International Association
for Cryptologic Research

Nowadays, the Matrix Code Equivalence Problem shows potential applicability in constructing efficient and secure advanced digital signatures, focusing on linkable ring signatures, threshold signatures, and blind signatures. Current constructions of these advanced signatures rely on relaxed instantiations of the Matrix Code Equivalence Problem: given two pairs of equivalent matrix codes, find (if it exists) the secret isometry connecting the pairs. For example, the linkable ring signature construction by Chou et al. (AFRICACRYPT, 2023) builds on top of the Inverse Matrix Code Equivalence Problem: given three equivalent matrix codes, where one pair of the codes is connected by the secret isometry and another by the inverse of that isometry, find the secret isometry.

This paper studies the Inverse Matrix Code Equivalence Problem, focusing on the family of instances where the secret isometry is (skew) symmetric. Our main contribution corresponds to a new algorithm for solving these instances of the Inverse Matrix Code Equivalence Problem. As an implication, we identify weak instances of this kind of instantiation of the Inverse Matrix Code Equivalence Problem, for around 70% of the possible parameter set choices (i.e., code dimension $k$, and code lengths $m$ and $n$), our algorithm runs (heuristically) in polynomial time. In addition, our results spotlight an additional 35% of parameter sets where the best algorithm for solving the Matrix Code Equivalence Problem, proposed by Couvreur and Levrat (Crypto, 2025), does not apply.

Our results have a crucial security impact on the recent blind signature construction proposed by Kuchta, LeGrow, and Persichetti (ePrint IACR, 2025), whose security is closely related to the hardness of solving these kinds of instances of the Inverse Matrix Code Equivalent Problem.

Abstract. CROSS is a code-based signature based on the Restricted Syndrome Decoding Problem (R-SDP) that is currently among the fourteen candidates in the NIST standardization process. While CROSS enjoys a very competitive verification time, its primary drawback is its significantly large signature size. In this work, we introduce a new Multi-Party Computation in the Head (MPCitH) protocol for the R-SDP with the primary goal of reducing CROSS signature size. To do so, we design a publicly verifiable secret sharing scheme tailored for restricted vectors and a new multiplicative-to-additive conversion for it. These new cryptographic gadgets may be of independent interest as they can serve as building blocks for future research in multi-party computation, such as a threshold version of CROSS.

We present GRAFHEN, a new cryptographic scheme which offers Fully Homomorphic Encryption without the need for bootstrapping (or in other words, without noise). Building on the work of Nuida and others, we achieve this using encodings in groups. The groups are represented on a machine using rewriting systems. In this way the subgroup membership problem, which an attacker would have to solve in order to break the scheme, becomes maximally hard, while performance is preserved. In fact we include a simple benchmark demonstrating that our implementation runs several orders of magnitude faster than existing standards. We review many possible attacks against our protocol and explain how to protect the scheme in each case.

One-shot signatures (OSS) are a powerful and uniquely quantum cryptographic primitive which allows anyone, given common reference string, to come up with a public verification key $\mathsf{pk}$ and a secret signing state $\ket{\mathsf{sk}}$. With the secret signing state, one can produce the signature of any one message, but no more. In a recent breakthrough work, Shmueli and Zhandry (CRYPTO 2025) constructed one-shot signatures, either unconditionally in a classical oracle model or assuming post-quantum indistinguishability obfuscation and the hardness of Learning with Errors (LWE) in the plain model.

In this work, we address the inefficiency of the Shmueli-Zhandry construction which signs messages bit-by-bit, resulting in signing keys of $\Theta(\lambda^4)$ qubits and signatures of size $\Theta(\lambda^3)$ bits for polynomially long messages, where $\lambda$ is the security parameter. We construct a new, simple, direct, and efficient one-shot signature scheme which can sign messages of any polynomial length using signing keys of $\Theta(\lambda^2)$ qubits and signatures of size $\Theta(\lambda^2)$ bits. We achieve corresponding savings in runtimes, in both the oracle model and the plain model. In addition, unlike the Shmueli-Zhandry construction, our scheme achieves perfect correctness.

Our scheme also achieves strong signature incompressibility, which implies a public-key quantum fire scheme with perfect correctness among other applications, correcting an error in a recent work of Çakan, Goyal and Shmueli (QCrypt 2025) and recovering their applications.

