated security tools, while most existing solutions are targeting only one narrow step of the software development lifecycle (SDLC) process but miss a much-needed holistic overview of the global security solution. In this context, the LAZARUS project innovates by intervening in multiple steps of the SDLC, performing targeted security checks and collecting valuable information and intelligence from each step, and exploiting advanced ML and AI methods to convert this intelligence into actionable insights and recommendations. The specific missions of the candidate will include, but are not limited to, participating into the following activities along the project partners:

(1) To predict software security defects before deployment and prevent security breaches.

(2) To develop a set of algorithms that allow quantifying software exploitability and facilitate the work of correcting its errors.

(3) To develop and apply new model-checking techniques to verify the security of software.

(4) To specify and develop two workflow-disruptive techniques which leverages Intel SGX enclave trusted but with the lowest impact on the software lifecycle and on its performance.

(5) To implement and test the developed solutions.

(6) To develop ex-ante information security policies for the demonstration and implement periodic reviews to objectively evaluate adherence to the policies.

Closing date for applications:

Contact: Dr. Qiang Tang (qiang.tang@list.lu)

IOG is a leading company in the crypto industry. We are designing and implementing different blockchains using Proof of Work, Proof of Stake, and permissioned BFT.

We are leaders in the research field, with more than a hundred research papers published in the most influential cryptography conferences and journals (NDSS, ICDCS, EUROCRYPT, CRYPTO, SODA, ACM CCS, Financial Cryptography, ESORICS, S&P, Euro S&P, etc).

Your mission

• Define short, mid, and long term roadmaps for implementation of cryptographic primitives
• Synchronize with the Director of Engineering (or, by default, the CTO) to validate the roadmap, requirements, and strategy for the cryptographic engineering team
• Define and structure the team that is required to satisfy this roadmap
• Provide secure implementations of the cryptographic primitives required by IO projects
• Read and review cryptographic research papers and contribute when possible to implement them as prototypes
• Design, specify, implement, and improve cryptographic primitives in production-grade software directly or delegate to and supervise the applied cryptographers in charge of it
• Review, integrate, and improve common cryptographic primitives, and translate them to other programming languages or delegate/supervise the applied cryptographers in charge of it.

Requirements:

• A STEM Master’s or PhD degree
Solid experience in managing small teams of cryptographic engineers
• Solid understanding of cryptography, its basic theories, and uses
• Senior expertise in developing cryptographic primitives in C/C++ and Rust
• Senior expertise in standard cryptography domains
• Ability to learn new domains like zero-knowledge proofs and MPC and project innovation roadmaps
• Clear understanding and experience of implementing cryptographic primitives delivered by researchers

Please apply via the attached job board link (further details on website).

Closing date for applications:

Contact: Aadil S.

More information: https://apply.workable.com/io-global/j/69087296EB/

Passionate about Cryptography? Want to keep doing research while receiving a good pay? Come and join us as a Post Doctoral Fellow at Lund University! 😎

The Deal: Come here, do good research, share your knowledge. We'll pay you and help you shape your career towards your next goal! For further, official details, follow the link in the ad title.
Eyebird view of your role: You will be part of the research ecosystems around the SSF project SMARTY: Secure Software Update Deployment for the Smart City (RIT17-0035). This will give you access to an exciting workplace where you can foster research in collaboration with your new colleagues. As you'll be joining the security section of the SMARTY team, you will work with one senior researcher (Elena Pagnin) and one PhD student towards the following goals:

• Improving the efficiency of PQ primitives to better suit modern resourceful IoT devices.
• Investigating the potential of lightweight MPC for networks of IoT devices.
• Advancing the research frontiers in PETs, VC, and in other cryptographic schemes suitable for real-time system.

To help you gain experience, you will be given significant research autonomy, and the chance to influence the final outcome of the project. Moreover, if you'd like to develop other skills, you can aid in the supervision of PhD students and Masters' projects, teaching at Masters' and PhD level, and take career-development courses offered by Lund University.
Funding & Timing: You get a 2-year, full-time employment as a Postdoctor at Lund university. The position is available immediately and with a flexible start date. There is an option to renew the contract for 1 additional year subject to acquiring funding (either by the candidate or by the host).

