IACR News
Updates on the COVID-19 situation are on the
Announcement channel.
Here you can see all recent updates to the IACR webpage. These updates are also available:
01 September 2023
University of Luxembourg and KASTEL SRL Germany
Job Posting
The newly founded research group for Cryptographic Protocols located at the University of Luxembourg and the KASTEL Security Research Labs (Germany) is hiring multiple PhD students and PostDocs working on cryptographic primitives and protocols enabling privacy, accountability, and transparency.
A background in provable security (for PhD students: successfully attended courses or a master’s thesis on the subject) is expected. For PostDocs additionally a track record in privacy-preserving protocols is required, including publications at reputable conferences such as Crypto, Eurocrypt, ACM CCS, Asiacrypt, PETS, etc.
Upon an individual agreement, the candidate may be either based mainly at the University of Luxembourg or at the KASTEL Security Research Labs, Germany. As both are excellent environments for research in security and cryptography, the candidate will also profit from regular visits at and joint research projects with the other location. Independent of their main location, PhD candidates will pursue a degree at the University of Luxembourg.
The candidate’s research will be dealing with privacy-preserving cryptographic building blocks and protocols for important application scenarios and result in both theoretical contributions (protocol designs, security models and proofs, etc.) and their efficient implementation. Privacy-preserving payments and data analytics, misuse-resistant lawful interception, and anonymous communication are research topics of particular interest to us.
If you are interested in joining our group, please send an email including your CV and a list of publications (for PostDocs) to andy.rupp@uni.lu. As the positions should be filled as soon as possible, your application will be considered promptly.
A background in provable security (for PhD students: successfully attended courses or a master’s thesis on the subject) is expected. For PostDocs additionally a track record in privacy-preserving protocols is required, including publications at reputable conferences such as Crypto, Eurocrypt, ACM CCS, Asiacrypt, PETS, etc.
Upon an individual agreement, the candidate may be either based mainly at the University of Luxembourg or at the KASTEL Security Research Labs, Germany. As both are excellent environments for research in security and cryptography, the candidate will also profit from regular visits at and joint research projects with the other location. Independent of their main location, PhD candidates will pursue a degree at the University of Luxembourg.
The candidate’s research will be dealing with privacy-preserving cryptographic building blocks and protocols for important application scenarios and result in both theoretical contributions (protocol designs, security models and proofs, etc.) and their efficient implementation. Privacy-preserving payments and data analytics, misuse-resistant lawful interception, and anonymous communication are research topics of particular interest to us.
If you are interested in joining our group, please send an email including your CV and a list of publications (for PostDocs) to andy.rupp@uni.lu. As the positions should be filled as soon as possible, your application will be considered promptly.
Closing date for applications:
Contact: Andy Rupp (andy.rupp@uni.lu)
NXP Semiconductors Gratkorn/Austria, Hamburg/Germany, Toulouse/France OR Eindoven Netherlands
Job Posting
Ready to join the future of innovation in Crypto & Security at NXP?
Become part of a highly talented and dynamic international development team that develops state-of-the art secure cryptographic libraries which are protected against physical and logical attacks, which have applications across all different NXP domains and business lines (payment, identification, mobile, IoT, Automotive, Edge Processing, etc.).
When you join NXP you have the opportunity to broaden your technical knowledge in all of these areas.
Responsibilities
You will develop crypto algorithms (incl. Post Quantum Crypto) based on specifications, being involved from the coding/programming, test, code review, release stages.
You will align with our innovation team, architectural team, hardware teams and support teams to develop the algorithms which contribute to a complete security subsystem in all of NXP's business lines.
Your Profile
Bachelor + 3-5 years of relevant experience Or
You are a graduate with a Master or PhD Degree in Computer Science, Electronics Engineering, Mathematics, Information Technology, Cryptography.
You have a passion for technology, you bring ideas to the table and you are proud of your results.
We offer
We offer you the opportunity to learn and build on your technical knowledge and experience in some of the following areas:
algorithm development including post quantum cryptography (DES, AES, RSA, ECC, SHA and many more)
embedded software development in C and Assembly
work with ARM Cortex M and RISC V platforms
Work on hardware and software countermeasures against side channel (SCA) and fault attacks, (FA).