Folding schemes are a powerful tool for building scalable proof systems. However, existing folding-based SNARKs require embedding hash functions (modeled as random oracles) into SNARK circuits, introducing both security concerns and significant proving overhead. We re-envision how to use folding, and introduce Symphony, the first folding-based SNARK that avoids embedding hashes in SNARK circuits. It is memory-efficient, parallelizable, streaming-friendly, plausibly post-quantum secure, with polylogarithmic proof size and verification, and a prover dominated by committing to the input witnesses. As part of our construction, we introduce a new lattice-based folding scheme that compresses a large number of NP-complete statements into one in a single shot, which may be of independent interest. Furthermore, we design a generic compiler that converts a folding scheme into a SNARK without embedding the Fiat-Shamir circuit into proven statements. Our evaluation shows its concrete efficiency, making Symphony a promising candidate for applications such as zkVM, proof of learning, and post-quantum aggregate signatures.

Is module-lattice reduction better than unstructured lattice reduction? This question was highlighted as 'Q8' in the Kyber NIST standardization submission (Avanzi et al., 2021), as potentially affecting the concrete security of Kyber and other module-lattice-based schemes. Foundational works on module-lattice reduction (Lee, Pellet-Mary, Stehlé, and Wallet, ASIACRYPT 2019; Mukherjee and Stephens-Davidowitz, CRYPTO 2020) confirmed the existence of such module variants of LLL and block-reduction algorithms, but focus only on provable worst-case asymptotic behavior.

In this work, we present a concrete average-case analysis of module-lattice reduction. Specifically, we address the question of the expected slope after running module-BKZ, and pinpoint the discriminant $\Delta_K$ of the number field at hand as the main quantity driving this slope. We convert this back into a gain or loss on the blocksize $\beta$: module-BKZ in a number field $K$ of degree $d$ requires an SVP oracle of dimension $\beta + \log(|\Delta_K| / d^d)\beta /(d\log \beta) + o(\beta / \log \beta)$ to reach the same slope as unstructured BKZ with blocksize $\beta$. This asymptotic summary hides further terms that we predict concretely using experimentally verified heuristics. Incidentally, we provide the first open-source implementation of module-BKZ for some cyclotomic fields.

For power-of-two cyclotomic fields, we have $|\Delta_K| = d^d$, and conclude that module-BKZ requires a blocksize larger than its unstructured counterpart by $d-1+o(1)$. On the contrary, for all other cyclotomic fields we have $|\Delta_K| < d^d$, so module-BKZ provides a sublinear $\Theta(\beta/\log \beta)$ gain on the required blocksize, yielding a subexponential speedup of $\exp(\Theta(\beta/\log \beta))$.

We present $\mathsf{HyperWolf}^*$, a lattice-based, fully transparent polynomial commitment scheme (PCS) for univariate and multilinear polynomials. To the best of our knowledge, it is the first lattice PCS to simultaneously achieve logarithmic proof size and verification time with standard soundness under standard lattice assumptions over polynomial~rings.

Building on sublinear schemes such as $\mathsf{Greyhound}$ (CRYPTO'24) and $\mathsf{BrakeDown}$ (CRYPTO'23), we generalize the two-dimensional approach to a $k$-dimensional witness-folding recursion, yielding a $k$-round hyperdimensional proof. Each round folds the witness along one axis, reducing the tensor arity by one, giving overall cost $O(k N^{1/k})$; choosing $k = \log N$ yields $O(\log N)$ verification time and proof size. For standard $\ell_2$ soundness, we give an exact Euclidean-norm proof tailored to lattice relations: we prove $\langle \vec{f}, \vec{f}\rangle \bmod q$ via an inner-product argument and enforce a small-coefficient bound on $\|\vec{f}\|_\infty$ so that $\langle \vec{f}, \vec{f}\rangle \bmod q = \langle \vec{f}, \vec{f}\rangle$ over $\mathbb{Z}$. Both sub-proofs admit the same structure for $O(\log N)$ complexity.

