International Association
for Cryptologic Research

The division property proposed at Eurocrypt'15 is a novel technique to find integral distinguishers, which has been applied to most kinds of symmetric ciphers such as block ciphers, stream ciphers, and authenticated encryption,~\textit{etc}. The original division property is word-oriented, and later the bit-based one was proposed at FSE'16 to get better integral property, which is composed of conventional bit-based division property (two-subset division property) and bit-based division property using three subsets (three-subset division property). Three-subset division property has more potential to achieve better integral distinguishers compared with the two-subset division property. The bit-based division property could not be to apply to ciphers with large block sizes due to its unpractical complexity. At Asiacrypt'16, the two-subset division property was modeled using Mixed Integral Linear Programming (MILP) technique, and the limits of block sizes were eliminated. However, there is still no efficient method searching for three-subset division property. The propagation rule of the \texttt{XOR} operation for $\mathbb{L}$ \footnote{The definition of $\mathbb{L}$ and $\mathbb{K}$ is introduced in Section 2.}, which is a set used in the three-set division property but not in two-set one, requires to remove some specific vectors, and new vectors generated from $\mathbb{L}$ should be appended to $\mathbb{K}$ when \texttt{Key-XOR} operation is applied, both of which are difficult for common automatic tools such as MILP, SMT or CP. In this paper, we overcome one of the two challenges, concretely, we address the problem to add new vectors into $\mathbb{K}$ from $\mathbb{L}$ in an automatic search model. Moreover, we present a new model automatically searching for a variant three-subset division property (VTDP) with STP solver. The variant is weaker than the original three-subset division property (OTDP) but it is still powerful in some ciphers. Most importantly, this model has no constraints on the block size of target ciphers, which can also be applied to ARX and S-box based ciphers. As illustrations, some improved integral distinguishers have been achieved for SIMON32, SIMON32/48/64(102), SPECK32 and KATAN/KTANTAN32/48/64 according to the number of rounds or number of even/odd-parity bits.

Division property is a generalized integral property proposed by Todo at EUROCRYPT 2015, and then conventional bit-based division property (CBDP) and bit-based division property using three subsets (BDPT) were proposed by Todo and Morii at FSE 2016. The huge time and memory complexity that once restricted the applications of CBDP have been solved by Xiang et al. at ASIACRYPT 2016. They extended Mixed Integer Linear Programming (MILP) method to search integral distinguishers based on CBDP. BDPT can find more accurate integral distinguishers than CBDP, but it can not be modeled efficiently. Thus it cannot be applied to block ciphers with block size larger than 32 bits. In this paper, we focus on the feasibility of applying MILP-aided method to search integral distinguishers based on BDPT. We firstly study how to get the BDPT propagation rules of an S-box. Based on that we can efficiently describe the BDPT propagation of cipher which has S-box. Moreover, we propose a technique called ``fast propagation", which can translate BDPT into CBDP, then the balanced bits based on BDPT can be presented. Together with the propagation properties of BDPT, we can use MILP method based on CBDP to search integral distinguishers based on BDPT. In order to prove the efficiency of our method, we search integral distinguishers on SIMON, SIMECK, PRESENT, RECTANGLE, LBlock, and TWINE. For SIMON64, PRESENT, and RECTANGLE, we find more balanced bits than the previous longest distinguishers. For LBlock, we find a 17-round integral distinguisher which is one more round than the previous longest integral distinguisher, and a better 16-round integral distinguisher with less active bits can be obtain. For other ciphers, our results are in accordance with the previous longest distinguishers.

Large-scale quantum computing is a significant threat to classical public-key cryptography. In strong “quantum access” security models, numerous symmetric-key cryptosystems are also vulnerable. We consider classical encryption in a model which grants the adversary quantum oracle access to encryption and decryption, but where the latter is restricted to non-adaptive (i.e., pre-challenge) queries only. We define this model formally using appropriate notions of ciphertext indistinguishability and semantic security (which are equivalent by standard arguments) and call it QCCA1 in analogy to the classical CCA1 security model. Using a bound on quantum random-access codes, we show that the standard PRF- and PRP-based encryption schemes are QCCA1-secure when instantiated with quantum-secure primitives.

