International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

13:32 [Event][New] SECRYPT: 10th International Conference on Security and Cryptography (SECRYPT 2013)

  Submission: 22 February 2013
Notification: 6 May 2013
From July 29 to July 31
Location: Reykjavík, Iceland
More Information:

09:55 [Job][New] PhD , University of Luxembourg

  The University of Luxembourg seeks to hire an outstanding researcher for the Applied Security and Information Assurance (APSIA) group at its Interdisciplinary Centre for Security, Reliability and Trust (SnT). SnT is a recently formed centre carrying out interdisciplinary research in secure, reliable and trustworthy ICT systems and services, often in collaboration with industrial, governmental or international partners. The APSIA group is also associated with Laboratory of Algorithmics, Cryptology and Security (LACS) of the Computer Science and Communications Research Unit (CSC), which is part of the international and multidisciplinary Faculty of Science, Technology and Communication (FSTC) in University of Luxembourg.

REF : F1-070079

Fixed-term contract 3 years, full-time (40 hrs/week)

Number of Positions : 1

Your Role

The PhD topic is to design and analyse lattice-based cryptosystems. The research focus will mainly be on (but not limited to) investigating lattice-related hardness assumptions, both in terms of classical and quantum models of computation, and then designing novel, practical lattice-based public-key cryptosystems. Other classes of “hard” problems, for example based on coding theory and braid groups, will also be investigated.

The student will work closely with Prof. Peter Y. A. Ryan and Dr. Qiang Tang. Moreover, the student will be encouraged to work with other members in the APSIA group and collaborate with researchers from other related research units, such as LACS.

09:55 [Job][New] Ph.D. student, DFG Research Training Group UbiCrypt, Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany


The Horst Görtz Institute for IT-Security (HGI) at Ruhr-University Bochum is one of Europe’s leading research centers in IT security. The DFG, or German Research Foundation, awarded more than €4 million to the HGI for the establishment of the interdisciplinary research training group “New Challenges for Cryptography in Ubiquitous Computing”. We are looking for candidates with outstanding Master/Diplom in the fields of computer science, electrical engineering, mathematics or related areas.

The research training group will study problems which are fundamental for securing the Internet of Things. The research is structured in three levels: cryptographic primitives, device and system level. The research topics range from cryptographic foundations such as fully homomorphic encryption for privacy in cloud computing, over security for medical implants to internet security solutions involving new national ID cards. A central goal of the doctoral training is an interdisciplinary and structured education at the highest scientific level. Establishing networks to top internationally research groups is part of the training.

A group of internationally renowned researchers together with excellent funding provides an extremely interesting scientific environment. The HGI is known for its good working atmosphere.

The Ruhr-University Bochum supports women‘s career development. Applications from women are thus explicitly welcome. In those areas in which women are underrepresented they will be considered preferentially according to the regulations of the „Landesgleichstellungsgesetz” if their abilities, aptitude and professional performance are equal with those of the fellow applicants unless reasons concerning the person of a fellow applicant are predominant.

In case of equal qualification, applications of severely disabled persons or persons that are regarded as being on a par with severely disable

06:25 [Job][New] Ph.D. student or Post-Doc, Bar-Ilan University, Israel

  PhD students and post-docs who wish to do research on mathematical aspects of cryptography (most notably, noncommutative algebraic cryptography), are solicited.

The students will be hosted by and collaborate with Dr. Boaz Tsaban of the Department of Mathematics, Bar-Ilan University (BIU), and have the opportunity to interact with several crypto groups located in BIU.

There are two categories:

1. French citizens under 28 years old.

Deadline: December 15th, 2012


2. Danish citizens.

Deadline: December 31st, 2012.


06:24 [Event][New] DICTAP2013: The Third International Conference on Digital Information and Communication

  Submission: 10 May 2013
Notification: 30 May 2013
From July 8 to July 10
Location: Ostrava, Czech Republic
More Information:

12:36 [Job][New] Postdoc, Karlsruhe Institute of Technology, Germany

  There is one open postdoc position in the group of Dennis Hofheinz at the Karlsruhe Institute of Technology. The focus of our group is on all kinds of provable security, and in particular on public-key cryptography and cryptographic protocols.

Candidates should have a strong publication record. Knowledge of German is not required. There is funding for one year, with a possible extension. Review of applications starts immediately and will continue until the position is filled. The starting date is flexible.