We further compact the proof using a proof-of-proof IPA \`{a}~la LaBRADOR (CRYPTO'23), attaining $O(\log\log\log{N})$ while preserving logarithmic verification and linear proving. We also describe a candidate optimization that achieves $O(\log\log N)$ proofs without LaBRADOR. For $N = 2^{30}$, $\mathsf{HyperWolf}$ features a ${\sim}53$ KB proof size and, compared to $\mathsf{Greyhound}$, reduces verifier work from $\Theta(\sqrt{N})$ to $\Theta(\log N)$, yielding $2$ to $3$ orders of magnitude improvement for large $N$ while maintaining comparable size.

As a cryptographer and/or software developer you will transform the newest research ideas into practical applications. This role is highly technical and involves designing, implementing, and optimizing cryptographic primitives and protocols. We are looking for someone who enjoys deep technical challenges, has a decent understanding of modern cryptography, and takes pride in writing efficient and secure code. You will collaborate closely with researchers and engineers to bring new ideas from concept to production.

Closing date for applications:

Contact: Furkan Turan

More information: https://www.linkedin.com/jobs/view/4314095801/

As a Senior GPU Acceleration Engineer, you will extend Belfort’s cryptographic acceleration technology into high-performance GPU platforms. You will lead efforts in adapting and optimizing our algorithms for modern GPU architectures, ensuring maximum throughput, scalability, and energy efficiency.

Closing date for applications:

Contact: Furkan Turan

More information: https://www.linkedin.com/jobs/view/4314224579/

We are continuously looking for PhD students for the 6-year project CAVE, funded by the German Research Foundation (Deutsche Forschungsgemeinschaft, DFG) through the Emmy Noether Programme. During your PhD, you will be working on cutting-edge research in Hardware Security Engineering and Verification.

Deadline: Reviewing of applications will continue until positions are filled.

Why should you apply? The position involves exploring innovative methods in the field of Computer-Aided Security Engineering and Verification, with the goal of publishing in leading international venues, broadening the research network, initiating global collaborations, and formulating independent research inquiries. For this, I work closely with my PhD students, including regular one-to-one meetings, to support and foster your research.

Location: The newly established junior research group on Computer-Aided Verification of Physical Security Properties (CAVE) is affiliated with the Horst Goertz Institute for IT Security (HGI) and the Faculty of Computer Science at Ruhr University Bochum (RUB). RUB has been a leader in IT security in Europe for more than two decades, and this expertise is integral to the HGI and the Faculty of Computer Science.

Requirements: A Master’s Degree or a strong Bachelor's Degree in Computer Science or related fields. Excellent interpersonal and communication skills in English as well as solid background in any of the following fields are expected: cryptographic engineering, hardware security, physical implementation attacks (SCA & FIA), or profound knowledge of formal verification techniques.

Application: If you are interested in applying, please send an email to Dr. Pascal Sasdrich (pascal.sasdrich@rub.de) with the following documents in a single PDF (max. 10 MB) and subject line "[CAVE] Application for PhD position":

• Your CV, including a transcript of records.
• A brief cover letter describing your research interests.
• Contact details of 2-3 potential references.

Closing date for applications:

Contact: Dr. Pascal Sasdrich

IIT Hyderabad invites applications from exceptionally bright and motivated qualified candidates for faculty positions at the levels of Assistant Professor, Associate Professor, and Professor in the Department of Computer Science and Engineering, in specializations including cryptography and privacy, systems security, post-quantum cryptography, quantum cryptography, and cyber security.

For more details, please refer to the advertisement: https://iith.ac.in/assets/files/careers/faculty/Faculty-Recruitment-Advt-Oct2025.pdf.

For more details about the department, please visit https://cse.iith.ac.in/.

To apply please use the link: https://faculty.recruitment.iith.ac.in/index1.html.

The deadline is 5.30 pm (IST) on 31 October 2025.

Closing date for applications:

Contact: For any questions please reach out to Maria Francis (mariaf@cse.iith.ac.in).

The Applied Cryptography Group at Technical University of Darmstadt offers a fully funded postdoc position. Topics of interest include (but are not limited to) distributed cryptography, anonymous credentials, blockchain protocols, multiparty computation, zero-knowledge and more. You will conduct research and publish/present the results at top venues for research in cryptography and IT Security. The position is to be filled as soon as possible for initially 2 years with the possibility of an extension.

Your profile:

• Completed PhD degree (or equivalent) at a top university in IT security, computer science, mathematics, electrical engineering, or a similar area.
• Publications at top venues for IT security and cryptography (e.g., EUROCRYPT, CRYPTO, ASIACRYPT, S&P, CCS, TCC),
• Good knowledge in one of the topics mentioned above is a plus.
• Experience in project management and supervising students is a plus.

