International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2012-12-10
13:17 [Pub][ePrint] The Weakness of Integrity Protection for LTE, by Teng Wu and Guang Gong

  In this paper, we concentrate on the security issues of the integrity protection of LTE and present two different forgery attacks. For the first attack, referred to as a {\\em linear forgery attack}, EIA1 and EIA3, two integrity protection algorithms of LTE, are insecure if the initial value (IV) can be repeated twice during the life cycle of an integrity key (IK). Because of the linearity of EIA1 and EIA3, given two valid Message Authentication Codes (MACs) our algorithm can forge up to $2^{32}$ valid MACs. Thus, the probability of finding a valid MAC is dramatically increased. Although the combination of IV and IK never repeats in the ordinary case, in our well-designed scenario, the attacker can make the same combination occur twice. The duplication provides the opportunity to conduct our linear forgery attack, which may harm the security of communication. To test our linear forgery attack algorithm, we generate two counter check messages and successfully forge the third one. We also examine the attack timing by simulating real communication. From the experimental results, our attack is applicable. The second attack is referred to as a {\\em trace extension forgery attack}, which works only in theory. However, this attack is more general than the linear forgery attack. Known only one MAC and message pair, we can construct a different message, who has the same MAC as the original one, with the probability $\\frac{1}{2^{16}}$. In this attack, trace function is applied to the message to shrink the guessing space.



13:17 [Pub][ePrint] Root Optimization of Polynomials in the Number Field Sieve, by Shi Bai and Richard P. Brent and Emmanuel Thom\\\'e

  The general number field sieve (GNFS) is the most efficient

algorithm known for factoring large integers. It consists of several

stages, the first one being polynomial selection. The quality of the

chosen polynomials in polynomial selection can be modelled in terms of

size and root properties. In this paper, we describe some algorithms for

selecting polynomials with very good root properties.



13:17 [Pub][ePrint] Integrated PKE and PEKS - Stronger Security Notions and New Constructions , by Yu Chen and Jiang Zhang and Zhenfeng Zhang and Dongdai Lin

  In this paper we investigate the security for integrated public-key encryption (PKE)

and public-key encryption with keyword search (PEKS) schemes. We observe that the security

notions for integrated PKE and PEKS schemes considered in the existing literature are not strong

enough to capture practical attacks, thus define a new notion named joint CCA-security which is

shown to be stronger than the previous ones. We also propose two simple and efficient constructions

of jointly CCA-secure integrated PKE and PEKS schemes from anonymous (hierarchical) identity-

based encryption schemes. Besides, we review the consistency for PEKS schemes and improve

previous results.





2012-12-08
22:30 [Job][New] Postdoctoral Research Fellow, Queensland University of Technology, Brisbane, Australia

 

The Information Security discipline at the Queensland University of Technology (QUT) in Brisbane, Australia, invites applications for a 2-year post-doctoral researcher position in cryptography starting in 2013. The focus of the position is on analyzing and characterizing the overall security of real-world cryptographic protocols such as TLS. We are looking for outstanding candidates with experience in cryptographic modelling, provable security, and key exchange protocols. The position is supported by an Australia Research Council (ARC) Discovery Project grant.

Applicants should have recently completed, be under examination for, or be close to submitting a PhD. Starting salary is between AUD$57,187 and $77,598 per annum, plus 17% pension contribution. Funds for relocation and travel will also be available.

QUT\'s Science and Engineering Faculty has an active and growing group with research strengths in cryptography, network security, and digital forensics, with a leading national profile and strong international links. QUT is investing heavily in science and technology research, with a new $240 million facility in the heart of Brisbane\'s central business district housing many interdisciplinary research groups, including information security. Brisbane is a city of 2 million people with a high quality of living, and many of Queensland\'s stunning beaches and wilderness are less than half an hour away.





2012-12-07
10:05 [Event][New] CTCrypt 2013: 2nd Workshop on Current Trends in Cryptology

  Submission: 11 March 2013
Notification: 22 April 2013
From June 23 to June 24
Location: Ekaterinburg, Russia
More Information: http://www.tc26.ru/en/CTCryptEN/CTCrypt2013/




2012-12-06
15:56 [Job][New] Two Ph.D. studentships, Royal Holloway, University of London, UK

  The Government Communications Headquarters (GCHQ) in Cheltenham, UK, has agreed in principle to sponsor two PhD/Doctoral Studentships to be held with the Information Security Group of Royal Holloway (University of London) in the area of cryptography. The studentships will be funded for a period of 3.5 years, starting in September 2013. The two studentships available are as follows:

A Computational Algebra Approach to Learning with Errors

Supervisors: Dr Carlos Cid and Prof. Sean Murphy

Randomness in Cryptography – Theory Meets Practice

Supervisor: Prof. Kenny Paterson

Note that the studentships are only open to UK nationals and the successful candidates will be required to spend in the region of 2 - 4 weeks per year at GCHQ headquarters in Cheltenham. To be considered for this studentship, candidates must therefore be prepared to undergo GCHQ\'s security clearance procedures.

