IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
30 March 2016
CryptoExperts, Paris, France
Job PostingIn this position, the candidate will be primarily involved in two projects on homomorphic encryption: HEAT (a H2020 project) and CryptoComp (a French project). The focus of these projects is to produce a step change on the practical as well as theoretical aspects of homomorphic encryption. Challenging industrial use-cases will allow to ground the research in practical issues. The candidate will be able to carry research according to its research interests (theoretical and/or practical), and will be offered multiple travel opportunities and interactions with scientists all over Europe. Participation to open-source libraries on homomorphic encryption and proof-of-concept demonstrators will be expected.
Applicants should have a Ph.D. in a relevant subject or equivalent, have a strong publication record and interest in practical protocols. Implementation and coding experience are required.
The position is fully funded for two years (with a flexible starting date). Review of applications will begin immediately until the position has been filled. Knowledge of French is _not_ mandatory. To apply, please send by e-mail the following documents:
- Curriculum vitae with publication list
- Reference letters
Closing date for applications: 30 June 2016
Contact: Pascal Paillier, jobs (at) cryptoexperts.com
More information: https://www.cryptoexperts.com/people/#jobs
University of Oxford
Job PostingDepartment of Computer Science, University of Oxford
Grade 8: Salary £38,896–£46,414 p.a.
An excellent opportunity has arisen to appoint a full-time Departmental Lecturer in Security on the Software Engineering Programme until 30 September 2020. This would be an ideal opportunity to gain teaching experience in an academic role, and to undertake world-class research in an area of significance. You would be a full member of the team responsible for teaching in a variety of topics in Systems Security, and you should have a track record of research in this area.
The main responsibilities include:
- engaging in excellent research within the discipline of Security, including applying for funding to support your research activities, and getting involved in the supervision of doctoral students;
- participating in the teaching and administrative work of the Department;
- examining for the University when required to do so;
- supervising, or assisting in the supervision of graduate students as required.
You should hold a relevant doctoral degree, with teaching and research experience, with sufficient depth and breadth of knowledge in Security to develop modules. A strong publication record and knowledge of existing research in Security, and aptitude for, or experience of, teaching are also required.
Whilst the role is a grade 8 position, we would be willing to consider candidates with potential but less experience who are seeking a development opportunity, for which an initial appointment would be at grade 7 (£30,738-£37,768 p.a.) with the responsibilities adjusted accordingly. This would be discussed with applicants at interview/appointment where appropriate.
The closing date for applications is 12 noon on 22 April 2016. Interviews are expected to be held on 17 or 19 May 2016.
Vacancy ID: 122838
Closing date for applications: 22 April 2016
Contact: Monica Wilson
recruitmentenquiries (at) cs.ox.ac.uk
More information: https://www.recruit.ox.ac.uk/pls/hrisliverecruit/erq_jobspec_version_4.jobspec?p_id=122838
Adam L. Young, Moti Yung
ePrint ReportEshan Chattopadhyay, Vipul Goyal, Xin Li
ePrint ReportHowever, the known constructions are far behind their non-tampered counterparts. Indeed, the best known seeded non-malleable extractor requires min-entropy rate at least $0.49$ \cite{Li12b}; while explicit constructions of non-malleable two-source extractors were not known even if both sources have full min-entropy, and was left as an open problem in \cite{CG14b}.
In this paper we make progress towards solving the above problems and other related generalizations. Our contributions are as follows.
\begin{itemize} \item We construct an explicit seeded non-malleable extractor for min-entropy $k \geq \log^2 n$. This dramatically improves all previous results and gives a simpler 2-round privacy amplification protocol with optimal entropy loss, matching the best known result in \cite{Li15b}. In fact, we construct more general seeded non-malleable extractors (that can handle multiple adversaries) which were used in the recent construction of explicit two-source extractors for polylogarithmic min-entropy \cite{CZ15}.
\item We construct the first explicit non-malleable two-source extractor for min-entropy $k \geq n-n^{\Omega(1)}$, with output size $n^{\Omega(1)}$ and error $2^{-n^{\Omega(1)}}$, thus resolving the open question in \cite{CG14b}.
\item We motivate and initiate the study of two natural generalizations of seedless non-malleable extractors and non-malleable codes, where the sources or the codeword may be tampered many times. For this, we construct the first explicit non-malleable two-source extractor with tampering degree $t$ up to $n^{\Omega(1)}$. %which works for min-entropy $k \geq n-n^{\Omega(1)}$, with output size $n^{\Omega(1)}$ and error $2^{-n^{\Omega(1)}}$. By using the connection in \cite{CG14b} and providing efficient sampling algorithms, we obtain the first explicit non-malleable codes with tampering degree $t$ up to $n^{\Omega(1)}$, relative rate $n^{\Omega(1)}/n$, and error $2^{-n^{\Omega(1)}}$. We call these stronger notions \emph{one-many} and \emph{many-many} non-malleable codes. This provides a stronger information theoretic analogue of a primitive known as continuous non-malleable codes. \end{itemize}
Our basic technique used in all of our constructions can be seen as inspired, in part, by the techniques previously used to construct \emph{cryptographic non-malleable commitments}.