Ready to create a smarter world? Join the future of Innovation. Join NXP. Apply online!
Become part of a highly talented and dynamic international development team that develops state-of-the art secure cryptographic libraries which are protected against physical and logical attacks, which have applications across all different NXP domains and business lines (payment, identification, mobile, IoT, Automotive, Edge Processing, etc.).
When you join NXP you have the opportunity to broaden your technical knowledge in all of these areas.
Responsibilities
Your Profile
We offer
Ready to create a smarter world? Join the future of Innovation. Join NXP. Apply online!
Closing date for applications:
Contact: Veronika von Hepperger (veronika.vonhepperger@nxp.com)
More information: https://nxp.wd3.myworkdayjobs.com/careers/job/Gratkorn/Embedded-Crypto-Software-Developer--m-f-d-_R-10048239
29 August 2023
Payal, Pooja, Girish Mishra
ePrint Report
Data security has become a paramount concern in the age of data driven applications, necessitating the deployment of robust encryption techniques. This paper presents an in-depth investigation into the strength and randomness of the keystream generated by the Grain cipher, a widely employed stream cipher in secure communication systems. To achieve this objective, we propose the construction of sophisticated deep learning models for keystream prediction and evaluation. The implications of this research extend to the augmentation of our comprehension of the encryption robustness offered by the Grain cipher, accomplished by harnessing the power of deep learning models for cryptanalysis. The insights garnered from this study hold significant promise for guiding the development of more resilient encryption algorithms, thereby reinforcing the security of data transmission across diverse applications.
Yupu Hu, Siyue Dong, Baocang Wang, Xingting Dong
ePrint Report
LV16/Lin17 IO schemes are famous progresses towards simplifying obfuscation mechanism. In fact, these two schemes only constructed two compact functional encryption (CFE) algorithms, while other things were taken to the AJ15 IO frame or BV15 IO frame. CFE algorithms are inserted into the AJ15 IO frame or BV15 IO frame to form a complete IO scheme. We stated the invalidity of LV16/Lin17 IO schemes. More detailedly, under reasonable assumption “real white box (RWB)” LV16/Lin17 CFE algorithms being inserted into AJ15 IO frame are insecure.
In this paper, we continue to state the invalidity of LV16/Lin17 IO schemes. The conclusion of this paper is that LV16/Lin17 CFE algorithms being inserted into BV15 IO frame are insecure. The reasoning of this paper is composed of the following three steps. First, when LV16/Lin17 CFE algorithms are inserted into secret constants. Second, when all secret random numbers are changed into the BV15 IO frame, all secret random numbers must be changed into secret constants, component functions in LV16/Lin17 CFE algorithms are cryptologic weak functions, and shapes of these component functions can be easily obtained by chosen values of independent variables. Finally, the shapes of these component functions include parameters of original function, therefore the IO scheme is insecure.
In this paper, we continue to state the invalidity of LV16/Lin17 IO schemes. The conclusion of this paper is that LV16/Lin17 CFE algorithms being inserted into BV15 IO frame are insecure. The reasoning of this paper is composed of the following three steps. First, when LV16/Lin17 CFE algorithms are inserted into secret constants. Second, when all secret random numbers are changed into the BV15 IO frame, all secret random numbers must be changed into secret constants, component functions in LV16/Lin17 CFE algorithms are cryptologic weak functions, and shapes of these component functions can be easily obtained by chosen values of independent variables. Finally, the shapes of these component functions include parameters of original function, therefore the IO scheme is insecure.
Ayan Sajwan, Girish Mishra
ePrint Report
This research paper explores the vulnerabilities of the lightweight block cipher SPECK 32/64 through the application of differential analysis and deep learning techniques. The primary objectives of the study are to investigate the cipher’s weaknesses and to compare the effectiveness of ResNet as used by Aron Gohr at Crypto2019 and DenseNet . The methodology involves conducting an analysis of differential characteristics to identify potential weaknesses in the cipher’s structure. Experimental results and analysis demonstrate the efficacy of both approaches in compromising the security of SPECK 32/64.