We then revisit standard IND-CPA-secure Learning with Errors (LWE) encryption and show that leaking just one quantum decryption query (and no other queries or leakage of any kind) allows the adversary to recover the full secret key with constant success probability. In the classical setting, by contrast, recovering the key uses a linear number of decryption queries, and this is optimal. The algorithm at the core of our attack is a (large-modulus version of) the well-known Bernstein-Vazirani algorithm. We emphasize that our results should not be interpreted as a weakness of these cryptosystems in their stated security setting (i.e., post-quantum chosen-plaintext secrecy). Rather, our results mean that, if these cryptosystems are exposed to chosen-ciphertext attacks (e.g., as a result of deployment in an inappropriate real-world setting) then quantum attacks are even more devastating than classical ones.

The blockchain technology represents a new paradigm to realize persistent distributed ledgers globally. While the blockchain technology is promising in a great number of fields, it can be abused to covertly store and disseminate potentially harmful digital content. Consequently, using blockchains as uncensored decentralized networks for arbitrary data distribution poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating a new technique that can be exploited to use the blockchain as a covert bulletin board to secretly store and distribute objectionable content. More specically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs, and we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. We also demonstrate how the same technique can be extended to launch subversion attacks on the wallets of most top-ranked cryptocurrencies, such as Bitcoin, Ethereum, Monero, etc. To clarify the potential risk of uncontrolled randomness, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring condential transactions. Note that the signicance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, besides presenting the attacks, we provide a discussion of current countermeasures and suggest some countermeasures to mitigate the threat of such attacks.

We are looking for a bright post-doctoral researcher focusing in theoretical cryptography and more precisely verifiable delegation of computation to work on a collaborative project on cloud-assisted computing.

The position is fully funded for 2 years. The post-doc will be hired at the department of Computer Science and Engineering at Chalmers and will be working under the supervision of Prof. Katerina Mitrokotsa. The preferred starting date is in April 2019.

To Apply use the online form at: https://goo.gl/HqgGqM

Closing date for applications: 5 January 2019

Contact: Katerina Mitrokotsa, Associate Professor, Chalmers University of Technology, Department of Computer Science and Engineering, Gothenburg, Sweden, aikmitr (at) chalmer.se

More information: http://www.chalmers.se/en/about-chalmers/Working-at-Chalmers/Vacancies/Pages/default.aspx?rmpage=job&rmjob=6985

Postdoc / Research Fellow position at Nanyang Technological University, Singapore

School of Physical and Mathematical Sciences at Nanyang Technological University (NTU), Singapore, and Temasek Labs@NTU is seeking candidates for one research fellow positions (from fresh post-doc to senior research fellow, flexible contract duration) in the areas of symmetric key cryptography and/or machine learning.

Salaries are competitive and are determined according to the successful applicants accomplishments, experience and qualifications. Interested applicants should send their detailed CVs, cover letter and references to Prof. Thomas Peyrin (thomas.peyrin (at) ntu.edu.sg).

Review of applications starts immediately and will continue until positions are filled.

Closing date for applications: 15 April 2019

Contact: thomas.peyrin (at) ntu.edu.sg

Lossy trapdoor functions (Peikert and Waters, STOC 2008 and SIAM J. Computing 2011) imply, via black-box transformations, a number of interesting cryptographic primitives, including chosen-ciphertext secure public-key encryption. Kiltz, O'Neill, and Smith (CRYPTO 2010) showed that the RSA trapdoor permutation is lossy under the Phi-hiding assumption, but syntactically it is not a lossy trapdoor function since it acts on Z_N and not on strings. Using a domain extension technique by Freeman et al. (PKC 2010 and J. Cryptology 2013) it can be extended to a lossy trapdoor permutation, but with considerably reduced lossiness.

In this work we give new constructions of lossy trapdoor permutations from the Phi-hiding assumption, the quadratic residuosity assumption, and the decisional composite residuosity assumption, all with improved lossiness. Furthermore, we propose the first all-but-one lossy trapdoor permutation from the Phi-hiding assumption. A technical vehicle used for achieving this is a novel transform that converts trapdoor functions with index-dependent domain into trapdoor functions with fixed domain.

With the fast development of quantum computation, code based cryptography arises public concern as a candidate of post quantum cryptography. However, the large key-size becomes a main drawback such that the code-based schemes seldom become practical although they performed pretty well on the speed of both encryption and decryption algorithm. Algebraic geometry codes was considered to be a good solution to reduce the size of keys, but because of its special construction, there have lots of attacks against them. In this paper, we propose a public key encryption scheme based on elliptic codes which can resist the known attacks. By using automorphism on the rational points of the elliptic curve, we construct quasi-cyclic elliptic codes, which reduce the key size further. We apply the list-decoding algorithm to decryption thus more errors beyond half of the minimum distance of the code could be correct, which is the key point to resist the known attacks for AG codes based cryptosystem.

