IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
18 December 2023
Meta
Job Posting- Privacy-Enhancing Technologies Involving De-Identification, Anonymization, and Encryption
- Honest-Majority MPC and Non-Malleable Encryption
Basic coding skills are a requirement which will be assessed during the application process since the internships are categorized as a general software engineering internship (PhD) at Meta.
However, most important is the cryptographic expertise of the candidate.
Please use the provided link for applying for this position. The link also offers PoCs for questions about the application process.
Closing date for applications:
Contact: For other questions: Daniel Masny dmasny@meta.com
More information: https://www.metacareers.com/v2/jobs/2313453352176132/
University of Surrey
Job PostingClosing Date: Sunday 07 January 2024
At the Computer Science Research Centre in the University of Surrey we are seeking to appoint a number of Lecturers in Computer Science to strengthen our research and ambitious strategic growth. These appointments are on a full-time and permanent basis.
We are particularly looking for applicants in one of the following areas:
- Software Security
- Natural Language Processing
- Human Factors/Usability
- The interface between Artificial Intelligence and Security
Our staff and students come from all over the world and we are proud of our friendly and inclusive culture. The University and the Department specifically are committed to building a culturally diverse organisation. Applications are strongly encouraged from female and minority candidates.
Closing date for applications:
Contact: Informal inquiries can be directed to the Director of the Computer Science Research Centre, Professor Steve Schneider at s.schneider@surrey.ac.uk.
More information: https://jobs.surrey.ac.uk/Vacancy.aspx?id=13713
Daniel J. Bernstein
ePrint ReportIt is easy to see that these numbers overestimate the inherent complexity of software for these KEMs. It is more difficult to systematically measure this inherent complexity.
This paper takes these KEMs as case studies and applies consistent rules to streamline the ref software for the KEMs, while still passing SUPERCOP's tests and preserving the decomposition of specified KEM operations into functions. The resulting software occupies 381 lines for ntruhps4096821, 385 lines for ntruhrss701, 472 lines for kyber1024, and 478 lines for sntrup1277. This paper also identifies the external subroutines used in each case, identifies the extent to which code is shared across different parameter sets, quantifies various software complications specific to each KEM, and finds secret-dependent timings in kyber*/ref.
Amit Jana
ePrint ReportAzade Rezaeezade, Abraham Basurto-Becerra, Léo Weissbart, Guilherme Perin
ePrint ReportAlexandre Augusto Giron, Frederico Schardong, Lucas Pandolfo Perin, Ricardo Custódio, Victor Valle, Víctor Mateu
ePrint ReportLuke Harrison, Samiran Bag, Feng Hao
ePrint Report15 December 2023
Eric Wagner, Martin Serror, Klaus Wehrle, Martin Henze
ePrint ReportAnnouncement
Submission deadline: Jan 8, 2024 at 11:59pm Anywhere on Earth (AoE).
Lund University, Faculty of Engineering (LTH), Department of Electrical and Information Technology
Job PostingThe research topics include side-channel attacks on symmetric and post-quantum cryptographic algorithms, the mathematical foundations of fully homomorphic encryption (FHE) and its safe implementation, and security for dynamic resource allocation in next-generation mobile networks. Senior researchers will be active in the projects and provide supervision.
The main duties of doctoral students are to devote themselves to their research studies, which includes participating in research projects and third cycle courses. The work duties will also include teaching and other departmental duties (no more than 20%).
Third-cycle studies at LTH consist of full-time studies for 4 years. A doctoral studentship is a fixed-term employment of a maximum of 5 years (including 20% departmental duties).
More information can be found in: https://lu.varbi.com/what:job/jobID:679799/
Closing date for applications:
Contact: Christian Gehrmann (christian.gehrmann@eit.lth.se); Thomas Johansson (thomas.johansson@eit.lth.se)
More information: https://lu.varbi.com/what:job/jobID:679799/
Rochester Institute of Technology, Department of Cybersecurity, Rochester, New York, USA
Job Posting- side-channel analysis
- applied cryptography
- software security
- hardware-assisted security
Closing date for applications:
Contact: Billy Brumley (bbbics at rit dot edu)
KISON Research group, Universitat Oberta de Catalunya
Job PostingKISON is a research group focused on creating technologies for the protection of the security of networks, the information transmitted through them and the privacy of their users. The KISON group research lines focus on the compatibility of the security of decentralized networks (e.g. ad-hoc, IoT networks, 5G/6G) and the protection of information in the Internet (especially multimedia contents) with users' rights to privacy.