Carmen Wabartha, Julian Liedtke, Nicolas Huber, Daniel Rausch, Ralf Kuesters
ePrint Report
Modern e-voting systems provide what is called verifiability, i.e., voters are able to check that their votes have actually been counted despite potentially malicious servers and voting authorities. Some of these systems, called tally-hiding systems, provide increased privacy by revealing only the actual election result, e.g., the winner of the election, but no further information that is supposed to be kept secret. However, due to these very strong privacy guarantees, supporting complex voting methods at a real-world scale has proven to be very challenging for tally-hiding systems.
A widespread class of elections, and at the same time, one of the most involved ones is parliamentary election with party-based seat-allocation. These elections are performed for millions of voters, dozens of parties, and hundreds of individual candidates competing for seats; they also use very sophisticated multi-step algorithms to compute the final assignment of seats to candidates based on, e.g., party lists, hundreds of electoral constituencies, possibly additional votes for individual candidates, overhang seats, and special exceptions for minorities. So far, it has not been investigated whether and in how far such elections can be performed in a verifiable tally-hiding manner.
In this work, we design and implement the first verifiable (fully) tally-hiding e-voting system for an election from this class, namely, for the German parliament (Bundestag). As part of this effort, we propose several new tally-hiding building blocks that are of independent interest. We perform benchmarks based on actual election data, which show, perhaps surprisingly, that our proposed system is practical even at a real-world scale. Our work thus serves as a foundational feasibility study for this class of elections.
A widespread class of elections, and at the same time, one of the most involved ones is parliamentary election with party-based seat-allocation. These elections are performed for millions of voters, dozens of parties, and hundreds of individual candidates competing for seats; they also use very sophisticated multi-step algorithms to compute the final assignment of seats to candidates based on, e.g., party lists, hundreds of electoral constituencies, possibly additional votes for individual candidates, overhang seats, and special exceptions for minorities. So far, it has not been investigated whether and in how far such elections can be performed in a verifiable tally-hiding manner.
In this work, we design and implement the first verifiable (fully) tally-hiding e-voting system for an election from this class, namely, for the German parliament (Bundestag). As part of this effort, we propose several new tally-hiding building blocks that are of independent interest. We perform benchmarks based on actual election data, which show, perhaps surprisingly, that our proposed system is practical even at a real-world scale. Our work thus serves as a foundational feasibility study for this class of elections.
Nicolas Gama, Anand Kumar Narayanan, Ryder LiuLin, Dongze Yue
ePrint Report
Most of the current lattice-based cryptosystems rely on finding Gaussian Samples from a lattice that are close to a given target. To that end, two popular distributions have been historically defined and studied: the Rounded Gaussian distribution and the Discrete Gaussian distribution.
The first one is nearly trivial to sample: simply round the coordinates of continuous Gaussian samples to their nearest integer. Unfortunately, the security of resulting cryptosystems are not as well understood. In the opposite, the second distribution is only implicitly defined by a restriction of the support of the continuous Gaussian distribution to the discrete lattice points. Thus, algorithms to achieve such distribution are more involved, even in dimension one. The justification for exerting this computational effort is that the resulting lattice-based cryptographic schemes are validated by rigorous security proofs, often by leveraging the fact that the distribution is radial and discrete Gaussians behave well under convolutions, enabling arithmetic between samples, as well as decomposition across dimensions.
In this work, we unify both worlds. We construct out of infinite series, the cumulative density function of a new continuous distribution that acts as surrogate for the cumulative distribution of the discrete Gaussian. If $\mu$ is a center and $x$ a sample of this distribution, then rounding $\mu+x$ yields a faithful Discrete Gaussian sample. This new sampling algorithm naturally splits into a pre-processing/offline phase and a very efficient online phase. The online phase is simple and has a trivial constant time implementation. Modulo the offline phase, our algorithm offers both the efficiency of rounding and the security guarantees associated with discrete Gaussian sampling.
In this work, we unify both worlds. We construct out of infinite series, the cumulative density function of a new continuous distribution that acts as surrogate for the cumulative distribution of the discrete Gaussian. If $\mu$ is a center and $x$ a sample of this distribution, then rounding $\mu+x$ yields a faithful Discrete Gaussian sample. This new sampling algorithm naturally splits into a pre-processing/offline phase and a very efficient online phase. The online phase is simple and has a trivial constant time implementation. Modulo the offline phase, our algorithm offers both the efficiency of rounding and the security guarantees associated with discrete Gaussian sampling.
