IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
05 July 2016
Abderrahmane Nitaj, Willy Susilo, Joseph Tonien
ePrint ReportReza Azarderakhsh, Brian Koziel, Seyed Hamed Fatemi Langroudi, Mehran Mozaffari Kermani
ePrint ReportYongzhuang Wei, Enes Pasalic, Fengrong Zhang, Samir Hod\v zi\'c
ePrint Report04 July 2016
Adam O'Neill
ePrint ReportSiamak F. Shahandashti, Feng Hao
ePrint ReportBrian Koziel, Reza Azarderakhsh, Amir Jalali, Mehran Mozaffari Kermani, David Jao
ePrint ReportWei Yuan
ePrint Report01 July 2016
Andrey Bogdanov, Elmar Tischhauser, Philip S. Vejre
ePrint ReportIn this paper, we address this issue by proposing multivariate linear cryptanalysis as a new technique for using multiple linear approximations. Based on multivariate statistics and featuring a novel distinguishing technique based on quadratic discriminant analysis, it allows more realistic modelling of key dependence, while not relying on the limiting assumptions of previous work. Furthermore, it comes with a flexible signal/noise decomposition approach to allow for a realistic estimation of correlations. As an application of multivariate linear cryptanalysis, we provide attacks on 26 and 27 rounds (the latter marginally faster than exhaustive search) of PRESENT under much more realistic assumptions than previous work.
WeiGuo Zhang, LuYang Li, Enes Pasalic
ePrint ReportMikkel Lambæk
ePrint ReportYoo-Seung Won, Dong-Guk Han
ePrint ReportIn this study, we suggest an enhanced variant algorithm to apply to constrained devices. Our solution is based on the principle of the Kogge-Stone carry look-ahead adder, and it uses a divide and conquer approach. In addition, we prove the security of our new algorithm against first-order attack. In implementation results, when $k=64$ and the register bit size of a chip is $8$, $16$ or $32$, we obtain $58$\%, $72$\%, or $68$\% improvement, respectively, over the results obtained using the generic variant. When applying those algorithms to first-order SPECK, we also achieve about $40$\% improvement. Moreover, our proposal extends to higher-order countermeasures as previous study.
1 August 2016
Event CalendarSubmission deadline: 1 August 2016
Brussels, Belgium, 15 September - 16 September 2016
Event CalendarSliema, Malta, 3 April - 7 April 2017
Event CalendarSubmission deadline: 4 November 2016
Notification: 6 January 2017
Paris, France, 26 April - 28 April 2017
Event CalendarSubmission deadline: 4 August 2016
Notification: 17 October 2016
30 June 2016
CRYPTO
Abu Dhabi, UAE, 4 December - 7 December 2016
Event CalendarSubmission deadline: 24 July 2016
Notification: 25 September 2016
Ministry of Justice -Digital & Technology - London
Job PostingA successful candidate will work within several multi-disciplinary agile teams to deliver a high-quality product.
Everyone in this team will be responsible for quality, however this role will have a stronger focus on continuously improving and applying security vulnerability and penetration testing in line with continues integration:
https://www.gov.uk/service-manual/operations/penetration-testing.html
You will be required to challenge and propose changes to existing processes where they do not contribute to the rapid delivery of a secure service.
Essential Skills:
• Ability to work closely with development teams to ensure secure coding is baked in to web applications and architecture
• Ability to carry application and infrastructure vulnerability and penetration testing
• Understanding of virtualisation and cloud technologies
• Ability to build automated testing to align with continuous integration
• Understanding of open source technologies, including web development frameworks and infrastructure.
• Security Testing Tools, both manual and automated
• Open Web Application Security Project (OWASP)
Desirable skills
• CREST or CHECK certifications (team leader or team member)
• Certified Ethical Hacker (CEH)
• CISSP or similar familiarity with security architecture
• Worked in Agile environments
• Physical Security
• Social Engineering
• Static program analysis
• Fuzz testing/fuzzing
Key Focus Areas:
• Applying security vulnerability and penetration testing on Digital products developed with Agile methodologies and continuous integration
• Consult with teams to ensure security is built in at all stages of a product\'s lifecycle.
Closing date for applications: 15 July 2016
Contact: Dom Tomkins, Head of Specialist Recruitment recruitment (at) digital.justice.gov.uk
More information: https://www.civilservicejobs.service.gov.uk/csr/index.cgi?SID=c2VhcmNoX3NsaWNlX2N1cnJlbnQ9MSZjc291cmNlPWNzcXNlYXJjaCZ1c2
Cyber Security Practice - United Arab Emirates
Job PostingThey are currently recruiting some of the world’s top Cyber experts and are seeking candidates for the following roles:
Crypto Developer (Multiple roles) - Must have experience in Elliptic Curve Cryptography (ECC) and ideally some experience in commercial cryptography. PhD Mathematics is preferred.
Please note these are permanent roles which require the successful candidates to be based in the United Arab Emirates. Assistance with relocation will be provided.
On offer is an attractive TAX FREE expatriate package, the opportunity to learn from some of the most highly qualified, well renowned Cyber figures in the business and genuine career opportunities.
To apply for this role please forward a copy of your CV in English to hilary (at) talentboutique.ae.
Closing date for applications: 29 September 2016
29 June 2016
Porto, Portugal, 19 February - 21 February 2017
Event CalendarSubmission deadline: 7 October 2016
Notification: 2 December 2016