15:56 [Job][New] Post-Doc in Security and Privacy, Technische Universität Darmstadt, Germany

  The Department of Computer Science, Chair for Security in Information Technology (Prof. Dr. Michael Waidner) is soliciting applications to fill the position of a

Post-doc in Security and Privacy

Code: 2013-01-491 (in PDF)

Deadline for applications: January 6th, 2013 (might be extended)

We are seeking highly motivated candidates with a strong background and interest in IT security and/or privacy who have finished or will finish soon their Doctorate/PhD in Computer Science or a related discipline.

Preference will be given to candidates with experience in at least one of these areas:

Application security, in particular web application security

Secure engineering, in particular software security, assurance for open source projects

Privacy and transparency enhancing technologies

Security, privacy and compliance management for cloud computing

We expect excellent research and contributions to our teaching program. The position will be part of the ongoing research activities at the Security in IT research group. We actively support publication and presentation of research at the top international conferences and offer an internationally well-connected, interdisciplinary and engineering-oriented work environment.

The position is funded by the university and not bound to a specific project (i.e., it is a \"Landesstelle\"). The position is initially limited to 2 years but may be extended. Compensation follows the Tarifvertrag für die Technische Universität Darmstadt (TV - TU Darmstadt). The Technische Universität Darmstadt aims at increasing the number of female researchers and therefore explicitly encourages women to apply. Severely handicapped will be preferred, given equal qualification.

Applications must include:

Professional CV

List of publications and copies of two selected publications

Co



2012-12-05
05:53 [Event][New] ACISP 2013: 18th Australasian Conference on Information Security and Privacy

  Submission: 15 February 2013
Notification: 12 April 2013
From July 1 to July 3
Location: Brisbane, Australia
More Information: http://www.acisp2013.qut.edu.au


05:52 [Job][Update] Assistant Professor, Sejong University, Seoul, South Korea

 

The Department of Computer and Information Security at Sejong University is looking for an Assistant Professor, starting in March 2013. Applicants must have a Ph.D. in computer science, computer engineering, or applied mathematics and must have research experiences in one of the followings: computer network and system security, software security, information security or cryptography.

The successful candidate will be responsible for the followings: teaching at least 5 courses a year at both the undergraduate and graduate level, student consulting, research, and other professional services.

Candidates with strong research background in the area of security andcryptography are encouraged to apply.



05:50 [Job][New] Assistant Professor, Sejong University, Seoul, South Korea

  The Department of Computer and Information Security at Sejong

University is looking for an Assistant Professor, starting in March

2013. Applicants must have a Ph.D. in computer science, computer

engineering, or applied mathematics and must have research experiences

in one of the followings: computer network and system security,

software security, information security or cryptography.

The successful candidate will be responsible for the followings:

teaching at least 5 courses a year at both the undergraduate and

graduate level, student consulting, research, and other professional

services.

Candidates with strong research background in the area of security and

cryptography are encouraged to apply.





2012-12-04
09:14 [Job][New] Assistant Professor, Florida Atlantic University

  The Department of Mathematical Sciences at Florida Atlantic University is seeking an Assistant Professor, starting in August 2013 to extend FAU\'s program in cryptology and information security. Florida Atlantic University has been designated a National Center of Academic Excellence in Information Assurance Research by NSA and the Department of Homeland Security. Applicants must possess a Ph.D. in mathematics or in a closely related area and an established research record in cryptology or information security. Responsibilities for this position include teaching at both the undergraduate and graduate level, research, and professional service. A successful candidate is expected to direct research at the graduate level.

The salary range is $60K - $70K. For additional information about the position, please contact us by email at search (at) math.fau.edu. Reviewing of applications will begin on January 15, 2013. The position will remain open until filled.

All applicants must complete the Faculty, Administrative, Managerial & Professional Position Application form available online through the Office of Human Resources at https://jobs.fau.edu. Please upload a letter of application, curriculum vitae, list of publications, and separate teaching and research statements in which you discuss your teaching philosophy and research aspirations.

Have three reference letters sent by email to spyros (at) fau.edu, Prof. Spyros S. Magliveras, Hiring Committee Chair, Mathematical Sciences Dept., Florida Atlantic University.

A background check will be required for the candidate selected for this position.

Florida Atlantic University is an Equal Opportunity/Equal Access Institution.