Markus Krausz, Georg Land, Florian Stolz, Dennis Naujoks, Jan Richter-Brockmann, Tim Güneysu, Lucie Kogelheide
ePrint Report
In this work, we examine widespread components of various Post-Quantum Cryptography (PQC) schemes that exhibit disproportionately high overhead when implemented in software in a side-channel secure manner: fixed-weight polynomial sampling, Cumulative Distribution Table (CDT) sampling, and rotation of polynomials by a secret offset. These components are deployed in a range of lattice-based and code-based Key Encapsulation Mechanisms (KEMs) and signature schemes from NIST’s fourth round of PQC standardization and the signature on-ramp. Masking – to defend against power Side-Channel Analysis (SCA) – on top of required constant-time methods, leads in some of these cases to impractical runtimes. To solve this issue, we start by identifying a small set of core operations, which are crucial for the performance of all three components. We accelerate these operations with an Instruction Set Extension (ISE) featuring masked instructions, which are generic and low-level and can be used in a wide range of cryptographic applications and thereby tackle performance, microarchitectural power leakage, and cryptographic agility, simultaneously. We implement dedicated masked instructions for our core operations as an add-on to the RISC-V core by Gao et al. which features masked instructions for Boolean and arithmetic operations and evaluate several algorithmic approaches in standard and bitsliced implementations on different ISE constellations. Our instructions allow some masked components to run more than one order of magnitude faster and are first-order power side-channel secure, which our practical evaluation confirms.
28 August 2023
Dublin, Ireland, 27 May - 31 May 2024
Event Calendar
Event date: 27 May to 31 May 2024
Submission deadline: 3 December 2023
Notification: 1 March 2024
Submission deadline: 3 December 2023
Notification: 1 March 2024
Sangolqui, Ecuador, 2 October - 3 October 2023
School
Event date: 2 October to 3 October 2023
Virtual event, Anywhere on Earth, 26 September - 28 September 2023
Event Calendar
Event date: 26 September to 28 September 2023
Submission deadline: 5 September 2023
Notification: 12 September 2023
Submission deadline: 5 September 2023
Notification: 12 September 2023
Status.im
Job Posting
Status Logos Blockchain Infra Team
We are building the foundation used by other projects at Logos technology. We are researching consensus algorithms, Multi-Party Computation techniques, ZKPs and other cutting-edge technologies with the aim to take the blockchain to the next level of security, decentralization and scalability, with a special focus on privacy as a fundamental right. We are currently in a research phase, working with models and simulations. In the near future, we will start implementing the research. You will have the opportunity to participate in developing -and improving- the state of the art of blockchain technologies, as well as turning it into a reality.
Closing date for applications:
Contact: catia@status.im
More information: https://grnh.se/e7e9db2e1us
Nokia Bell Labs; Antwerp, Belgium
Job Posting
We have two open positions for internships in Bell Labs for PhD students or Postdocs.
The prospect of researching hard real-world problems and getting a taste of the vibrant Bell Labs community sets these internships apart.
At the Software and Data Systems Research Lab, among other subjects, our lab specializes in building low-latency distributed systems that handle substantial amounts of data. In such systems, typically, not all parties can be trusted since any component can be potentially malicious. Our research focuses on 3 crucial goals:
Computational Integrity: Ensuring the reliability of computations even in distributed systems.
Confidentiality: Safeguarding sensitive data in highly distributed systems while flowing from one location to another, getting transformed from one form to another.
Low Latency: Meeting security requirements without compromising the performance of latency-critical applications, such as stream processing.
Internship Details:
As an intern in our lab, you'll have the opportunity to contribute to applied research in one of these areas, including:
Zero-Knowledge Proofs: Dive into topics like SNARKs, STARKs, and MPC-in-the-Head to enhance computational integrity.
Computing on Encrypted Data: Explore homomorphic encryption (FHE) and secure multiparty computation (MPC) to address confidentiality challenges.
