International Association
for Cryptologic Research

ISTA invites applications for several open positions in all areas of computer science including cryptography, systems security and privacy.

We offer:

· Thriving international and interdisciplinary research environment with English as the working language

· State-of-the-art facilities

· Attractive salary and generous start-up package

· Guaranteed annual base funding

· International graduate school

· PhD program with a unique blend of interdisciplinary coursework and research group rotations

· Professional development opportunities

· Employee Assistance Program

· Dual-career support

· Childcare facilities

· Commitment to fostering a diverse and inclusive working environment

· Close proximity to Vienna

Assistant professors receive independent group leader positions with an initial contract of six years, at the end of which they are reviewed by international peers. A positive evaluation leads to promotion to the tenured professor position.

Tenured positions are open to distinguished scientists with several years of experience leading research groups.

We strongly encourage individuals from underrepresented groups to apply.

Closing date for applications:

Contact: Krzysztof Pietrzak (pietrzak@ist.ac.at)

More information: https://www.ista.ac.at/en/jobs/faculty/

We are looking for a post-doc researcher to work on subversion-resilient cryptography and related topics. The position is funded as part of the UKRI/EPSRC project "SECCOM" with funding from MoD/Dstl (UK's Defence Science and Technology Laboratory). Offers for the position will therefore be conditional on passing an identity check with Dstl.

The ideal candidate should have a PhD degree in Computer Science or related area (or near completion) and a proven record of publications in cryptography and/or security venues such as Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CCS, S&P, USENIX, ACNS, ESORICS, etc. Experience with protocol composition frameworks (such as the UC framework) is a plus, but not required.

The postdoc will be hosted by Bernardo Magri at the Systems and Software Security group at the CS department of the University of Manchester, UK.

The position is for 2 years and can be filled from September to December 2023, and will remain open until October 2nd 2023. For enquiries please contact Bernardo Magri at the email below. The formal application for the position should be completed at the following link: https://www.jobs.manchester.ac.uk/Job/JobDetail?JobId=26007

Closing date for applications:

Contact: bernardo.magri@manchester.ac.uk

More information: https://www.jobs.manchester.ac.uk/Job/JobDetail?JobId=26007

The Institute for IT Security at the University of Lübeck has a vacancy for a full-time (100%) position as Doctoral Researcher in System Security.

What are your tasks?
We are looking for support in the following subject areas:

• Automated code analysis and security analysis of applications
• Analysis and hardening of IoT systems
• Research of software-based protection mechanisms for IoT

Your main tasks are scientific research and further qualification in the above subject areas, with the goal of completing a successful dissertation.

Which qualifications should you have?
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.

• Your main areas of interest are in system security and/or applied cryptography.
• You have experience in the areas of cryptography, code analysis, hardware-oriented programming and/or machine learning.
• You are highly motivated to contribute to international research collaborations and to develop and publish first-class research results.

Necessary prerequisites are a university degree in computer science, applied mathematics, information technology, or comparable related fields.Your application should contain a CV, a brief description of research interests,transcripts of bachelor's and master's studies, at least one contact for a reference letter and--if available--master's or bachelor's theses and publications.

What else do we offer?
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The position is a full-time position to be classified in pay group 13 of the TV-L, including several benefits such as retirement benefits. The employment is initially limited until December 14, 2025, with an option for extension. The review of applications starts immediately until the position is filled.

Closing date for applications:

Contact: Thomas Eisenbarth (its.bewerbungen@uni-luebeck.de)

More information: https://www.its.uni-luebeck.de/en/jobs.html

AIT is Austrias largest non-universitary research institute. Its Cyber Security team focuses on various aspects of security, including anomaly detection, cyber ranges, penetration testing, and cryptography. The cryptography group is conducting research in various directions, including secure communication, privacy-enhancing technologies, and long-term and post-quantum security. Given a growing portfolio of research projects, the group seeks to grow and thus has a vacancy for a post-doctoral researcher in related areas.

