International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-05-25
17:37 [PhD][New] Jens Zumbrägel: Public-key cryptography based on simple semirings

  Name: Jens Zumbrägel
Topic: Public-key cryptography based on simple semirings
Category: public-key cryptography

Description:

The discrete logarithm problem is the basic ingredient of many\r\n public-key cryptosystems. It can be stated as follows: Given a\r\n cyclic group (G,?) of order n, a\r\n generator g of G, and another\r\n element h?G, find the unique\r\n integer a?[0,n) such that\r\n h=gˆa. The integer a is called\r\n the discrete logarithm of\r\n h to the base g.

\r\n \r\n

There are key agreement protocols, public-key encryption schemes,\r\n and digital signatures employing the discrete logarithm problem.\r\n One example is the Diffie-Hellman key agreement protocol. It allows\r\n two parties, A and B, to agree on a secret key over an insecure\r\n channel. In order to achieve this goal they fix a finite cyclic\r\n group G and a generator g of G. Then A and B\r\n pick random integers a,b respectively and exchange\r\n hA=gˆa\r\n and hB=gˆb. Finally they\r\n compute ha=gˆba\r\n and hb=gˆab, and\r\n since gˆab=gˆba this element\r\n can be used as their secret key.

\r\n\r\n

It is clear that solving the underlying discrete logarithm problem\r\n is sufficient for breaking the Diffie-Hellman protocol. For this\r\n reason one has been searching for groups in which the discrete\r\n logarithm problem is considered to be a computationally hard\r\n problem. Among the groups that have been proposed as candidates are\r\n the multiplicative group of a finite field and the group over an\r\n elliptic curve. It should however be pointed out that the\r\n infeasibility of the discrete logarithm problem has not been proved\r\n in any concrete group.

\r\n\r\n

Discrete logarithm based cryptosystems can be generalized in the\r\n framework of semigroup actions (see e.[...]


17:37 [PhD][New] Joachim Rosenthal

  Name: Joachim Rosenthal


17:36 [Job][New] 6 Ph.D. students, TELECOM-ParisTech, Paris, France

  The crypto group of TELECOM-ParisTech is looking for six Ph.D. students, on various topics linked to side-channel cryptanalysis.

The subjects are:

  1. Fault Injection for Reverse-Engineering (FIRE)

  2. Electromagnetic observation and injection, using information-theoretic tools

  3. Formal proof of countermeasures against attacks targeting cryptographic implementations

  4. Bus and memory encryption/integrity in embedded systems with SecBus — hardware aspects

  5. Information leakage of NFC-enabled smartphones by magnetic analysis

  6. Distinguishing side-channel distinguishers





2012-05-22
07:36 [Job][Update] Lecturer, Queensland University of Technology, Brisbane, Australia

 

The Queensland University of Technology (QUT) in Brisbane, Australia, invites applications for full-time Lecturer positions starting in 2012. Up to nine positions are available in the Science and Engineering Faculty.

The Science and Engineering Faculty at QUT has an active research group in cryptography, network security, and digital forensics, with a leading national profile and strong international links.

Applicants should have completed (or be under examination for) a PhD and be early career researchers (less than three years in an academic role). Appointee(s) will develop and maintain an active research program, teach at undergraduate and graduate levels, supervise research students, and participate in QUT\\\'s Early Career Academic Development program.



00:17 [Pub][ePrint] Quantifying Side-Channel Information Leakage from Web Applications, by Luke Mather and Elisabeth Oswald

  Recent research has shown that many popular web applications are vulnerable to side-channel attacks on encrypted streams of network data produced by the interaction of a user with an application. As a result, private user data is susceptible to being recovered by a side-channel adversary. A recent focus has been on the development of tools for the detection and quantification of side-channel information leaks from such web applications. In this work we describe a model for these web applications, analyse the effectiveness of previous approaches for the quantification of information leaks, and describe a robust, effective and generically applicable metric based on a statistical estimation of the mutual information between the user inputs made in the application and subsequent observable side-channel information. We use our proposed metric to construct a test capable of analysing sampled traces of packets to detect information leaks, and demonstrate the application of our test on a real-world web application.