Applications are invited for a 3-year predoctoral grant in the Network and Information Technologies doctoral programme. Reserach lines are:
More details on research lines:
https://www.uoc.edu/portal/en/escola-doctorat/linies-recerca/linies-nit/information-network/index.html
The candidate should have completed his/her master´s degree by July 2024 in computer science, telecommunications, or a related area.
The starting date will be Sept. 2024.
Full details:
https://www.uoc.edu/portal/en/escola-doctorat/beques/beques-uoc-escola-doctorat/index.html
Deadline: 12/02/2024
Closing date for applications:
Contact: Helena Rifà-Pous
More information: https://www.uoc.edu/en/studies/doctorates/doctorate-technologies-information-networks
Aalto University, Finland
Job PostingBroadly, the PhD study may include the following depending on the skills and interests of the candidate: studying the hardness and relations of underlying mathematical problems, constructing and analysing lattice-based cryptographic schemes, proving theoretical impossibilities, implementing software libraries, performing concrete efficiency evaluation, etc.
We are looking for candidates who have recently completed, or will soon complete, a Master’s degree in cryptography, mathematics, computer science, or other relevant fields of studies. The success candidate will have strong background in mathematics and computer science, especially in areas relevant to the position. Good communication skills and fluent written and spoken English are required.
To apply, please visit:
https://aalto.wd3.myworkdayjobs.com/aalto/job/Otaniemi-Espoo-Finland/Doctoral-Researcher-in-Lattice-based-Cryptography_R38062
Closing date for applications:
Contact:
Russell Lai, e-mail "firstname.lastname@aalto.fi" (research related information)
Susanna Holma, e-mail "firstname.lastname@aalto.fi" (recruitment process)
More information: https://aalto.wd3.myworkdayjobs.com/aalto/job/Otaniemi-Espoo-Finland/Doctoral-Researcher-in-Lattice-based-Cryptography_R38062
Najwa Aaraj, Abdelrahaman Aly, Tim Güneysu, Chiara Marcolla, Johannes Mono, Rogerio Paludo, Iván Santos-González, Mireia Scholz, Eduardo Soria-Vazquez, Victor Sucasas, Ajith Suresh
ePrint ReportFANNG goes beyond SCALE-MAMBA by decoupling offline and online phases and materializing the dealer model in software, enabling a separate set of entities to produce offline material. The framework incorporates database support, a new instruction set for pre-processed material, including garbled circuits and convolutional and matrix multiplication triples. FANNG also implements novel private comparison protocols and an optimized library supporting Neural Network functionality. All our theoretical claims are substantiated by an extensive evaluation using an open-sourced implementation, including the private evaluation of popular neural networks like LeNet and VGG16.
Toluwani Aremu
ePrint ReportVictor Shoup
ePrint ReportPoulami Das, Andreas Erwig, Michael Meyer, Patrick Struck
ePrint ReportIn this work, we advance the study on post-quantum secure signature and wallet schemes. That is, we provide the first formal model for deterministic threshold wallets and we show a generic post-quantum secure construction from any post-quantum secure threshold signature scheme with rerandomizable keys. We then instantiate our construction from the isogeny-based signature scheme CSI-FiSh and we show that our instantiation significantly improves over prior work.
Srinidhi Hari Prasad, Florian Mendel, Martin Schläffer, Rishub Nagpal
ePrint ReportPrasanna Ravi, Arpan Jati, Shivam Bhasin
ePrint ReportUpon bypassing RSA authentication, an attacker can mount any unauthenticated software application on the target device to mount a variety of attacks. Among the several possible attacks, we are interested to perform recovery of the encrypted bitstream in the target boot image of the Zynq-7000 device. To the best of our knowledge, there does not exist any prior work that has reported a practical bitstream recovery attack on the Zynq-7000 device. In the context of bitstream recovery, Ender et al. in 2020 proposed the Starbleed attack that is applicable to standalone Virtex-6 and 7-series Xilinx FPGAs. The design advisory provided by Xilinx as a response to the Starbleed attack claims that the Zynq-7000 SoC is resistant “due to the use of asymmetric and/or symmetric authentication in the boot/configuration process that ensures configuration is authenticated prior to use". Due to the security flaw found in the FSBL, we managed to identify a novel approach to mount the Starbleed attack on the Zynq-7000 device for full bitstream recovery. Thus, as a second contribution of our work, we present the first practical demonstration of the Starbleed attack on the Zynq-7000 SoC. We perform experimental validation of our proposed attacks on the PYNQ-Z1 platform based on the Zynq-7000 SoC.