Acceleration: Investigate optimized implementations, software architecture, novel ZKP/FHE/MPC circuits, systems and friendly primitives.
Any other relevant subjects such as zkML, verifiable FHE, applications of function secret sharing, and beyond.
Candidate Profile:
We will jointly define a topic based on your interests, resulting in at least one high-quality paper. You do not have to be an expert in all these subjects; having some relevant background is sufficient.
The internship funding can run until 31/12/2023. That means you should start as quickly as possible. So you should apply now!
The prospect of researching hard real-world problems and getting a taste of the vibrant Bell Labs community sets these internships apart.
At the Software and Data Systems Research Lab, among other subjects, our lab specializes in building low-latency distributed systems that handle substantial amounts of data. In such systems, typically, not all parties can be trusted since any component can be potentially malicious. Our research focuses on 3 crucial goals:
Internship Details:
As an intern in our lab, you'll have the opportunity to contribute to applied research in one of these areas, including:
Candidate Profile:
We will jointly define a topic based on your interests, resulting in at least one high-quality paper. You do not have to be an expert in all these subjects; having some relevant background is sufficient.
The internship funding can run until 31/12/2023. That means you should start as quickly as possible. So you should apply now!
Closing date for applications:
Contact: Emad Heydari Beni (emad.heydari_beni@nokia-bell-labs.com)
The Institute of Science and Technology Austria (ISTA)
Job Posting
ISTA invites applications for several open positions in all areas of computer science including cryptography, systems security and privacy.
We offer:
· Thriving international and interdisciplinary research environment with English as the working language
· State-of-the-art facilities
· Attractive salary and generous start-up package
· Guaranteed annual base funding
· International graduate school
· PhD program with a unique blend of interdisciplinary coursework and research group rotations
· Professional development opportunities
· Employee Assistance Program
· Dual-career support
· Childcare facilities
· Commitment to fostering a diverse and inclusive working environment
· Close proximity to Vienna
Assistant professors receive independent group leader positions with an initial contract of six years, at the end of which they are reviewed by international peers. A positive evaluation leads to promotion to the tenured professor position.
Tenured positions are open to distinguished scientists with several years of experience leading research groups.
We strongly encourage individuals from underrepresented groups to apply.
Closing date for applications:
Contact: Krzysztof Pietrzak (pietrzak@ist.ac.at)
More information: https://www.ista.ac.at/en/jobs/faculty/
The University of Manchester, Department of Computer Science
Job Posting
We are looking for a post-doc researcher to work on subversion-resilient cryptography and related topics. The position is funded as part of the UKRI/EPSRC project "SECCOM" with funding from MoD/Dstl (UK's Defence Science and Technology Laboratory). Offers for the position will therefore be conditional on passing an identity check with Dstl.
The ideal candidate should have a PhD degree in Computer Science or related area (or near completion) and a proven record of publications in cryptography and/or security venues such as Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CCS, S&P, USENIX, ACNS, ESORICS, etc. Experience with protocol composition frameworks (such as the UC framework) is a plus, but not required.
The postdoc will be hosted by Bernardo Magri at the Systems and Software Security group at the CS department of the University of Manchester, UK.
The position is for 2 years and can be filled from September to December 2023, and will remain open until October 2nd 2023. For enquiries please contact Bernardo Magri at the email below. The formal application for the position should be completed at the following link: https://www.jobs.manchester.ac.uk/Job/JobDetail?JobId=26007
The ideal candidate should have a PhD degree in Computer Science or related area (or near completion) and a proven record of publications in cryptography and/or security venues such as Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CCS, S&P, USENIX, ACNS, ESORICS, etc. Experience with protocol composition frameworks (such as the UC framework) is a plus, but not required.
The postdoc will be hosted by Bernardo Magri at the Systems and Software Security group at the CS department of the University of Manchester, UK.
The position is for 2 years and can be filled from September to December 2023, and will remain open until October 2nd 2023. For enquiries please contact Bernardo Magri at the email below. The formal application for the position should be completed at the following link: https://www.jobs.manchester.ac.uk/Job/JobDetail?JobId=26007
Closing date for applications:
Contact: bernardo.magri@manchester.ac.uk
More information: https://www.jobs.manchester.ac.uk/Job/JobDetail?JobId=26007
Institute for IT Security, University of Lübeck, Germany
Job Posting
The Institute for IT Security at the University of Lübeck has a vacancy for a full-time (100%) position as Doctoral Researcher in System Security.