19:17 [Pub][ePrint] Message-Locked Encryption and Secure Deduplication, by Mihir Bellare and Sriram Keelveedhi and Thomas Ristenpart

  We formalize a new cryptographic primitive, Message-Locked Encryption (MLE), where the key under which encryption and decryption are performed is itself derived from the message. MLE provides a way to achieve secure deduplication (space-efficient secure outsourced storage), a goal currently targeted by numerous cloud-storage providers. We provide definitions both for privacy and for a form of integrity that we call tag consistency. Based on this foundation, we make both practical and theoretical contributions. On the practical side, we provide ROM security analyses of a natural family of MLE schemes that includes deployed schemes. On the theoretical side the challenge is standard model solutions, and we make connections with deterministic encryption, hash functions secure on correlated inputs and the sample-then-extract paradigm to deliver schemes under different assumptions and for different classes of message sources. Our work shows that MLE is a primitive of both practical and theoretical interest.

19:17 [Pub][ePrint] Pairings on Generalized Huff Curves, by Abdoul Aziz Ciss and Djiby Sow

  This paper presents the Tate pairing computation on generalized Huff curves proposed by Wu and Feng in \\cite{Wu}. In fact, we extend the results of the Tate pairing computation on the standard Huff elliptic curves done previously by Joye, Tibouchi and Vergnaud in \\cite{Joux}. We show that the addition step of the Miller loop can be performed in $1\\mathbf{M}+(k+15)\\mathbf{m}+2\\mathbf{c}$ and the doubling one in $1\\mathbf{M} + 1\\mathbf{S} + (k + 12) \\mathbf{m} + 5\\mathbf{s} + 2\\mathbf{c}$ on the generalized Huff curve.

19:17 [Pub][ePrint] New Preimage Attack on MDC-4, by Deukjo Hong and Daesung Kwon

  In this paper, we provide some cryptanalytic results for

double-block-length (DBL) hash modes of block ciphers, MDC-4. Our

preimage attacks follow the framework of Knudsen et al.\'s

time/memory trade-off preimage attack on MDC-2. We find how to apply

it to our objects. When the block length of the underlying block

cipher is $n$ bits, the most efficient preimage attack on MDC-4

requires time and space about $2^{3n/2}$, which is to be compared to

the previous best known preimage attack having time complexity of

$2^{7n/4}$. Additionally, we propose an enhanced version of MDC-4,

MDC-4$^*$ based on a simple idea. It is secure against our preimage

attack and previous attacks and has the same efficiency as MDC-4.

19:17 [Pub][ePrint] Cryptanalysis of Double-Block-Length Hash Mode MJH, by Deukjo Hong and Daesung Kwon

  A double-block-length (DBL) hash mode of block ciphers, MJH has been

proved to be collision-resistant in the ideal cipher model upto

$2^{2n/3- \\log n}$ queries. In this paper we provide first

cryptanalytic results for MJH. We show that a collision attack on

MJH has the time complexity below the birthday bound. When block

ciphers with 128-bit blocks are used, it has time complexity around

$2^{124}$, which is to be compared to the birthday attack having

complexity $2^{128}$. We also give a preimage attack on MJH. It has

the time complexity of $2^{3n/2+1}$ with $n$-bit block ciphers,

which is to be compared to the brute force attack having complexity


19:17 [Pub][ePrint] Secure Outsourced Attribute-based Encryption, by Jin Li and Jingwei Li and Xiaofeng Chen and Chunfu Jia and Duncan S. Wong

  Attribute-Based Encryption (ABE) is a promising cryptographic primitive which significantly enhances the versatility of access control mechanisms. Due to the high expressiveness of ABE policies, the computational complexities of ABE key-issuing (by Attribute Authorities (AAs)) and decryption (by eligible users) are getting prohibitively high. Despite that the existing Outsourced ABE solutions are able to offload some intensive computing tasks to a third party, for example, a cloud, so to relieve the local burden of eligible users during decryption, the high computational complexity of the key-issuing at the AAs has yet to be addressed, while an ABE system will continue to grow with more users being included, and with the user revocation being considered in practice which will trigger more key (re-)issuing.

Aiming at tackling the challenges above, for the first time, we propose a Secure Outsourced ABE system, which not only supports secure outsourced decryption, but also provides secure outsourced key-issuing. Unlike the current outsourced ABE systems, our new method offloads all access policy and attribute related operations in the key-issuing process or decryption to a Key Generation Service Provider (KGSP) and a Decryption Service Provider (DSP), respectively, leaving only a constant number of simple operations for the AAs and eligible users to perform locally. Furthermore, we show that both outsourcing processes (to KGSP and to DSP) are secure, namely, the KGSP and the DSP would not be able to recover the keys or decrypt the ciphertexts, respectively.

In addition, we consider the scenario that a KGSP or DSP may be dishonest and could maliciously generate some incorrect returning values rather than following the outsourced operations. Therefore, in this paper, we also propose another ABE construction which allows the AAs and eligible users to check the correctness of outsourced operations in an efficient way. The security of the construction is analyzed under a recently formalized model called Refereed Delegation of Computation (RDoC).