IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 March 2017
Karlsruhe Institute of Technology, Germany
Job PostingThe research will take place in the cryptography and security group at KIT. The research position will be multi-year and fully funded, with a starting date as soon as possible (negotiable). There is no closing date; applications will be considered until the position is filled.
For more information about the position, contact Dennis (dot) Hofheinz (at) kit (dot) edu. Your application should include a CV, and a letter of motivation.
Closing date for applications:
Karlsruhe Institute of Technology, Germany
Job PostingThe research will take place in the cryptography and security group at KIT. The research position will be multi-year and fully funded, with a starting date as soon as possible (negotiable). There is no closing date; applications will be considered until the position is filled.
For more information about the position, contact Dennis (dot) Hofheinz (at) kit (dot) edu. Your application should include a CV, and at least two references.
Closing date for applications:
Bregenz, Austria, 24 October - 27 October 2017
Event CalendarSubmission deadline: 15 May 2017
Notification: 3 July 2017
Aarhus University, Denmark
Job PostingApplicants who have completed (or are about to complete) a master in computer science, computer engineering, or math are welcome to apply by contacting me.
All applications will be processed by the Graduate School of Science and Technology of Aarhus University (follow the link for more information). The next deadlines for application is May 1st, (earliest start on August 1st).
Closing date for applications: 1 May 2017
Contact: Claudio Orlandi, Associate Professor
orlandi (at) cs.au.dk
More information: http://talent.au.dk/phd/scienceandtechnology/opencalls/
University of Luxembourg
Job PostingThe successful candidate will join the CryptoLUX group led by Prof. Alex Biryukov. He or she will contribute to a research project on future directions in symmetric cryptography in the areas of:
- Lightweight block ciphers and hash functions
- Side-channel attacks on symmetric cryptosystems and countermeasures
- Design and security analysis of blockchain technologies
- Proof-of-work schemes for use in digital currencies or denial-of-service prevention
The University offers a two-year employment contract which may be extended up to five years.
Closing date for applications: 30 April 2017
Contact: Alex Biryukov
More information: https://www.cryptolux.org
University of Surrey, UK
Job PostingFurther details and instructions for applying are at https://jobs.surrey.ac.uk/vacancy.aspx?ref=083116-R
Salary range: ?39324 to ?57674
We aim to attract outstanding candidates to the Secure Systems group who have strong visions for research, a growing international research profile, a passion for teaching, and who value collaborative research and working in a team.
The first post is in the area of ‘security through hardware and applied cryptography’, an area that we are growing, with the recent appointment of Professor Liqun Chen.
The second post is in ‘secure systems and applications’, to enhance or complement one or more of the following areas: trusted computing, security through hardware, verification, data privacy, cyber-physical and internet of things security, cloud or mobile security, machine learning and data analytics applied to security, human factors, formal methods and applied cryptography.
Applicants to both posts should have a PhD in a relevant subject or equivalent professional experience. An ability to produce high quality outputs is also required. The appointed candidates will be expected to contribute to all aspects of the Department’s activities.
We are looking for individuals academics that can inspire students through their curiosity for leading-edge aspects of technology. The Department runs a GCHQ-certified MSc in Information Security, which is the flagship programme of the Secure Systems group.
The University and the Department specifically are committed to building a culturally diverse organisation and strongly encourages applications from female and minority candidates. The Department shares the Athena SWAN ideals with respect to the equality and diversity agenda.
Closing date for applications: 2 May 2017
Contact: Professor Steve Schneider
Director of Surrey Centre for Cyber Security
University of Surrey, Guildford, Surrey GU2 7XH, UK
s.schneider (at) surrey.ac.uk
+44 1483 689637
More information: https://jobs.surrey.ac.uk/vacancy.aspx?ref=083116-R
Karlsruhe Institute of Technology, Germany
Job PostingWe are looking for a PhD student in theoretical cryptography. The research focus should be the development and analysis of classical and new cryptographic building blocks (such as public-key encryption and obfuscation).
The research will take place in the cryptography and security group at KIT. The research position will be multi-year and fully funded, with a starting date as soon as possible (negotiable). There is no closing date; applications will be considered until the position is filled.
For more information about the position, contact Dennis (dot) Hofheinz (at) kit (dot) edu. Your application should include a CV, and a letter of motivation.