Closing date for applications:

Contact: Applications only via the official link: https://lu.varbi.com/en/what:job/jobID:500134/

More information: https://lu.varbi.com/en/what:job/jobID:500134/

Passionate about cryptography? Want to work on designing, reviewing and implementing cryptography to solve impactful security and privacy problems? Follow the link or contact me directly!

Closing date for applications:

Contact: ysierra (at) apple.com

More information: https://jobs.apple.com/en-us/details/200312812/cryptographic-engineer

Are you an Applied Cryptologist that has a track record in the implementation of products with fundamental cryptology features? Do you have a relevant Master and coding experience in the area of Applied Cryptology? Do you want to design, code and co-invent the next generation of Distributed Systems protocols? At QPQ, we are building the Internet of Economics, a new approach to a compliant and regulated financial systems infrastructure.

What do we give you?
• A stimulating, Socratic intellectual environment.
• Hybrid office approach – we have been a distributed workforce from the start. This role is centred around our European axis, so we expect you to live within +/- 3 hours of CET. We get together a complete team every quarter, so you must be willing to travel and embrace being part of a diverse team drawn from many walks of life and cultures.
• Good salary, travel expense budget and many future opportunities to participate in the company’s growth.
• The mother of all intellectual challenges!

Responsibilities:
• implement and embed in products cryptographic protocols in the privacy space.
• Working with a multi-faceted team of practitioners on a set of blockchain-based privacy protocols interacting with the DeFi space and providing compliance with financial regulations.
• Focus on zero knowledge schemes which provide privacy and compliance.

Requirements:
• MSc or multi-year experience in cryptography or a closely related field.
• Knowledge of modern cryptographic primitives.
• Be able to productize protocols/schemes/algorithms in at least one relevant programming language (C++ or Rust desirable).
• General understanding of full-stack system architecture.
• Have a thorough approach and be committed to high quality output. Have prior research/code already published in the space.
- Excellent communication and collaboration skills.

Closing date for applications:

Contact: opportunities@qpq.io

We are looking for talented and motivated Post-docs to work on the ERC AdG project PROCONTRA: Smart-Contract Protocols: Theory for Applications. The project is about theoretical and applied aspects of blockchain and smart contracts. The ideal candidates should have a Ph.D. degree in cryptography (or related field) from a leading university, and a proven record of publications in top cryptography/security/TCS venues. We offer a competitive salary, a budget for conference travel and research visit, and membership in a young and vibrant team with several international contacts (for more see: www.crypto.edu.pl). A successful candidate will be given substantial academic freedom and can work on a variety of research problems related to the main theme of the project.

Closing date for applications:

Contact: Stefan Dziembowski

More information: https://www.crypto.edu.pl/post-doc

We currently have an opening for a tenure-track assistant professor or associate professor at the Technical University of Denmark. The opening is for research in all areas of cyber security including all areas of cryptography. For more information, click the title link. For questions, feel free to contact us.

Closing date for applications:

Contact: Tyge Tiessen or Christian Majenz (tyti or chmaj at dtu.dk)

More information: https://www.compute.dtu.dk/om-os/ledige-stillinger/job?id=2e9ac066-5deb-4361-a669-7fdcb405f2f8

The most common application for side-channel attacks is the extraction of secret information, such as key material, from the implementation of a cryptographic algorithm. However, using side-channel information, we can extract other types of information related to the internal state of a computing device, such as the instructions executed and the content of registers. We used machine learning to build a side-channel disassembler for the ARM-Cortex M0 architecture, which can extract the executed instructions from the power traces of the device. Our disassembler achieves a success rate of 99% under ideal conditions and 88.2% under realistic conditions when distinguishing between groups of instructions. We also provide an overview of the lessons learned in relation to data preparation and noise minimization techniques.