Requirements:

• PhD degree in Computer Science, Cyber Security, or a related field, with a specialization on cryptology
• Profound knowledge in one or more of the following areas: secure multi-party computation (MPC), fully homomorphic encryption (FHE), threshold cryptography, distributed algorithms, privacy-preserving machine learning, verifiable computation
• Strong track record with publications at competitive academic conferences or journals (e.g., Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CCS, S&P, USENIX, ESORICS, ...)
• Good knowledge of a programming language (e.g., C/C++, Rust, Java, Python) and software development is a plus
• Very good written and oral English skills; knowledge of German is not a requirement but willingness to learn German is expected

The position lasts for two years. The salary starts from ~59k€/year, depending on experience. The review process will begin immediately and will continue open until the position has been filled.

Informal inquiries can be done by email, but formal applications must be submitted through: https://jobs.ait.ac.at/Job/215934

Closing date for applications:

Contact: Stephan Krenn; stephan.krenn[at]ait.ac.at

More information: https://jobs.ait.ac.at/Job/215934

The Institute for IT Security at the University of Lübeck offers a fully funded (TV-L 14, 100%) PostDoc position in System Security.

What are your tasks?
We are looking for support in the following subject areas:

• Security analysis and design of trusted execution environments and secure microarchitectures
• Automated code analysis and software-based protection measures, including the use of large language models
• Applied (post-quantum) cryptography and side-channel analysis

Your main tasks are scientific research and further qualification in the above subject areas, project management and co-supervision of PhD students.

Which qualifications should you have?
As the ideal candidate, you bring motivation and willingness to work and research creatively and independently.

• Your main areas of interest are in system security and/or applied cryptography.
• You have experience in the areas of cryptography, code analysis, hardware-oriented programming and/or machine learning.
• You have already published highly at relevant conferences in system security and cryptography (S&P, CCS, USENIX Security, CHES, CRYPTO, Eurocrypt, etc.) and built your own scientific network.

You are highly motivated to participate in international research collaborations and to develop and publish first-class research results together with the PhD students of the research group.
Necessary prerequisite is a completed PhD in the field of IT security. Your application should contain a CV, list of publications, a short research statement and at least one contact for a reference letter.

What else do we offer?
We offer excellent working conditions in an international team of top researchers and collaboration opportunities with prestigious working groups in IT security worldwide in one of the most livable cities in Northern Europe.
The review of applications starts immediately until the position is filled. The employment is initially limited until June 30, 2025, with an option for extension.

Closing date for applications:

Contact: Thomas Eisenbarth (its.bewerbungen@uni-luebeck.de)

More information: https://www.its.uni-luebeck.de/en/jobs.html

The Cryptography Research Group at University College Cork (UCC) is looking for a highly motivated PhD student to work on the project “Adaptive Privacy-preservation in the Internet of Things”. The research work will focus on advanced cryptography and privacy techniques, including local differential privacy and homomorphic encryption/secure multi-party computation, and how they can be deployed in smart settings.

The PhD student will work under the supervision of Principal Investigator Dr. Paolo Palmieri, University College Cork (UCC), and co-Investigator Dr. Hazel Murray, Munster Technological University (MTU). The student will join the thriving Cryptography Group at UCC, where several other PhD students and Post-Docs are carrying out related research. The project is a collaboration between UCC (host organization) and MTU, and part of CONNECT - Centre for Future Networks & Communications, a major Science Foundation Ireland research initiative.

Candidates should have a background/strong interest in security and privacy, as well as a good grasp of mathematics. Previous experience in cryptography is an asset, but is not required. Applicants should hold a good honours undergraduate or Master's degree in computer science, computer engineering, mathematics, or other relevant subject.

The successful applicant will receive a stipend of €19,000 per annum for four years (subject to successful annual progress reviews). Tuition fees will be covered by the project, and a travel budget is available to present at international conferences. The successful candidate will also have the opportunity to work with the Principal Investigator and co-Investigator extensive network of international research collaborations.