Closing date for applications:
Karlsruhe Institute of Technology, Germany
Job PostingWe are looking for a postdoctoral researcher in theoretical cryptography. The research focus should be the development and analysis of classical and new cryptographic building blocks (such as public-key encryption and obfuscation).
The research will take place in the cryptography and security group at KIT. The research position will be multi-year and fully funded, with a starting date as soon as possible (negotiable). There is no closing date; applications will be considered until the position is filled.
For more information about the position, contact Dennis (dot) Hofheinz (at) kit (dot) edu. Your application should include a CV, and at least two references.
Closing date for applications:
University of Birmingham, UK
Job PostingThe Security and Privacy Group* at Birmingham seeks applications for a new permanent Lecturer post in cyber security.
Candidates are expected to have established research careers, demonstrating sustained excellent publication record and some ability to attract research funding. We encourage candidates whose research complements and extends the current capabilities of the group**, but are particularly interested in those working in the areas of systems security, malware analysis and/or reverse engineering.
The deadline for applications is 2 April 2017. Further details and instructions for applying are at
- http://www.jobs.ac.uk/job/AXS707/lecturer-in-computer-security/
The School of Computer Science is ranked in the top 10 UK computer science departments for the number of world-leading publications in terms of originality, significance and rigour by the Research Excellence Framework 2014, conducted by the UK government. The University has identified computer security and privacy as an area for investment. The group is a GCHQ/EPSRC Academic Centre of Excellence in Cyber Security Research, one of 13 such centres in the UK. Informal enquiries about these posts are welcome, and can be addressed to any member of the group and/or to Professor Mark Ryan, m.d.ryan[at]cs.bham.ac.uk.
* Members of the group are: Rami Bahsoon, Ian Batten, Tom Chothia, David Galindo, Flavio Garcia, David Oswald, Dave Parker, Eike Ritter, Mark Ryan, Erik Tews.
** The current research focus of the group includes: applied cryptography, formal verification, automotive security, embedded devices and IoT security (including ICS), wireless security, cloud security, electronic voting, and security and privacy for society.
Closing date for applications: 2 April 2017
More information: http://sec.cs.bham.ac.uk/index.html#vacancies
20 March 2017
Ralf Kuesters, Daniel Rausch
ePrint ReportWe would therefore like to get rid of reduction proofs for real-world key exchange protocols as much as possible and in many cases altogether, also for higher-level protocols which use the exchanged keys. So far some first steps have been taken in this direction. But existing work is still quite limited, and, for example, does not support Diffie-Hellman (DH) key exchange, a prevalent cryptographic primitive for real-world protocols.
In this paper, building on work by K{\"u}sters and Tuengerthal, we provide an ideal functionality in the universal composability setting which supports several common cryptographic primitives, including DH key exchange. This functionality helps to avoid reduction proofs in the analysis of real-world protocols and often eliminates them completely. We also propose a new general ideal key exchange functionality which allows higher-level protocols to use exchanged keys in an ideal way. As a proof of concept, we apply our framework to three practical DH key exchange protocols, namely ISO 9798-3, SIGMA, and OPTLS.
Lorenzo Grassi, Christian Rechberger
ePrint ReportAES is often considered as a target of such analyses, simply because AES or its building blocks are used in many settings that go beyond classical encryption. The most recent known-key model of Gilbert (proposed at Asiacrypt 2014) allows to consider two 4-round distinguishers combined in an inside-out fashion (8 core rounds), and to extend it by one round in each direction (two extension rounds). The resulting 10-round distinguisher has a time complexity of $2^{64}$. In that work, arguments were put forward suggesting that two extension rounds seems to be the limit in the known-key model, and that likely only a distinguisher that exploits the balance property can be extended in such way.
In this paper we disprove both these conjectures and arrive at the following results. We firstly show that the technique proposed by Gilbert can also be used to extend a known-key distinguisher based on truncated differential trails. This allows to improve all the known-key distinguishers currently present in literature for AES up to 10 rounds of AES. In particular, we are able to set up a 9-round known-key distinguisher for AES with a time complexity of $2^{23}$ and a 10-round known-key distinguisher with a time complexity of $2^{50}$. Secondly we are also able to show that more than two extension rounds are possible. As a result of this, we describe the first known-key distinguishers on 12 rounds of AES, by extending an 8-round known-key distinguisher by two rounds in each direction (four extension rounds). The time complexity is $2^{82}$.