What are your tasks?
We are looking for support in the following subject areas:
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The position is a full-time position to be classified in pay group 13 of the TV-L, including several benefits such as retirement benefits. The employment is initially limited until December 14, 2025, with an option for extension. The review of applications starts immediately until the position is filled.
We are looking for support in the following subject areas:
- Automated code analysis and security analysis of applications
- Analysis and hardening of IoT systems
- Research of software-based protection mechanisms for IoT
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.
- Your main areas of interest are in system security and/or applied cryptography.
- You have experience in the areas of cryptography, code analysis, hardware-oriented programming and/or machine learning.
- You are highly motivated to contribute to international research collaborations and to develop and publish first-class research results.
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The position is a full-time position to be classified in pay group 13 of the TV-L, including several benefits such as retirement benefits. The employment is initially limited until December 14, 2025, with an option for extension. The review of applications starts immediately until the position is filled.
Closing date for applications:
Contact: Thomas Eisenbarth (its.bewerbungen@uni-luebeck.de)
More information: https://www.its.uni-luebeck.de/en/jobs.html
AIT Austrian Institute of Technology; Vienna, Austria
Job Posting
AIT is Austrias largest non-universitary research institute. Its Cyber Security team focuses on various aspects of security, including anomaly detection, cyber ranges, penetration testing, and cryptography. The cryptography group is conducting research in various directions, including secure communication, privacy-enhancing technologies, and long-term and post-quantum security. Given a growing portfolio of research projects, the group seeks to grow and thus has a vacancy for a post-doctoral researcher in related areas.
Requirements:- PhD degree in Computer Science, Cyber Security, or a related field, with a specialization on cryptology
- Profound knowledge in one or more of the following areas: secure multi-party computation (MPC), fully homomorphic encryption (FHE), threshold cryptography, distributed algorithms, privacy-preserving machine learning, verifiable computation
- Strong track record with publications at competitive academic conferences or journals (e.g., Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CCS, S&P, USENIX, ESORICS, ...)
- Good knowledge of a programming language (e.g., C/C++, Rust, Java, Python) and software development is a plus
- Very good written and oral English skills; knowledge of German is not a requirement but willingness to learn German is expected
The position lasts for two years. The salary starts from ~59k€/year, depending on experience. The review process will begin immediately and will continue open until the position has been filled.
Informal inquiries can be done by email, but formal applications must be submitted through: https://jobs.ait.ac.at/Job/215934
Closing date for applications:
Contact: Stephan Krenn; stephan.krenn[at]ait.ac.at
More information: https://jobs.ait.ac.at/Job/215934
Institute for IT Security, University of Lübeck, Germany
Job Posting
The Institute for IT Security at the University of Lübeck offers a fully funded (TV-L 14, 100%) PostDoc position in System Security.
What are your tasks?
We are looking for support in the following subject areas:
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.
Necessary prerequisite is a completed PhD in the field of IT security. Your application should contain a CV, list of publications, a short research statement and at least one contact for a reference letter. What else do we offer?
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The review of applications starts immediately until the position is filled. The employment is initially limited until June 30, 2025, with an option for extension.
We are looking for support in the following subject areas:
- Security analysis and design of trusted execution environments and secure microarchitectures
- Automated code analysis and software-based protection measures, including the use of large language models
- Applied (post-quantum) cryptography and side-channel analysis
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.
- Your main areas of interest are in system security and/or applied cryptography.
- You have experience in the areas of cryptography, code analysis, hardware-oriented programming and/or machine learning.
- You have already published highly at relevant conferences in system security and cryptography (S&P, CCS, USENIX Security, CHES, CRYPTO, Eurocrypt, etc.) and built your own scientific network.
Necessary prerequisite is a completed PhD in the field of IT security. Your application should contain a CV, list of publications, a short research statement and at least one contact for a reference letter. What else do we offer?
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The review of applications starts immediately until the position is filled. The employment is initially limited until June 30, 2025, with an option for extension.