Zvika Brakerski, Renen Perlman
ePrint ReportPrior works either supported only an a-priori bounded number of parties (Lopez-Alt, Tromer and Vaikuntanthan, STOC '12), or only supported single-hop evaluation where all inputs need to be known before the computation starts (Clear and McGoldrick, Crypto '15, Mukherjee and Wichs, Eurocrypt '16). In all aforementioned works, the ciphertext length grew at least quadratically with the number of parties.
Technically, our starting point is the LWE-based approach of previous works. Our result is achieved via a careful use of Gentry's bootstrapping technique, tailored to the specific scheme. Our hardness assumption is that the scheme of Mukherjee and Wichs is circular secure (and thus bootstrappable). A leveled scheme can be achieved under standard LWE.
Siwei Sun, Lei Hu, Peng Wang, Meiqin Wang, Danping Shi, Xiaoshuang Ma, Qianqian Yang, Kai Fu
ePrint ReportMartin Gábris, Martin Stanek
ePrint ReportWe also propose a prefix check optimization for simple state recovery attack on Spritz. We believe that the simple state recovery attack with this optimization and so-called ``change order'' optimization inspired by Knudsen et al. attack on RC4 constitutes currently the best state recovery attack on Spritz (when no special state is observed).
Margarita Osadchy, Julio Hernandez-Castro, Stuart Gibson, Orr Dunkelman, Daniel P ́erez-Cabo
ePrint ReportIn this paper we introduce DeepCAPTCHA, a new and secure CAPTCHA scheme based on adversarial examples, an inherit limitation of the current Deep Learning networks. These adversarial examples are constructed inputs, computed by adding a small and specific perturbation called adversarial noise to correctly classified items, causing the targeted DL network to misclassify them. We show that plain adversarial noise is insufficient to achieve secure CAPTCHA schemes, which leads us to introduce immutable adversarial noise - an adversarial noise resistant to removal attempts.
We implement a proof of concept system and its analysis shows that the scheme offers high security and good usability compared to the best existing CAPTCHAs.
Chunming Tang, Can Xiang, Yanfeng Qi, Keqin Feng
ePrint ReportJung Hee Cheon, Duhyeong Kim
ePrint Report29 March 2016
Darmstadt, Germany, 21 July - 22 July 2016
Event CalendarSubmission deadline: 20 June 2016
Hong Kong Applied Science and Technology Research Institute Company Limited
Job Posting- Develop and implement secure cloud computing and secure software systems.
- Develop cryptographic and encryption technologies.
- Develop mobile security solutions.
- Develop and implement cyber-threat intelligence and defense technologies.
- Perform security review and assessment on information security and e-commerce systems.
- Conduct R&D in various areas which include but not limited to software, network, distributed system, database, and mobile security.
- Bachelor’s degree or above in Computer Science, Electrical Engineering or other relevant disciplines.
- More senior candidates with Master or PhD degree, or with minimum five years’ of experience in software development, i.e. design, implementation, test and documentation will be considered as Senior Engineer.
- Familiar with software development or testing, programming languages on C/C++/ObjC/Java/Javascript.
- Certificates or formal training in information security or with experience in security assessment is a plus, but not a necessity.
- Good knowledge of OS security and virtualization security, and implementation experience on the cloud an advantage.
- A team player with good analytical and communications skills.
- Good command of written and spoken English
Closing date for applications: 15 April 2016
Contact: charlenechoo (at) astri.org
More information: http://www.astri.org/careers/work-at-astri/jobs/senior-engineerssoftware-engineers-information-security-multiple-opening
27 March 2016
University of Cincinnati
Job PostingThe Department of Mathematical Sciences at the University of Cincinnati is seeking applicants for several Visiting Assistant Professorships in mathematics or statistics. Appointments will begin on August 15th, 2016 and will initially be for one year, with the possibility of renewal for a second year. Teaching load will nominally be two (3-4 credit) undergraduate courses per semester. Candidates must have a PhD in mathematics or statistics by the start date. The Department of Mathematical Sciences is dedicated to excellence in both research and teaching. The department has a graduate program offering MS and PhD degrees in mathematics and statistics. The department is looking for candidates with high-quality teaching and research and a strong potential for collaboration in areas of expertise of current faculty.
One of the positions is expected to be in the area of Algebra/Cryptography and the Department is specially interested in people with expertise in the area of multivariate polynomials or lattices.
Completed applications consisting of a cover letter, vita, description of research, description of teaching experience, and three letters of recommendation, at least one of which addresses teaching expertise, should be submitted on MathJobs.org at https://www.mathjobs.org/jobs/jobs/8650.