We expect the PhD student to start in Autumn 2023 or shortly thereafter.

Closing date for applications:

Contact: General informal enquires about the PhD positions can be made to Dr. Paolo Palmieri at e-mail: p.palmieri@cs.ucc.ie
Applications must be made online by September 7, 2023 at the address: https://ucc.qualtrics.com/jfe/form/SV_brw0JC79mZz2lmu

More information: https://security.ucc.ie/vacancies.html

At ASIACRYPT 2022, Benedikt, Fischlin, and Huppert proposed the quantum herding attacks on iterative hash functions for the first time. Their attack needs exponential size of quantum random access memory (qRAM). As the existence of large qRAM is questionable, Benedikt et al. left open question for building low-qRAM quantum herding attacks.

In this paper, we answer this open question by building a quantum herding attack, where the time complexity is slightly increased from Benedikt et al.'s $2^{0.43n}$ to ours $2^{0.46n}$, but the size of qRAM is reduced from Benedikt et al.'s $2^{0.43n}$ to ours $\mathcal{O}(n)$. Besides, we also introduce various low-qRAM quantum attacks on hash concatenation combiner, hash XOR combiner, Hash-Twice, and Zipper hash functions.

We present Waffle, a datastore that protects an application’s data access patterns from a passive persistent adversary. Waffle achieves this without prior knowledge of the input data access distribution, making it the first of its kind to adaptively handle input sequences under a passive persistent adversary. Waffle maintains a constant bandwidth and client-side storage overhead, which can be adjusted to suit the application owner’s preferences. This flexibility allows the owner to fine-tune system parameters and strike a balance between security and performance. Our evaluation, utilizing the Yahoo! Cloud Serving Benchmark (YCSB) benchmark and Redis as the backend storage, demonstrates promising results. The insecure baseline outperforms Waffle by a mere 5-6x, whereas Waffle outperforms Pancake—a state-of-the-art oblivious datastore under passive persistent adversaries—by 45-57%, and a concurrent ORAM system, TaoStore, by 102x.

In this informal note, we instantiate the Goldwasser-Kalai-Rothblum (GKR) protocol to prove fractional sumchecks as present in lookup arguments based on logarithmic derivatives, with the following impact on the prover cost of logUp (IACR eprint 2022/1530): When looking up $M\geq 1$ columns in a (for the sake of simplicity) single column table, the prover has to commit only to a single extra column, i.e. the multiplicities of the table entries. In order to carry over the GKR fractional sumcheck to the univariate setting, we furthermore introduce a simple, yet (as far as we now) novel transformation for turning a univariate polynomial commitment scheme into a multilinear one. The transformation complements existing approaches and might be of independent interest for its elegant way to prove arbitrary powers of the lexicographic shift over the Boolean hypercube.

With the increasing interest for advanced protocols for Multi Party Computation, Fully-Homomorphic Encryption or Zero Knowledge proofs, a need for cryptographic algorithms with new constraints has emerged. These algorithms, called Arithmetization-Oriented ciphers, seek to minimize the number of field multiplications in large finite fields $\mathbb{F}_{2^n}$ or $\mathbb{F}_{p}$. Among them, Ciminion is an encryption algorithm proposed by Dobraunig et al. in Eurocrypt 2021.

In this paper, we show a new univariate modelization on a variant of Ciminion proposed by the designers. This instance restricts the attacker to at most $2^{s/2}$ data, where $s$ is the security level. Because the designers chose to reduce the number of rounds in that specific attacker model, we are able to attack the cipher for large security levels. We also propose some slight modifications of Ciminion that would overcome this vulnerability.

Proof-carrying data (PCD) is a powerful cryptographic primitive that allows mutually distrustful parties to perform distributed computation defined on directed acyclic graphs in an efficiently verifiable manner. Important efficiency parameters include prover's cost at each step and the recursion overhead that measures the additional cost apart from proving the computation.