Implementing cryptographic algorithms in a tamper resistant way is an extremely complex task as the algorithm used and the target platform have a significant impact on the potential leakage of the implementation. In addition the quality of the tools used for the attacks is of importance. In order to evaluate the resistance of a certain design against electromagnetic emanation attacks – as a highly relevant type of attacks – we discuss the quality of different electromagnetic (EM) probes as attack tools. In this paper we propose to use the results of horizontal attacks for comparison of measurement setup and for determining the best suitable instruments for measurements. We performed horizontal differential electromagnetic analysis (DEMA) attacks against our ECC design that is an im-plementation of the Montgomery kP algorithm for the NIST elliptic curve B-233. We experimented with 7 different EM probes under same conditions: attacked FPGA, design, inputs, measurement point and measurement equipment were the same, excepting EM probes. The used EM probe influences the success rate of performed attack significantly. We used this fact for the comparison of probes and for determining the best suitable one.

In this work, we present generalization and optimization of Dilithium, which is one of the promising lattice-based signature candidates for NIST postquantum cryptography (PQC) standardization. This is enabled by new insights in interpreting the design of Dilithium, in terms of key consensus presented in the KCL key encapsulation mechanism (KEM) proposal to NIST PQC standardization. Based on OKCN developed in KCL, we present a generic and modular construction of lattice-based signature, and make analysis as it is deployed in reality. We thoroughly search and test a large set of parameters in order to achieve better trade-offs among security, efficiency, and bandwidth. On the recommended parameters for about 128-bit quantum security, compared with Dilithium, our scheme is more efficient both in computation and in bandwidth. This work also further justifies and highlights the desirability of OKCN as the same routine can be used for both KEM and signatures, which is useful to simplify system complexity of lattice-based cryptography. Of independent interest is a new estimation of the security against key recovery attacks in reality.

This paper introduces elliptic curves in generalized Huff's model. These curves endowed with addition are shown to be a group over a finite field. We present formulae for point addition and doubling point on the curves and evaluate computational cost of point addition and doubling point using projective, Jacobian and Lopez-Dahab coordinates. It is noted that the computational cost for point addition and doubling on the curves is lower on the projective coordinates than the other mentioned above coordinates.

You have the experience, education and drive to lead. What you\'re missing is the freedom to create your dream. When you join DarkMatter, you\'ll find that freedom and build the future of cyber security in the UAE.

As a Cryptanalyst, you will:

- Analyze, evaluate and target any weaknesses security systems which range from single crypto-primitives to entire protocols, from classical ciphers to the newest lightweight or post-quantum schemes.

- Develop mathematical and statistical models to analyze and solve security data problems.

- Be involved in the analysis of developed cryptosystems within DarkMatter products.

- Collaborate with skillful software, hardware, and telecommunication engineers.

- Work closely with the secure communications team and other teams in the organization.

- Work with latest software and test your code on state-of-the-art High-Performance Devices.

- Conduct research in theoretical and practical cryptanalysis.

- Attend personalized in-house trainings with top cryptographers and international conferences and workshops.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers

- Your personal dream could be the world\'s reality

To bring your dream to life, you\'ll need some of the followings:

- PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics, Computer Science or any relevant Engineering degree.

- Extensive experience in theoretical and practical cryptanalysis

Valuable publications in the field of cryptanalysis

- Extensive experience in performing side-channel attacks.

- Deep understanding of various hardware security vulnerabilities and threats.

- Extensive experience developing in various programming languages.

- A passion for solving complex puzzles

Closing date for applications: 12 March 2019

Contact: Mehdi Messaoudi

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/cryptanalyst-abu-dhabi-united-arab-emirates

At DarkMatter, we are building an organisation of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients’ work, we\'ll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.

As a Cryptography Embedded Systems Engineer, you will:

- Design, implement and deploy cryptographic algorithms tailored for resource-constrained devices.

- Conduct research and development in lightweight cryptography.

- Perform security assessments of crypto-primitives and cryptosystems suitable for resource-constrained devices at the theoretical and implementation level.

- Work closely with the other teams in the organization to deploy secure embedded systems.

- Be involved in the integration of developed cryptosystems within DarkMatter products.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers.