We conclude with a discussion on why it seems not feasible to set up similar distinguishers on 14 rounds exploiting the same strategy.
Changhai Ou, Degang Sun, Zhu Wang, Xinping Zhou, Juan Ai
ePrint ReportChris Brzuska, Håkon Jacobsen
ePrint ReportAdditionally, we show that the security of EAP can easily be upgraded to provide \emph{full} forward secrecy simply by adding a subsequent key-confirmation step between the client and the authenticator. In practice this key-confirmation step is often carried out in the form of a 2P-AKE protocol which uses EAP to bootstrap its authentication. A concrete example is the extremely common IEEE~802.11 protocol used in WLANs. In enterprise settings EAP is often used in conjunction with IEEE~802.11 in order to allow the wireless client to authenticate itself to a wireless access point (the authenticator) through some centrally administrated server. Building on our modular results for EAP, we get as our second major result the first reduction-based security result for IEEE~802.11 combined with EAP.
Jean-Sebastien Coron
ePrint ReportDan Boneh, Rosario Gennaro, Steven Goldfeder, Sam Kim
ePrint ReportHuijia Lin, Stefano Tessaro
ePrint ReportThis paper presents new candidate constructions of indistinguishability obfuscation from (i) $L$-linear maps for any $L \ge 2$, and (ii) PRGs with block-wise locality $L$. A PRG has block-wise locality $L$ if every output bit depends on at most $L$ (disjoint) input blocks, each consisting of up to $\log \lambda$ input bits. In particular, we give:
A construction of a general-purpose indistinguishability obfuscator from $L$-linear maps and a subexponentially-secure PRG with block-wise locality $L$ and polynomial stretch.
A construction of general-purpose functional encryption from $L$-linear maps and any slightly super-polynomially secure PRG with block-wise locality $L$ and polynomial stretch.
All our constructions are based on the SXDH assumption on $L$-linear maps and subexponential Learning With Errors (LWE) assumption. In the special case of $L = 2$, our constructions can be alternatively based on bilinear maps with the Matrix Diffie-Hellman assumption and the 3-party Decision Diffie Hellman assumption, without assuming LWE. Concurrently, we initiate the study of candidate PRGs with block-wise locality $L\ge 2$ based on Goldreich's local functions, and their security. In particular, lower bounds on the locality of PRGs do not apply to block-wise locality for any $L \ge 2$, and the security of instantiations with block-wise locality $L \ge 3$ is backed by similar validation as constructions with (conventional) locality $5$. We complement this with hardness amplification techniques that weaken the pseudorandomness requirement on our candidates to qualitatively weaker requirements.
Mitar Milutinovic, Warren He, Howard Wu, Maxinder Kanwal
ePrint ReportDillibabu Shanmugam, Ravikumar Selvam, Suganya Annadurai
ePrint ReportMohamed Saied Emam Mohamed, Albrecht Petzoldt
ePrint ReportJoël Cathébras, Alexandre Carbon, Renaud Sirdey, Nicolas Ventroux
ePrint ReportBesides scheme improvements, new practical approaches were proposed to bring homomorphic encryption closer to practice. The $IV$-based stream cipher trans-ciphering approach brought by Canteaut et al. in 2015 reduces the on-line latency of the trans-ciphering process to a simple homomorphic addition. The homomorphic evaluation of stream ciphers, that produces the trans-ciphering keystream, could be computed in an off-line phase, resulting in an almost transparent trans-ciphering process from the user point of view. This approach combined with hardware accelerations could bring homomorphic encryption closer to practice.
This paper deals the choice of FV parameters for efficient implementation of this scheme in the light of related works' common approaches. At first sight, using large polynomial degree to reduce the coefficients size seemed to be advantageous, but further observations contradict it. Large polynomial degrees imply larger ciphertexts and more complex implementations, but smaller ones imply more primes to find for CRT polynomial representation. The result of this preliminary work for the choice of an adequate hardware target motivates the choice of small degree polynomials rather than small coefficients for the FV scheme.