2012-05-21
21:17 [Pub][ePrint] Self-pairings on Hyperelliptic Curves, by Steven D. Galbraith and Chang-An Zhao

  A self-pairing is a pairing computation where both inputs are the same group element. Self-pairings are used in some cryptographic schemes and protocols. In this paper, we show how to compute the Tate-Lichtenbaum pairing (D,\\phi(D)) on a curve more efficiently than the general case. The speedup is obtained by requiring a simpler final exponentiation. We also discuss how to use this pairing in cryptographic applications.



21:17 [Pub][ePrint] On a CCA2-secure variant of McEliece in the standard model, by Edoardo Persichetti

  We consider public-key encryption schemes based on error-correcting

codes that are IND-CCA2 secure in the standard model. We analyze a system due

to Dowsley, Muller-Quade and Nascimento. We then show how to instantiate the

Rosen-Segev framework with the McEliece scheme.



12:59 [Job][New] Postdoctoral Research Assistant in Cryptography, Dept Computer Science, University of Bristol

  Based in the Cryptography group which has grown considerably in the last year, you will be an additional researcher in one of the following areas:

•Analysis of “real world” protocols

•Formal Methods applied to security protocols

•Fully Homomorphic Encryption

•Lattice Based Cryptography

•Provable Security, i.e. Protocol and Mechanism design

The post is funded by an ERC Advanced Grant awarded to Prof. Nigel Smart.

The expected starting date will be as soon as possible depending on the your circumstances.

Please apply using the Online System linked to from the link below. We cannot accept applications via email.

09:22 [Event][Update] STM 2012: 8th International Workshop on Security and Trust Management

  Submission: 16 June 2012
Notification: 15 July 2012
From September 13 to September 14
Location: Pisa, Italy
More Information: http://stm2012.dti.unimi.it




2012-05-17
18:10 [PhD][New] Côme Berbain: Analyse et conception d\'algorithmes de chiffrement à flot

  Name: Côme Berbain
Topic: Analyse et conception d\'algorithmes de chiffrement à flot
Category: secret-key cryptography

Description:

The primary goal of cryptography is to protect the confidentiality of data and communications. Stream ciphers is one of the two most popular families of symmetric encryption algorithms that allow to guaranty\r\nconfidentiality and to achieve high performances.

\r\n\r\n

In the first part of this thesis, we present different cryptanalysis techniques against stream ciphers: correlation\r\nattack against the stream cipher GRAIN, guess and determine attack against the BSG mechanism, algebraic attack against special\r\nkinds of non-linear feedback shift registers, and chosen IV attack against a reduced version of the stream cipher SALSA.

\r\n\r\n

In a second part, we focus on proofs of security for stream ciphers: we introduce the new algorithm QUAD and give some \r\nprovable security arguments in order to link its security to the conjectured intractability of Multivariate Quadratic problem. We also try to extend the security requirements of stream ciphers to the case where initialisation values (IV) are used: we present a construction which allows us\r\nto build a secure IV dependent stream cipher from a number generator and apply it to QUAD, which becomes the first IV dependent\r\nstream cipher with provable security arguments. We also present the algorithms DECIM and SOSEMANUK, to which we made\r\ndesign contributions.

\r\n\r\n

Finally in a third part, we present efficient software and hardware implementations of the QUAD algorithm.

[...]


18:09 [Job][New] M.Sc. and Ph.D. positions with scholarship, Koç University, Turkey

 

Want to store your data online securely? Want a fair Internet? What about outsourcing your job while still being assured of the result?

If you want to secure the cloud through the use of provable cryptographic techniques, then you should definitely apply to the Cryptography, Security & Privacy Research Group at Koç University, ?stanbul, Turkey. We have multiple openings for both M.Sc. and Ph.D. level applications. All accepted applicants will receive competitive scholarships.

Koç University has a beautiful campus in the middle of a forest, with a nice view of the Black Sea and the Bosporus, and is very close to the Istanbul city center. The application deadline is 15th of April for early applications and 15th of June for late applications.

For more information about our group, visit

http://crypto.ku.edu.tr


For applying online, visit

http://gsse.ku.edu.tr


Late applications will be considered in exceptional cases.