To bring your dream to life, you’ll need:

- MS or PhD degree in Computer Science, Computer Engineering, Electrical Engineering, Cryptography or related field.

- Development experience within embedded systems, RFID and sensor networks.

- Knowledge of Unix/Linux environments and kernel development.

- Knowledge of one or more of the following: Microcontrollers, SoC, TrustZone, ARM processors, performance optimization, bootloading, firmware, x86 assembly, system BIOS or hardware/software integration.

- Knowledge of side-channel attacks and countermeasures.

- Experience coding in C/C++.

- A desire to innovate in the UAE

Closing date for applications: 12 March 2019

Contact: Mehdi Messaoudi

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/cryptography-embedded-systems-engineer-abu-dhabi-united-arab-emirates-8f4ed143-57d6-4

You have the experience, education and drive to lead. What you\'re missing is the freedom to create your dream. When you join DarkMatter, you\'ll find that freedom and build the future of cyber security in the UAE.

As a Cryptography Hardware Engineer, you will:

- Design, implement and deploy cryptographic algorithms on hardware covering but not limited to: post-quantum cryptosystems and stream ciphers.

- Conduct research and development in hardware implementation and optimization and side-channel analysis and countermeasures.

- Perform security assessments of either crypto-primitives or cryptosystems at the theoretical and implementation level.

- Work closely with the secure communications team and other teams in the organization to design end-to-end secure communication protocols using state-of-the art and customized cryptographic algorithms and primitives.

- Be involved in the integration of developed cryptosystems within DarkMatter products.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers

- Your personal dream could be the world\'s reality

To bring your dream to life, you\'ll need:

- PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics, Computer Science or any relevant Engineering degree.

- Extensive experience developing in FPGA and/or ASIC.

- Strong foundations in semiconductors, computer architecture and embedded systems.

- Deep understanding of various hardware security vulnerabilities and threats.

- A desire to innovate in the UAE

Closing date for applications: 12 March 2019

Contact: Mehdi Messaoudi

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/cryptography-hardware-engineer-abu-dhabi-united-arab-emirates

Abu Dhabi | United Arab Emirates

You have the experience, education and drive to lead. What you’re missing is the freedom to create your dream. When you join DarkMatter, you’ll find that freedom and build the future of cyber security in the UAE.

As a Post-Quantum Crypto Researcher, you will:

- Design, implement and deploy quantum-safe cryptographic algorithms covering both but not limited to: key exchange algorithms and digital signature schemes.

- Conduct research and development in lattice-based, code-based or hash-based cryptosystems.

- Perform security assessments of either crypto-primitives or cryptosystems at the theoretical and implementation level.

- Work closely with the secure communications team and other teams in the organization to design end-to-end secure communication protocols using state-of-the art and customized cryptographic algorithms and primitives.

- Be involved in the integration of developed cryptosystems within DarkMatter products.

- Enjoy all the cultural, educational and travel opportunities Abu Dhabi offers

To bring your dream to life, you’ll need:

- PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics or Computer Science.

- Extensive experience developing in various programming languages.

- A desire to innovate in the UAE

Closing date for applications: 12 March 2019

Contact: Mehdi Messaoudi

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/post-quantum-crypto-researcher-abu-dhabi-united-arab-emirates

At DarkMatter, we are building an organization of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients’ work, we\'ll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.

As a Senior Cryptography Engineer - Cloud Engineer, you will:

-Design, implement and deploy cryptographic algorithms tailored for a cloud environment.

-Conduct research and development in differential privacy, secret sharing, multi-party secure computation and fully homomorphic encryption.

-Perform security assessments of crypto-primitives, cryptosystems and cloud security solutions at the theoretical and implementation level.

-Work closely with the other teams in the organization to design and deploy safe cloud-based solutions .

-Be involved in the integration of developed cryptosystems within DarkMatter products.

To bring your dream to life, you’ll need:

-PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics or Computer Science.

-Extensive experience developing in various programming languages.

-A desire to innovate in the UAE

Closing date for applications:

Contact: Mehdi Messaoudi

Talent Sourcing Specialist

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/senior-cryptography-engineer-cloud-engineer-abu-dhabi-united-arab-emirates

The Department of Computer Science at University College London (UCL) invites applications for three faculty positions at all levels in the area of Information Security. We seek world-class talent; candidates must have an outstanding research track record. Appointments will be made at the rank of Lecturer, Associate Professor, or Professor, depending on seniority.

