International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-06-24
09:29 [PhD][New] Billy Bob Brumley: Covert Timing Channels, Caching, and Cryptography

  Name: Billy Bob Brumley
Topic: Covert Timing Channels, Caching, and Cryptography
Category: implementation

Description: Side-channel analysis is a cryptanalytic technique that targets not the formal description of a cryptographic primitive but the implementation of it. Examples of side-channels include power consumption or timing measurements. This is a young but very active field within applied cryptography. Modern processors are equipped with numerous mechanisms to improve the average performance of a program, including but not limited to caches. These mechanisms can often be used as side-channels to attack software implementations of cryptosystems. This area within side-channel analysis is called microarchitecture attacks, and those dealing with caching mechanisms cache-timing attacks. This dissertation presents a number of contributions to the field of side-channel analysis. The introductory portion consists of a review of common cache architectures, a literature survey of covert channels focusing mostly on covert timing channels, and a literature survey of cache-timing attacks, including selective related results that are more generally categorized as side-channel attacks such as traditional timing attacks. This dissertation includes eight publications relating to this field. They contain contributions in areas such as side-channel analysis, data cache-timing attacks, instruction cache-timing attacks, traditional timing attacks, and fault attacks. Fundamental themes also include attack mitigations and efficient yet secure software implementation of cryptosystems. Concrete results include, but are not limited to, four practical side-channel attacks against OpenSSL, each implemented and leading to full key recovery.[...]




2012-06-23
10:42 [PhD][New] Sujoy Sinha Roy: Design and Analysis of Elliptic Curve Cryptosystems on FPGAs

  Name: Sujoy Sinha Roy
Topic: Design and Analysis of Elliptic Curve Cryptosystems on FPGAs
Category: implementation

Description: The thesis explores compact and efficient iplementation of elliptic curve cryptography (ECC) on hardware platforms over extended binary fields. \r\nEfficiency of an elliptic curve cryptoprocessor is largely affected by the underlying finite field primitives and by the architecture of the elliptic curve scalar multiplier (ECSM). The work presented in this thesis contributes in designing efficient finite field algorithms by utilizing the Lookup Tables (LUTs) present in FPGAs. The thesis develops a generalization of the Itoh-Tsujii inversion algorithm (ITA) to use higher exponentiation circuits instead of the conventional squaring circuits. Finally the thesis integrates efficient finite field primitives and explores the concept of pipelining to develop a high speed ECSM architecture. The delay of the critical paths of the ECSM architecture have been estimated by a theoretical model and have been split into optimal delay stages. The thesis develops optimal scheduling technique for pipelined ECSM architecture. The work analyzes the effect of increase in number of pipeline stages on the scalar multiplication time and estimates the optimal\r\nnumber of pipelined stages in the ECSM architecture for a given finite field. Finally detailed analysis, supported with experimental results have been provided to design the fastest reported scalar multiplier in GF(2^163). The proposed design has a three stage pipeline and takes less than 13 us, as compared to 20 us required in the previous best design by Chelton and Benaissa on Virtex 4 FPGAs. Notably, the current design has an area requirement of only 56% compared with the reported work, owing to the better LUT utilizations of the underlying finite field primitives.[...]




2012-06-22
08:09 [Conf][EC] Videos from Eurocrypt 2012

  Videos and presentations from Eurocrypt 2012 are now online. http://www.iacr.org/cryptodb/data/videos.php



2012-06-20
15:41 [Event][Update] Indocrypt 2012

  Submission: 23 July 2012
From December 9 to December 12
Location: Kolkata, India
More Information: http://www.math.auckland.ac.nz/indocrypt2012


15:41 [Event][Update] Crypto 2013

  From August 19 to August 23
Location: Santa Barbara, CA, USA
More Information: http://www.iacr.org/conferences/




2012-06-19
18:59 [Event][Update] CT-RSA 2013: The Cryptographers' Track at RSA Conference

  Submission: 3 September 2012
Notification: 26 October 2012
From February 25 to March 1
Location: San Francisco, USA
More Information: http://conf.isi.qut.edu.au/ct-rsa2013/


15:45 [Job][New] Senior Researcher, Software Technology and Applications Competence Center, Tartu, Estonia

  Software Technology and Applications Competence Center (STACC) is a collaborative research center located in Tartu, Estonia. The center conducts applied research in various areas of computer science, including data security and cryptography. Successful applicant is expected to contribute primarily to the research in secure multi-party computations (collaborating with the Sharemind team) and electronic voting (STACC is developing the framework for the next generation of verifiable voting to be used in Estonian legally binding elections). Knowledge of other areas of computer science (e.g. data mining) is a bonus. Proposed gross salary is up to €3.000 per month depending on the qualifications of the applicant. Applicants will be considered in the order of applications until the position is filled. The position will start in the fall 2012 and end on June 30th 2013.



2012-06-18
14:49 [Job][New] Post-doc, Universite catholique de Louvain

  Wireless sensor nodes (WSN) are likely to be one of the more vulnerable parts of a sensor network. These devices can be attacked by standard network based approaches but also by physical means if they are left unattended in remote sites. While much research effort has been spent on improving the network security of WSN, the protection of the nodes and especially their protection against physical attacks has been, until now, neglected.

The objective of this project is to prevent physical attacks against sensor nodes, by developing means to improve the tamper resistance of these low cost devices without significantly increasing their cost. In a first phase that took place over the last 20 months, the project allowed defining cost effective countermeasures for the selected cryptographic primitives and designing a secure co-processor to be integrated in a sensor node prototype. The second phase will entail the analysis of the manufactured device\'s actual resistance against side-channel attacks and its integration in the prototype.

The research will take place in the framework of a European project involving high-level academic and industrial experts. The researcher will also benefit from the dynamic research environment of the UCL Crypto Group (Université catholique de Louvain), with strong interactions with researchers working on related subjects.

The candidate should hold a PhD in electronics, computer science or mathematics, with strong interests in algorithms and signal processing. A preliminary background in cryptology and side-channel attacks is an important asset.

11:04 [Event][Update] ESTEL-SEC 2012: ESTEL Security and Privacy Special Track

  Submission: 15 July 2012
Notification: 27 August 2012
From October 2 to October 5
Location: Rome, Italy
More Information: http://estel-sec.dti.unimi.it/


11:03 [Job][New] Ph.D. Student, Post-Doc, Intel Collaborative Research Institute
for Secure Computing (ICRI-SC) at TU-Darmstadt


 

The Intel Collaborative Research Institute for Secure Computing (ICRI-SC) conducts security research for mobile and embedded systems and supports industry and scientific research to improve the reliability of mobile and embedded devices as well as the ecosystem around them. We are currently looking for highly skilled scientific personnel to complete our team.

Your Profile

Applicants should hold Diploma, Master or PhD Degree in Computer Science or Electrical Engineering and bring well-founded knowledge and experience in IT-Security. In particular, we are looking for candidates that have expertise in one or more of the following areas:

  • Mobile operating system security (e.g., Android, iOS)
  • Embedded system security and embedded processors (e.g., ARM and Intel Atom)
  • Lightweight Cryptography with focus on emerging technologies such as RFID and NFC
  • Hardware security (e.g., Physically Unclonable Functions)
  • Trusted Computing
  • Design, development, analysis of System-on-Chip (SoC) IP blocks and associated tools

How to Apply

Your application should include your current curriculum vitae, MSc/Diploma certificates and grades, a letter of motivation stating your interest in the position and your research interests, and at least two letters of recommendation.