In this paper, we construct a PCD scheme having the smallest prover's cost and recursion overhead in the literature. Specifically, the prover's cost at each step is dominated by only one $O(|C|)$-sized multi-scalar multiplication (MSM), and the recursion overhead is dominated by only one $2r$-sized MSM, where $|C|$ is the computation size and $r$ is the number of incoming edges at certain step. In contrast, the state-of-the-art PCD scheme requires $4r+12$ $O(|C|)$-sized MSMs w.r.t. the prover's cost and six $2r$-sized MSMs, one $6r$-sized MSM w.r.t. the recursion overhead. In addition, our PCD scheme supports more expressive constraint system for computations—customizable constraint system (CCS) that supports high-degree constraints efficiently, in contrast with rank-1 constraint system (R1CS) that supports only quadratic constraints used in existing PCD schemes.

Underlying our PCD scheme is a multi-folding scheme that reduces the task of checking multiple instances into the task of checking one. We generalize existing construction to support arbitrary number of instances.

The emergence of blockchain technologies as central components of financial frameworks has amplified the extraction of market inefficiencies, such as arbitrage, through Miner Extractable Value (MEV) from Decentralized Finance smart contracts. Exploiting these opportunities often requires fee payment to miners and validators, colloquially termed as bribes. The recent development of centralized MEV relayers has led to these payments shifting from the public transaction pool to private channels, with the objective of mitigating information leakage and curtailing execution risk. This transition instigates highly competitive first-price auctions for MEV. However, effective bidding strategies for these auctions remain unclear. This paper examines the bidding behavior of MEV bots using Flashbots' private channels, shedding light on the opaque dynamics of these auctions. We gather and analyze transaction data for the entire operational period of Flashbots, providing an extensive view of the current Ethereum MEV extraction landscape. Additionally, we engineer machine learning models that forecast winning bids whilst increasing profitability, capitalizing on our comprehensive transaction data analysis. Given our unique status as an adaptive entity, the findings reveal that our machine learning models can secure victory in more than 50% of Flashbots auctions, consequently yielding superior returns in comparison to current bidding strategies in arbitrage MEV auctions. Furthermore, the study highlights the relative advantages of adaptive constant bidding strategies in sandwich MEV auctions.

With the development of quantum attacks, many classical-secure structures are not secure in quantum. How to evaluate the quantum security of structure and give a tight security bound becomes a challenging research topic. As a tweakable block cipher structure based on block ciphers, $\mathsf{TNT}$ was proven to be of classical beyond-birthday-bound $O(2^{3n/4})$ security. We prove that $\mathsf{TNT}$ is a quantum-secure tweakable block cipher with a bound of $O(2^{n/6})$. In addition, we show the tight quantum PRF security bound of $O(2^{n/3})$ when $\mathsf{TNT}$ is based on random functions, which is better than $O(2^{n/4})$ given by Bhaumik et al. and solves their open problem. Our proof uses the recording standard oracle with errors technique of Hosoyamada and Iwata based on Zhandry’s compressed oracle technique.

In this work, we show that general non-interactive quantum commitments (allowing quantum computation and communication) to classical messages are compatible with current-known quantum-rewinding techniques. Specifically, we first propose a definition of collapse-binding of quantum commitments which generalizes from its post-quantum counterpart and is shown to work well with quantum rewinding. Then we show that thus defined collapse-binding is equivalent to the conceivably minimal unique-message-binding. This in particular implies that canonical quantum bit commitments are collapse-binding and can be used to instantiate many cryptographic applications.

Additionally, we rephrase the flavor conversion of canonical quantum bit commitments as a hardness conversion, which then can be used to establish a stronger quantum indistinguishability that works well with quantum rewinding just like in the post-quantum setting. Such indistinguishability allows us to establish the security of the Goldreich-Kahan construction of constant-round zero-knowledge proofs for NP instantiated with canonical quantum bit commitments. We thus for the first time construct a constant-round (actually, four-round) quantum computational zero-knowledge proof for NP based on the minimum complexity assumption that is needed for the complexity-based quantum cryptography.