Your application should contain a CV, list of publications, a short research statement and at least one contact for a reference letter.

TU Darmstadt is a top research university for IT Security, Cryptography, and Computer Science in Europe. We offer an excellent working environment in the heart of the Frankfurt Metropolitan Area, which is internationally well-known for its high quality of life. The review of applications starts immediately until the position is filled.

Please send your application to: job@cac.tu-darmstadt.de

Closing date for applications:

Contact: Sebastian Faust

More information: https://www.informatik.tu-darmstadt.de/cac/cac/index.en.jsp

We are looking for a junior research fellow for the project "A Post-Quantum Secure ZKP-based Authentication Protocol for Connected and Autonomous Vehicles". The candidate should have M.Tech in Computer Science and Engineering or related disciplines. Prior experience on cryptography and Zero-Knowledge-Proofs systems along with a solid background in programming is essential and will be preferred. Interested candidates can email to Dr. Raghvendra Rohit at raghvendra.rohit@cs.iitr.ac.in with their resume.

Closing date for applications:

Contact: Dr. Raghvendra Rohit (raghvendra.rohit@cs.iitr.ac.in)

PhD Opportunities at the National University of Singapore (NUS). The candidates will have opportunities to work at NUS. Requirements for a PhD. Position • Completed Master’s degree (or equivalent) at a top university in information security, computer science, applied mathematics, electrical engineering, or a similar area • Research experience (such as publishing papers as a first author in reputable venues) • Self-motivated, reliable, creative, can work in a team and want to do excellent research on challenging scientific problems with practical relevance. Desire to publish at top venues (CORE rank A*/A) for information security/applied cryptography (e.g., TDSC, TIFS, S&P, CCS, NDSS, USENIX SEC), ideally on security protocols and secure computation How to apply? Please send me your CV with detailed information. Contact: Dr Prosanta Gope (p.gope@sheffield.ac.uk) Closing date for applications:

Closing date for applications:

Contact: Dr Prosanta Gope (p.gope@sheffield.ac.uk)

The a16z crypto research lab is seeking interns for summer 2026 in all technical areas pertaining to blockchains/Web3, including in particular cryptography and distributed computing. For more details and to submit an application, see https://a16z.com/about/jobs/?gh_jid=7489894003. For full consideration, please apply by November 10, 2025.

The Role

a16z crypto research is a new kind of multidisciplinary lab that bridges the worlds of academic theory and industry practice to advance the science and technology of the next generation of the internet. In addition to fundamental research, we collaborate with portfolio companies to solve hard technical and conceptual problems. Research interns will have the opportunity to learn from the firm’s investment and engineering teams, although this is a research role with no responsibility for investment decisions. We are seeking students with a strong research background and an interest in blockchains and web3 to join the group for the summer. Specific research areas of interest include cryptography, security, distributed computing, economics (both micro and macro), incentives, quantitative finance, political science and governance, and market and mechanism design. This list is not exhaustive and we encourage applicants with different backgrounds who may have unique perspectives on the space to apply.

Preferred Qualifications

• Enrolled in a PhD program in a relevant field such as computer science, economics, mathematics, operations research, political science, etc. (Exceptional masters and undergraduate students will also be considered.)
• Passionate and knowledgeable about blockchains/Web3 and their underlying technologies.
• Familiar with fundamental research and publishing in peer-reviewed conferences and journals.

Internship Details

• In-person residency required in New York, NY
• Duration: June 2–August 21, 2026 (min 10, max 12 weeks)

Closing date for applications:

Contact: Ertem Nusret Tas - ntas@a16z.com

More information: https://a16z.com/about/jobs/?gh_jid=7489894003

We are looking for a motivated candidate for a PhD position on multi-factor authentication protocols. The student will be part of the SCAMPER project team. The research will include design and implementation of novel multi-factor authentication protocols using advanced cryptographic techniques such as MPC, Anonymous Credential, in combination with biometric template protection methods. The student will collaborate closely with academic and industrial partners. Responsibilities • Design efficient protocols for multifactor authentication including fuzzy authentication factors • Perform security analysis and evaluations • Collaborate with industry stakeholders The candidate must hold a Master’s degree in Electrical Engineering, Computer Science, or Mathematics, have good grades and a keen interest in cryptography. We prefer candidates who can demonstrate that they have developed their research skills during their Master’s studies. Strong background on the following is required: • Mathematics, including Probability and Statistics • Coding Theory • Programming skills • It would also be considered as a merit to have some background in cryptography