Closing date for applications:
Contact: Thomas Eisenbarth (its.bewerbungen@uni-luebeck.de)
More information: https://www.its.uni-luebeck.de/en/jobs.html
University College Cork, Ireland
Job Posting
The Cryptography Research Group at University College Cork (UCC) is looking for a highly motivated PhD student to work on the project “Adaptive Privacy-preservation in the Internet of Things”. The research work will focus on advanced cryptography and privacy techniques, including local differential privacy and homomorphic encryption/secure multi-party computation, and how they can be deployed in smart settings.
The PhD student will work under the supervision of Principal Investigator Dr. Paolo Palmieri, University College Cork (UCC), and co-Investigator Dr. Hazel Murray, Munster Technological University (MTU). The student will join the thriving Cryptography Group at UCC, where several other PhD students and Post-Docs are carrying out related research. The project is a collaboration between UCC (host organization) and MTU, and part of CONNECT - Centre for Future Networks & Communications, a major Science Foundation Ireland research initiative.
Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required. Applicants should hold a good honours undergraduate or Master's degree in computer science, computer engineering, mathematics, or other relevant subject.
The successful applicant will receive a stipend of €19,000 per annum for four years (subject to successful annual progress reviews). Tuition fees will be covered by the project, and a travel budget is available to present at international conferences. The successful candidate will also have the opportunity to work with the Principal Investigator and co-Investigator extensive network of international research collaborations.
We expect the PhD student to start in Autumn 2023 or shortly thereafter.
The PhD student will work under the supervision of Principal Investigator Dr. Paolo Palmieri, University College Cork (UCC), and co-Investigator Dr. Hazel Murray, Munster Technological University (MTU). The student will join the thriving Cryptography Group at UCC, where several other PhD students and Post-Docs are carrying out related research. The project is a collaboration between UCC (host organization) and MTU, and part of CONNECT - Centre for Future Networks & Communications, a major Science Foundation Ireland research initiative.
Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required. Applicants should hold a good honours undergraduate or Master's degree in computer science, computer engineering, mathematics, or other relevant subject.
The successful applicant will receive a stipend of €19,000 per annum for four years (subject to successful annual progress reviews). Tuition fees will be covered by the project, and a travel budget is available to present at international conferences. The successful candidate will also have the opportunity to work with the Principal Investigator and co-Investigator extensive network of international research collaborations.
We expect the PhD student to start in Autumn 2023 or shortly thereafter.
Closing date for applications:
Contact: General informal enquires about the PhD positions can be made to Dr. Paolo Palmieri at e-mail: p.palmieri@cs.ucc.ie
Applications must be made online by September 7, 2023 at the address: https://ucc.qualtrics.com/jfe/form/SV_brw0JC79mZz2lmu
More information: https://security.ucc.ie/vacancies.html
Xiaoyang Dong, Shun Li, Phuong Pham, Guoyan Zhang
ePrint Report
At ASIACRYPT 2022, Benedikt, Fischlin, and Huppert proposed the quantum herding attacks on iterative hash functions for the first time. Their attack needs exponential size of quantum random access memory (qRAM). As the existence of large qRAM is questionable, Benedikt et al. left open question for building low-qRAM quantum herding attacks.
In this paper, we answer this open question by building a quantum herding attack, where the time complexity is slightly increased from Benedikt et al.'s $2^{0.43n}$ to ours $2^{0.46n}$, but the size of qRAM is reduced from Benedikt et al.'s $2^{0.43n}$ to ours $\mathcal{O}(n)$. Besides, we also introduce various low-qRAM quantum attacks on hash concatenation combiner, hash XOR combiner, Hash-Twice, and Zipper hash functions.
In this paper, we answer this open question by building a quantum herding attack, where the time complexity is slightly increased from Benedikt et al.'s $2^{0.43n}$ to ours $2^{0.46n}$, but the size of qRAM is reduced from Benedikt et al.'s $2^{0.43n}$ to ours $\mathcal{O}(n)$. Besides, we also introduce various low-qRAM quantum attacks on hash concatenation combiner, hash XOR combiner, Hash-Twice, and Zipper hash functions.