Applicants should also submit a CV and cover letter to UC’s recruitment system at https://jobs.uc.edu/job/Cincinnati-Assistant-Professor-Visiting-%28Mathematical-Sciences%29-OH-45201/333089700/. Review of applicants will begin immediately and applications will be accepted until the positions are filled.
The University of Cincinnati is an equal opportunity/affirmative action employer with a strong commitment to diversity. We actively seek a broad spectrum of candidates including women, people of color, people with disabilities and veterans.
Closing date for applications: 1 May 2016
Contact: Jintai.Ding (at) uc.edu
More information: https://www.mathjobs.org/jobs/jobs/8650
25 March 2016
National Institute of Standards and Technology (NIST)
Job PostingParticular areas of interest include, but are not limited to: Post-quantum cryptography, lightweight cryptography, security proofs of cryptosystems, cryptanalysis, secure protocols, hardware/software implementations, and cryptographic applications.
For employment with NIST, the candidates must be US citizens. We also host guest researchers through the NIST Foreign Guest Researcher Program.
Closing date for applications: 31 August 2016
Contact: Dr. Lily Chen (Lily dot Chen at NIST dot gov)
University of Surrey
Job PostingThis post offers an exciting opportunity for a Professorial appointment in the Secure Systems group.
The successful candidate will provide leadership in research in security at the highest level and develop strategic partnerships. We are open to a variety of security specialisms that are related to, or complement current strengths of the group including (but not limited to): trusted systems, privacy preserving security, verification of secure systems, IoT security, and human factors in security. It is expected that the post-holder will also contribute to high quality teaching at undergraduate and post-graduate level.
The initial focus of the post is working as part of the senior team to drive forward secure systems research within the Department, across the University and internationally with academia and industry. It offers the unique opportunity to grow cyber security research involving the Institute for Communication Systems and the 5G Innovation Centre, within Surrey, and interdisciplinary research with the Faculty of Health and Medical Sciences. There is potential for the candidate to take on the role of Head of Department in the future. The Department has prioritised growth in the area of security research and immediately after the appointment to this Chair the Department intends to appoint a further faculty member at Senior Lecturer level alongside this post.
Closing date for applications: 3 May 2016
Contact: For an informal discussion about the positions, please contact the Head of Department of Computer Science, Dr Helen Treharne on h.treharne (at) surrey.ac.uk.
More information: http://jobs.surrey.ac.uk/021216
School of Electronics, Electrical Engineering and Computer Science, Queen’s University Belfast, UK
Job PostingWe seek to recruit highly qualified candidates for multiple academic posts to commence in 2016 or 2017 who can build and grow innovative, mission-led research programmes. Candidates should also demonstrate an ability to inspire students and facilitate motivational learning within core undergraduate and specialist postgraduate curricula. Successful candidates will benefit from additional resources such as studentships, engineering and commercial support and will have access to state of the art facilities.
Current research is based around Data Security, Authentication, Cloud and Network Security, IoT and Embedded Systems Security and Cyber-Physical and Industrial Control Systems Security. Moving forward we plan to further strengthen and extend these activities. Candidates with a strong research track record and expertise in one of the following areas of interest are strongly encouraged to apply - post-quantum cryptography, side channel analysis, hardware security, multi-factor authentication technologies for data and device security, cloud and virtualised datacentres security, software defined network security, software security, embedded systems security and secure industrial control systems - including SCADA, Smart Grid and automotive systems.
Applicants must have at least a 2:1 Honours Degree (or equivalent) in Electrical and Electronics Engineering, Computer Science, Mathematics or closely related discipline and a PhD in a relevant subject. Evidence of high quality research in a relevant field commensurate with stage of academic career is essential.
Closing date for applications: 18 April 2016
Contact: Professor Dimitrios S. Nikolopoulos
Email: eeecs-hos (at) qub.ac.uk
More information: http://www.ecit.qub.ac.uk/Aboutus/Recruitment/
Ling Ren, Srinivas Devadas
ePrint ReportRafael Pass, abhi shelat
ePrint ReportTo circumvent the cost of recording all transactions, Wheeler (1996) and Rivest (1997) suggested the notion of a \emph{probabilistic payment}, that is, one implements payments that have \emph{expected} value on the order of micro pennies by running an appropriately biased lottery for a larger payment. While there have been quite a few proposed solutions to such lottery-based micropayment schemes, all these solutions rely on a trusted third party to coordinate the transactions; furthermore, to implement these systems in today's economy would require a a global change to how either banks or electronic payment companies (e.g., Visa and Mastercard) handle transactions.
We put forth a new lottery-based micropayment scheme for any ledger-based transaction system, that can be used today without any change to the current infrastructure. We implement our scheme in a sample web application and show how a single server can handle thousands of micropayment requests per second. We analyze how the scheme can work at Internet scale.