The closing date for applications is 10 January 2019.

We seek applicants with expertise and experience that complements or builds on our current strengths, including but not limited to, the areas of cybercrime, human factors in security, systems and network security, verification and embedded systems security, and software security.

Since we are an experimental Computer Science department, and UCL is strongly committed to multi-disciplinary research, we are looking for researchers who are interested in collaboration with colleagues in the Faculty of Engineering (e.g., Crime Science) and with other research groups and centres within the Computer Science department, e.g., Systems and Networks, Computational Statistics & Machine Learning (CSML), UCL Interaction Centre (UCLIC). The main purpose of this new role is to support the growth of the Computer Department through conducting research, teaching, outreach and entrepreneurial activities in the area of Information Security as well as the supervision of undergraduate, taught graduate and/or research graduate students.

Closing date for applications: 10 January 2019

Contact: Emiliano De Cristofaro, e.decristofaro (at) ucl.ac.uk

More information: https://tinyurl.com/ucl-infosec-positions-2018

Three industrial funded PhD studentships (3-3.5 years) are available at Department of Computer Science, Surrey Centre for Cyber Security, University of Surrey. These studentships are related to industrial blockchain projects. The ideal PhD candidates (holding MSc. degree of Math, Computer Science, Engineering) should be equipped with (at least be interested in) adequate knowledge of programming (e.g., Python, C++, Java), basic knowledge of applied cryptography(e.g., signature, encryption, zero-knowledge proof)/machine learning/formal method, have good communication skill, teamwork awareness, and be willing to work with industries.

The start date of these PhDs will be in January or April 2019.

About SCCS: SCCS was established by the University of Surrey to consolidate and organise its cyber security activities across the University. SCCS is one of the 17 Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) recognised by the UK National Cyber Security Centre (NCSC) in partnership with the Engineering and Physical Sciences Research Council (EPSRC).

Closing date for applications: 31 March 2019

Contact: Dr. Kaitai Liang

k.liang (at) surrey.ac.uk

The Secure embedded system & hardware security team (https://laboratoirehubertcurien.univ-st-etienne.fr/en/teams/secure-embedded-systems-hardware-architectures.html) at Université Jean Monnet (Saint-Etienne, France) is seeking one motivated post-doctoral researcher in the area of hardware security.

The post-doctoral researcher will work with researcher of the group on topic of side-channel analysis and/or random numbers generation. The project aims to scale down randomness requirement for side-channel protected implementations.

Candidates should ideally have already completed, or close to completing a Ph.D. degree in electrical engineering, computer sciences, mathematics, or related disciplines, with strong research track record in relevant area.

This is a full-time, 1-year fixed-term position based in Saint-Etienne; starting date is negotiable from March 2019.

Since the laboratory is located in a restricted area, background of the successful candidate need to be checked by authorities, this step can last 3 months, please consider applying well in advance. There are no nationality restrictions for candidates.

Review of application will start immediately until position is filed.

Please send a CV, a list of publications and contact information for two references.

Closing date for applications: 30 September 2019

Contact: Vincent Grosso, vincent.grosso (at) univ-st-etienne.fr

Applications are invited for a PhD student (Research Assistant) position in Applied Cryptography and Network Security. The position is funded through CRISP, the Center for Research in Security and Privacy (https://www.crisp-da.de).

Job Description

The Candidate is expected to perform scientific research in the areas of cryptography and network security. The position is based in Darmstadt and will involve international travel to conduct and present research. We provide an optimal working environment and support the researcher to publish results at leading international conferences and journals.

The position is initially offered for three years but can be extended to a longer duration. The starting date is as soon as possible.

Your Profile

• Completed a Master’s degree (or equivalent) with good grades in computer science, mathematics, electrical engineering, or a closely related field.

• Solid background in information security, cryptography, discrete mathematics, and algorithms.

• Fluent in English, both verbal and written, and good communication skills.

• Motivated to conduct research work and ability to work independently.

• Proficiency in computer programming, computer networks, Latex, and system administration are considered beneficial but not necessary.

How To Apply

Please submit your application in English consisting of a motivation letter stating why you are interested and qualify for the position, your current curriculum vitae including two references, and copies of relevant certificates and detailed transcripts with grades. Please send your application in a single PDF file to Jean Paul Degabriele (jeanpaul [dot] degabriele [at] crisp-da [dot] de) with the subject line “PhD Application”. Review of applications will start immediately and continue until the position is filled.

Closing date for applications: