IACR News
Updates on the COVID-19 situation are on the
Announcement channel.
Here you can see all recent updates to the IACR webpage. These updates are also available:
15 February 2023
Chloé Hébant, David Pointcheval, Robert Schädlich
ePrint Report
When multiple users have power or rights, there is always the risk of corruption or abuse. Whereas there is no solution to avoid those malicious behaviors, from the users themselves or from external adversaries, one can strongly deter them with tracing capabilities that will later help to revoke the rights or negatively impact the reputation. On the other hand, privacy is an important issue in many applications, which seems in contradiction with traceability.
In this paper, we first extend usual tracing techniques based on codes so that not just one contributor can be traced but the full collusion. In a second step, we embed suitable codes into a set $\mathcal V$ of vectors in such a way that, given a vector $\mathbf U \in \mathsf{span}(\mathcal V)$, the underlying code can be used to efficiently find a minimal subset $\mathcal X \subseteq \mathcal V$ such that $\mathbf U \in \mathsf{span}(\mathcal X)$.
To meet privacy requirements, we then make the vectors of $\mathsf{span}(\mathcal V)$ anonymous while keeping the efficient tracing mechanism. As an interesting application, we formally define the notion of linearly-homomorphic group signatures and propose a construction from our codes: multiple signatures can be combined to sign any linear subspace in an anonymous way, but a tracing authority is able to trace back all the contributors involved in the signatures of that subspace.
Joakim Brorsson, Bernardo David, Lorenzo Gentile, Elena Pagnin, Paul Stankovski Wagner
ePrint Report
We study the notion of anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation. The first property implies that users keep their identity private when authenticating unless and until an appointed authority requests to revoke this privacy, retroactively. The second property enforces that auditors can verify whether or not this authority has revoked privacy from an issued credential (i.e. learned the identity of the user who owns that credential), holding the authority accountable. In other words, the second property enriches conditionally anonymous credential systems with transparency by design, effectively discouraging such systems from being used for mass surveillance. In this work, we introduce the notion of a PAPR anonymous credential scheme, formalize it as an ideal functionality, and present constructions that are provably secure under standard assumptions in the Universal Composability framework. The core tool in our PAPR construction is a mechanism for randomly selecting an anonymous committee which users secret share their identity information towards, while hiding the identities of the committee members from the authority. As a consequence, in order to initiate the revocation process for a given credential, the authority is forced to post a request on a public bulletin board used as a broadcast channel to contact the anonymous committee that holds the keys needed to decrypt the identity connected to the credential. This mechanism makes the user de-anonymization publicly auditable.
Kaizhan Lin, Jianming Lin, Shiping Cai, Weize Wang, Chang-An Zhao
ePrint Report
Recently, SIKE was broken by the Castryck-Decru attack in polynomial time. To avoid this attack, Fouotsa proposed a SIDH-like scheme called M-SIDH, which hides the information of auxiliary points. The countermeasure also leads to huge parameter sizes, and correspondingly the public key size is relatively large.
In this paper, we present several new techniques to compress the public key of M-SIDH. Our method to compress the key is reminiscent of public-key compression in SIDH/SIKE, including torsion basis generation, pairing computation and discrete logarithm computation. We also prove that compressed M-SIDH is secure if M-SIDH is secure.
Experimental results showed that our approach fits well with compressed M-SIDH. It should be noted that most techniques proposed in this paper could be also utilized into other SIDH-like protocols.
In this paper, we present several new techniques to compress the public key of M-SIDH. Our method to compress the key is reminiscent of public-key compression in SIDH/SIKE, including torsion basis generation, pairing computation and discrete logarithm computation. We also prove that compressed M-SIDH is secure if M-SIDH is secure.
Experimental results showed that our approach fits well with compressed M-SIDH. It should be noted that most techniques proposed in this paper could be also utilized into other SIDH-like protocols.
14 February 2023
Award
Dear IACR members,
Nominations for the 2023 Test-of-Time award (for papers published in 2008) will be accepted until Feb 15, 2023.
https://iacr.org/testoftime
Nominations for the 2023 Test-of-Time award (for papers published in 2008) will be accepted until Feb 15, 2023.
https://iacr.org/testoftime
Real World Crypto
Dear IACR members,
RWC 2023 will take place in Tokyo, Japan on March 27-29 2023.
The registration site is now open:
https://rwc.iacr.org/2023/registration.php
RWC 2023 will take place in Tokyo, Japan on March 27-29 2023.
The registration site is now open:
https://rwc.iacr.org/2023/registration.php
Kyoto, Japan, 19 June - 22 June 2023
Event Calendar
Event date: 19 June to 22 June 2023
Submission deadline: 20 March 2023
Notification: 19 April 2023
Submission deadline: 20 March 2023
Notification: 19 April 2023
13 February 2023
Virtual event, Anywhere on Earth, 19 June - 22 June 2023
Event Calendar
Event date: 19 June to 22 June 2023
Submission deadline: 1 March 2023
Notification: 9 April 2023
Submission deadline: 1 March 2023
Notification: 9 April 2023
Centre for Secure Information Technologies (CSIT), Queen’s University Belfast, UK
Job Posting
The security infrastructure we rely on today is considered broken when a scalable quantum computer is successfully realized. Consequently, the NIST in USA initiated a call develop and standardize of new post-quantum cryptography (or PQC also called quantum-resistant cryptography) schemes replacing established public-key mechanisms (NIST PQC). As PQC is supposed to replace modern public-key schemes in the near future, it will only be considered as a feasible alternative if its constructions can be similarly efficiently implemented on many of the embedded processors existing in today’s digital and pervasive environment. These embedded processors make the backbone of computing and communication, actuating the revolution of the IoT today, with a sky-rocketing demand of more ubiquitous intelligence in future. This project will investigate efficient and lightweight implementations of PQC algorithms on an open-source RISC-V processor as would be used for IoT and edge applications. This project will test, evaluate, and scrutinize the practicability of lattice-based quantum resistant cryptographic schemes (from the NIST PQC) for an IoT end-node device by aggressively exploring several optimizations techniques. RISC-V’s instruction set is designed for modularity and extensibility, based on which domain-specific architecture aimed at a particular application like PQC can be developed. The project will analyse the performance bottlenecks in these implementations to determine how best to improve the efficiency of the algorithms while running on RISC-V using existing and/or custom ISE. This will be followed by an investigation of the performance trade-offs of any proposed approaches. Due to the physical vulnerability of such devices, Side Channel Analysis (SCA) is a significant concern, hence physical security of these devices will be taken up.
Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline.
International studentships are also available.
Closing date for applications:
Contact: Dr. Ayesha Khalid
More information: https://www.qub.ac.uk/courses/postgraduate-research/phd-opportunities/lightweight-post-quantum-cryptography-on-modern-opensource-riscv-processors.html
Centre for Secure Information Technologies (CSIT), Queen’s University Belfast, UK
Job Posting
The number of space-based entities and missions is showing exceptional increase. The longevity of satellites and their associated infrastructure along with the difficulty of changing anything after the launch requires long-term public key cryptography security solutions. Since the foreseeable breakthrough of quantum computers represents a risk for the traditional secure communication paradigm used today, novel Quantum-resistant cryptographic schemes need the immediate attention of the cryptographic community, especially of long-term use cases like satellite communications. This project will take up these new PQC algorithms (from the NIST PQC) and their implementations and test, evaluate, and scrutinize them given a wide range of fundamental design constraints and implementation requirements for the space communication. Lattice based cryptography has emerged as one of the most viable classes of PQC algorithms in the NIST PQC competition, however, several aspects relating to the practicality of this schemes for space communications protocols and its fault tolerance has not been thoroughly evaluated.
Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline.
International studentships are also available.
Closing date for applications:
Contact: Dr. Ayesha Khalid
More information: https://www.qub.ac.uk/courses/postgraduate-research/phd-opportunities/fault-tolerant-post-quantum-cryptography-systems-for-satellite-communications.html
University of Waterloo, Waterloo, Ontario, Canada
Job Posting
The Department of Combinatorics and Optimization at the University of Waterloo invites applications from qualified candidates for a 1.5-year position as a Cryptographic Research Architect on the Open Quantum Safe project (https://openquantumsafe.org/).
This position is available immediately in Professor Stebila’s research group. You will be working with a world-wide team of researchers and developers from academia and industry on the Open Quantum Safe project. You will have the opportunity to push the boundaries of applied post-quantum cryptography and contribute to various open-source projects. You will help integrate new post-quantum cryptographic algorithms into the liboqs open-source library, and design and implement techniques for evaluating and benchmarking these cryptographic algorithms in a variety of contexts.
The field of post-quantum cryptography is rapidly evolving, and you will need to track ongoing changes to algorithms due to peer review and advances by researchers via the the NIST Post-Quantum Cryptography project forum. In addition to algorithm research, tasks cover all aspects of the software development lifecycle and include design, programming cryptographic algorithms, integrating other cryptographic implementations into the liboqs framework, integrating liboqs into 3rd party open-source projects, testing, benchmarking and documentation. You may be asked to take an ownership role in coordinating the development of various sub-component of the Open Quantum Safe project.
The appointment will be a full-time position for 18 months with the possibility of extension, pending on research funding. The salary range is $80,000–$115,000/year and commensurate with experience.
All qualified candidates are encouraged to apply; however, Canadian citizens and permanent residents will be given priority.
For more information on the position and how to apply, please see https://openquantumsafe.org/team/open-positions
Closing date for applications:
Contact: Douglas Stebila (dstebila@uwaterloo.ca)
More information: https://openquantumsafe.org/team/open-positions
Chalmers University of Technology
Job Posting
The CryptoTeam at the Department of Computer Science and Engineering at Chalmers University of Technology (in Gothenburg, Sweden) is looking for an excellent, motivated, and self-driven person who wishes to join the team and do research in cryptography.
The successful candidate will work with Asst. Prof. Elena Pagnin.
The position is fully funded for five years with possible extensions for parental or sick leave, and an attractive salary. The position is linked to a project funded by the Swedish research council focusing on the security and efficiency of progressive verification for cryptographic schemes. If you think this sounds cool, follow the link below and apply!
Applicants are expected to hold an MSc degree in Mathematics and/or Computer Science. Knowledge of cryptographic primitives and information security is preferable, but not mandatory. Only applications via the official portal will be considered.
The position is fully funded for five years with possible extensions for parental or sick leave, and an attractive salary. The position is linked to a project funded by the Swedish research council focusing on the security and efficiency of progressive verification for cryptographic schemes. If you think this sounds cool, follow the link below and apply!
Applicants are expected to hold an MSc degree in Mathematics and/or Computer Science. Knowledge of cryptographic primitives and information security is preferable, but not mandatory. Only applications via the official portal will be considered.
Closing date for applications:
Contact: For more information check out:
- The official ad: https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=11434&rmlang=UK
- Elena's webpage: https://epagnin.github.io
More information: https://www.chalmers.se/en/about-chalmers/work-with-us/vacancies/?rmpage=job&rmjob=11434&rmlang=UK
Leuphana University Lüneburg, Institute of Information Systems
Job Posting
For the Faculty of Management and Technology at the Institute of Information Systems, the University is looking for a responsible, motivated and committed personality as a
Research Assistant
(EG 13 TV-L)
with 50% of the regular weekly working hours of a full-time employee, limited for a period of 3 years.
Your tasks:
Coordination and implementation of courses in the field of business informatics in the amount of 2 SWS
Support for research projects in the area of Network Science
Administrative support
Own scientific further qualification
Your profile:
Completed scientific university studies (Master or equivalent) in the field of Ma-thematics, Business Informatics, Computer Science or Natural Sciences
Strong methodological skills in graph theory, network science or complex systems
Experience in quantitative analysis of networks.
Very good communication skills and organizational skills
Translated with www.DeepL.com/Translator (free version)
Closing date for applications:
Contact: Leuphana Universität Lüneburg Personal und Recht / Bewerbungsmanagement Code: WiMi Network Science Universitätsallee 1 21335 Lüneburg bewerbung@leuphana.de
University of St.Gallen, Switzerland
Job Posting
We are looking for an excellent, motivated, post-doctoral researcher to work in the area of information security and cryptography. The post-doctoral researcher will join Katerina Mitrokotsa's research group (Chair of Cyber Security), working in the area of information and communication security with a focus on authentication protocols, verifiable delegation of computation, and secure multi-party computation. The position is available for one plus one year after a successful review evaluation.
Key Responsibilities:
Please apply asap.
Key Responsibilities:
- The post-doctoral fellow is expected to perform exciting and challenging research in the area of information security and cryptography including the design of provably secure cryptographic protocols.
- The post-doctoral fellow shall be involved in the supervision of PhD and master students
- The post-doctoral researcher is expected to have a PhD degree in Computer Science, Engineering or Mathematics and a strong background in theoretical computer science and cryptography
- Have an excellent publication record in top venues Competitive research record in cryptography or information security
- Strong mathematical and algorithmic CS background
- Good skills in programming is beneficial
- Excellent written and verbal communication skills in English
Please apply asap.
Closing date for applications:
Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)
More information: https://jobs.unisg.ch/offene-stellen/postdoc-fellow-in-cryptography-information-security-m-w-d/c35410fb-40bb-41f2-b298-8be150d8f9b6
University of St.Gallen, Switzerland
Job Posting
We are looking for bright and motivated PhD students to work in the topics of information security and cryptography.
The student is expected to work on topics that include security and privacy issues in authentication. More precisely, the students will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
Please apply asap.
The student is expected to work on topics that include security and privacy issues in authentication. More precisely, the students will be working on investigating efficient and privacy-preserving authentication that provides: i) provable security guarantees, and ii) rigorous privacy guarantees.
Key Responsibilities:
- Perform exciting and challenging research in the domain of information security and cryptography.
- Support and assist in teaching computer security and cryptography courses.
- The PhD students are expected to have a MSc degree or equivalent, and strong background in cryptography, network security and mathematics.
- Experience in one or more domains such as cryptography, design of protocols, secure multi-party computation and differential privacy is beneficial.
- Excellent programming skills.
- Excellent written and verbal communication skills in English
Please apply asap.
Closing date for applications:
Contact:
Eriane Breu, eriane.breu@unisg.ch (Administrative matters)
Prof. Katerina Mitrokotsa, katerina.mitrokotsa@unisg.ch (Research related questions)
Nanyang Technological University, Singapore
Job Posting
The Symmetric Key and Lightweight Cryptography Lab (SyLLab) at NTU Singapore is looking for candidates for Research Fellow/Post-Doc (from fresh Post-Docs to Senior Research Fellows, flexible contract duration) as well as PhD student positions on various topics:
- Symmetric-key cryptography (cryptanalysis, design),
- Machine learning,
- Side-channels attacks,
- Fully homomorphic encryption.
Candidates are expected to have a proven record of publications in top cryptography/security venues.
The positions will be funded by the 5-year National Research Foundation (NRF) Investigatorship grant from Singapore. Salaries are competitive and are determined according to the successful applicant's accomplishments, experience and qualifications. We offer an excellent research environment with a highly international team, with flexible working conditions, budget for conferences/equipment, etc.
Interested applicants should send their detailed CVs and references to Prof. Thomas Peyrin (thomas.peyrin@ntu.edu.sg). The review of applications starts immediately and will continue until positions are filled.
Closing date for applications:
Contact: Thomas Peyrin
More information: https://thomaspeyrin.github.io/web/
09 February 2023
Brisbane, Australia, 5 July - 7 July 2023
Event Calendar
Event date: 5 July to 7 July 2023
Submission deadline: 13 February 2023
Notification: 15 April 2023
Submission deadline: 13 February 2023
Notification: 15 April 2023
Centre for Secure Information Technologies (CSIT), Queen’s University Belfast, UK
Job Posting
Applications are invited for 15 enhanced fully-funded PhD scholarships in the following areas: Network & Wireless Security, Trusted Hardware & Applied Cryptography, Autonomous Security & Security of AI, Industrial Control System and Safety-critical System security.
The DTP provides an opportunity to advance research in these exciting cyber security areas, focus on entreprise and leadership skills, have access to modules on our certified MSc in Advanced Cyber Security and MSc AI and a dedicated training programme, and interact with CSIT industry partners.
Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline.
International studentships are also available.
The DTP provides an opportunity to advance research in these exciting cyber security areas, focus on entreprise and leadership skills, have access to modules on our certified MSc in Advanced Cyber Security and MSc AI and a dedicated training programme, and interact with CSIT industry partners.
Applicants must have at least a 2:1 Honours Degree in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline.
International studentships are also available.
Closing date for applications:
Contact: Dr Jesus Martinez DelRincon
More information: https://www.qub.ac.uk/ecit/CSIT/Cyber-AIHub/CSIT-DTP/
08 February 2023
FSE
This year, three FSE test-of-time awards will
be given for papers published at FSE 2006, FSE 2007 and FSE 2008.
Nominations for these awards should be sent to the chair of the FSE steering committee by February 20 2023.
See: https://tosc.iacr.org/index.php/ToSC/ToT_Award
Nominations for these awards should be sent to the chair of the FSE steering committee by February 20 2023.
See: https://tosc.iacr.org/index.php/ToSC/ToT_Award
FSE
FSE 2023 (March 20-24, 2023): there will be a mirror event hosted in
Kobe, Japan for attendees who are unable to travel to Beijing, China.
See https://fse.iacr.org/2023 for details.
See https://fse.iacr.org/2023 for details.
Announcement
NIST has published NISTIR 8214C ipd: NIST First Call for Multi-Party Threshold Schemes (Initial Public Draft). The call has two categories: cat1, for NIST-specified primitives; and cat2, for primitives not specified by NIST.
The period of public comments is open till April 10, 2023. The participation of the cryptology community is essential for the success of this initiative.
Details here: https://csrc.nist.gov/publications/detail/nistir/8214c/draft
Consider also joining the MPTC forum: https://csrc.nist.gov/projects/threshold-cryptography/email-list
The period of public comments is open till April 10, 2023. The participation of the cryptology community is essential for the success of this initiative.
Details here: https://csrc.nist.gov/publications/detail/nistir/8214c/draft
Consider also joining the MPTC forum: https://csrc.nist.gov/projects/threshold-cryptography/email-list