Closing date for applications:

Contact: jobs-cosic@esat.kuleuven.be

More information: https://www.esat.kuleuven.be/cosic/vacancies/

CISPA is a world-leading research center that focuses on Information Security and Machine Learning at large. To expand and further strengthen our center, we are looking for

Tenure-Track Faculty in all areas related to Information Security (f/m/d)

All applicants are expected to grow a research team that pursues an internationally visible research agenda. To aid you in achieving this, CISPA provides institutional base funding for three full-time researcher positions and a generous budget for expenditures. Upon successful tenure evaluation, you will hold a position that is equivalent to an endowed full professorship at a top research university. We invite applications of candidates with excellent track records in all areas related to Information Security.

CISPA values diversity and is committed to equality. We provide special dual-career support. We explicitly encourage female and diverse researchers to apply.

Closing date for applications:

Contact: Scientific Talent Acquisition Team: career@cispa.de

More information: https://career.cispa.de/jobs/tenure-track-faculty-in-all-areas-related-to-information-security-f-m-d-2025-2026-74

Position Summary:
The Department of Mathematics & Statistics at Florida Atlantic University invites applications for a tenure-track position at the rank of Assistant or Associate Professor in cryptology, starting in August 2026. Strong candidates in all areas of cryptology will be considered. Preference will be given to candidates with several broad areas of interest in the mathematics of cybersecurity including, but not limited to, symmetric and public-key cryptography, post-quantum cryptography, quantum algorithms in cryptography, or a closely related area. Responsibilities for this position will be research, teaching, and professional service. The successful candidate is expected to apply for and secure external research funding and actively participate in interdisciplinary programs.

The Department of Mathematics & Statistics is a collegial and research-active department demonstrating excellence in teaching, research, and service. We are home to 26 tenure-track or tenured faculty members, 18 faculty members in non-tenure-track positions, and more than 40 graduate teaching/research assistants. Our department has an established national and international reputation for research innovation through our Center for Cryptology and Information Security (CCIS). FAU is also recognized as a National Center of Academic Excellence in Information Assurance/Cyber Defense Research (CAE-R) since 2019. More information about the department can be found at: http://www.math.fau.edu/.

Review of applications will begin November 15, 2025, and will continue until the position is filled.

Closing date for applications:

Contact: Informal inquiries can be addressed to: Dr. Stephen C. Locke, Chair of the Search Committee, (lockes@fau.edu)

More information: https://fau.wd1.myworkdayjobs.com/en-US/FAU/details/Assistant-Associate-Professor--Cryptology_REQ21084

Functional Encryption (FE) is a concept that generalizes public-key encryption, allowing a party that owns a private key to find a function of the plaintext (instead of the plaintext itself). Multi-Party Functional Encryption (MPFE) generalizes this concept and adapts it to multi-party settings, allowing for decentralization in both the ciphertexts—which might originate from multiple sources—and the keys—thereby eliminating the necessity of a central authority and avoiding the introduction of a single point of trust and failure. The current paper presents a substantial foundation of MPFE to the non-specialist reader. It provides definitions, classifications, and discusses properties of MPFE and its relation with other cryptographic concepts. The potential applicability of MPFE, which covers multiple domains and use cases, is discussed. The paper investigates the real-world adoption of MPFE, including its presence in technical specifications or its availability in open-source libraries. Finally, the current study discusses challenges and therefore opens up new research directions.

The Swiss Post voting system is one of the most advanced cryptographic voting protocols deployed for political elections, offering end-to-end verifiability and vote privacy. It provides significant documentation and independent scrutiny reports. Still, we argue that two significant pillars of trust need to be further developed. One is formal verification accompanied by machine-checked proofs. The second is security in presence of a corrupt setup component. In this work, we propose formal specifications of a simplified version of the Swiss Post voting protocol and initial verification results with the Tamarin prover. We also propose a revised protocol design that mitigates risks from a corrupt setup, and a prototype implementation of necessary zero-knowledge proofs.