In this paper we study the effect of using small prime numbers within the Joye-Libert public key encryption scheme. We introduce two novel versions and prove their security. We further show how to choose the system's parameters such that the security results hold. Moreover, we provide a practical comparison between the cryptographic algorithms we introduced and the original Joye-Libert cryptosystem.

Protocols solving the Distributed Discrete Logarithm (DDLog) problem are a core component of many recent constructions of group-based homomorphic secret sharing schemes. On a high-level, these protocols enable two parties to transform multiplicative shares of a secret into additive share locally without any communication. Due to their important applications, various generic optimized DDLog protocols were proposed in the literature, culminating in the asymptotically optimal generic protocol of Dinur, Keller, and Klein (J. Cryptol. 2020) solving DDLog in time $T$ with error probability $O(W/T^2)$ when the magnitude of the secret is bounded by $W$.

Given that DDLog is solved repeatedly with respect to a fixed group in its applications, a natural approach for improving the efficiency of DDLog protocols could be via leveraging some precomputed group-specific advice. To understand the limitations of this approach, we revisit the distributed discrete logarithm problem in the preprocessing model and study the possible time-space trade-offs for DDLog in the generic group model. As our main result, we show that, in a group of size $N$, any generic DDLog protocol for secrets of magnitude $W$ with parties running in time $T$ using precomputed group-specific advice of size $S$ has success probability \[ \epsilon = O\left(\dfrac{T^2}{W} + \dfrac{\max\{S,\log W\} \cdot T^2}{N}\right). \] Thus, assuming $N \geq W \log W$, we get a lower bound $ST^2= \Omega(\epsilon N)$ on the time-space trade-off for DDLog protocols using large advice of size $S= \Omega(N/W)$. Interestingly, for DDLog protocols using \emph{small advice} of size $S=O(N/W)$, we get a lower bound $T^2=\Omega(\epsilon W)$ on the running time, which, in the constant-error regime, asymptotically matches the running time of the DDLog protocol \emph{without any advice} of Dinur et al. (J. Cryptol. 2020). In other words, we show that generic DDLog protocols achieving constant success probability do not benefit from any advice of size $S= O(N/W)$ in the online phase of the DDLog problem.

Verifiable Delay Functions (VDFs) are a set of new crypto- graphic schemes ensuring that an agent has spent some time (evaluation phase) in a unparalleled computation. A key requirement for such a construction is that the verification of the computation’s correctness has to be done in a significantly shorter time than the evaluation phase. This has led VDFs to recently gain exposure in large-scale decentralized projects as a core component of consensus algorithms or spam-prevention mechanisms. In this work, due to the increasing relevance and the lack of literature, we will focus on the optimization of the verification phase of Wesolowski’s VDF and provide a three-axis of improvement concerning multi-exponentiation computation, prime testing techniques, and hash- ing tricks. We will show that our optimizations reduce the computation time of the verification phase between 12% and 35% for the range of parameters considered.

This paper proposes a new block cipher called HARPOCRATES, which is different from traditional SPN, Feistel, or ARX designs. The new design structure that we use is called the substitution convolution network. The novelty of the approach lies in that the substitution function does not use fixed S-boxes. Instead, it uses a key-driven lookup table storing a permutation of all 8-bit values. If the lookup table is sufficiently randomly shuffled, the round sub-operations achieve good confusion and diffusion to the cipher. While designing the cipher, the security, cost, and performances are balanced, keeping the requirements of encryption of data-at-rest in mind. The round sub-operations are massively parallelizable and designed such that a single active bit may make the entire state (an 8 × 16 binary matrix) active in one round. We analyze the security of the cipher against linear, differential, and impossible differential cryptanalysis. The cipher’s resistance against many other attacks like algebraic attacks, structural attacks, and weak keys are also shown. We implemented the cipher in software and hardware; found that the software implementation of the cipher results in better throughput than many well-known ciphers. Although HARPOCRATES is appropriate for the encryption of data-at-rest, it is also well-suited in data-in-transit environments.