International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-03-26
15:17 [Pub][ePrint] Search Pattern Leakage in Searchable Encryption: Attacks and New Constructions, by Chang Liu and Liehuang Zhu and Mingzhong Wang and Yu-an Tan

  Searching on remote encrypted data (commonly known as \\textit{searchable encryption}) is becoming an important technique in secure data outsourcing, since it allows users to outsource encrypted data to the third party and maintains the keyword searching on the data at the same time.

It has been widely accepted in the literature that searchable encryption techniques should leak as little information as possible to the third party. An early classical method called oblivious RAM hides all information at the cost of poly-logarithmic computation and communication overheads, which turns out to be impractical in the real world applications (e.g., cloud computing). A number of efficient searchable encryption schemes have been proposed under weaker security guarantees afterwards, however, such schemes leak statistical information about the user\'s search pattern.

In this paper, we show that the search pattern leakage can result in non-trivial risks. As pioneer work, we present two concrete attack models exploiting user\'s search pattern and some auxiliary background knowledge aiming to disclose the underlying keywords of user\'s queries. To resist these attacks, we develop two new searchable encryption constructions that hide the search pattern. Our constructions are designed to be independent from the underlying searchable encryption scheme. Our experiments, which are based on the real world dataset, demonstrate the effectiveness and efficiency of proposed attack models and new constructions.



15:17 [Pub][ePrint] Provably Secure LWE-Encryption with Uniform Secret, by Daniel Cabarcas and Florian Göpfert and Patrick Weiden

  In this paper we present the (to the best of our knowledge) first LWE-based encryption scheme that removes the need of Gaussian sampling for the error, i.e. the discrete Gaussian distribution is replaced by the uniform distribution on a (small) set, which at the same time preserves the underlying worst-case hardness. This shows that provable security and efficiency do not necessarily have to mutually exclude each other. We give an asymptotic parameter instantiation for our scheme, as well as some hardness results for LWE which might be of independent interest.





2013-03-25
15:31 [Event][New] CrossFyre 2013: CrossFyre 2013

  Submission: 8 May 2013
Notification: 17 May 2013
From June 20 to June 21
Location: Leuven, Belgium
More Information: http://www.cosic.esat.kuleuven.be/crossfyre/


15:29 [Event][New] ISCTURKEY 2013: 6th International Conference on Information Security and Cryptology

  Submission: 1 July 2013
Notification: 15 August 2013
From September 20 to September 21
Location: Ankara, Turkey
More Information: http://www.iscturkey.org


15:29 [Event][New] CRiSIS 2013: 8th International Conference on Risks and Security of Internet and Systems

  Submission: 3 June 2013
Notification: 1 August 2013
From October 23 to October 25
Location: La Rochelle, France
More Information: http://secinfo.msi.unilim.fr/crisis2013/


15:28 [Event][New] Eurocrypt: Eurocrypt 2014

  From May 4 to May 8
Location: Copenhagen, Denmark
More Information: http://ec14.compute.dtu.dk/


15:27 [Job][New] Software Engineer, Embedded Data Security, ESCRYPT Inc, Ann Arbor, Michigan, USA

  ESCRYPT is a leading company in the area of applied data security. Our clients include all global auto makers as well as leading global players in the area of machinery, automation, semiconductors and high-tech companies.

YOUR TASKS

Develop customized software for client projects in the areas concerning embedded data security and engage in product development; Design various software applications including the design of secure systems, specification of Application Programming Interfaces (API) development of software in typical programming languages C, C++, Java) and use of development environments (e.g. Eclipse); Maintain and develop documentation and testing of the developed software; Apply cryptographic mechanisms (e.g. RSA, Elliptic Curve Cryptography and AES) and of security protocols such as TLS; Provide solutions to clients and educating same to properly use the software. The position requires familiarity in the use of Windows and Linux, and in the set-up of a development environment (e.g. setting up an environment with virtual machines and databases). The position also requires rationalizing design decisions to clients and co-ordinating sub tasks of larger projects.

PROFESSIONAL REQUIREMENTS

Must have Master’s Degree in Computer Science, Information Technology or Information Security; Five (5) years of experience in such positions as Network Engineer, Information Security Administrator and/or Network Security Analyst. Must have certificate in IS training.

PERSONAL REQUIREMENTS

-Willing to work in a flexible team

-Reliability

-Independent and thoughtful

-Pleasant communication skills

WE OFFER

We take your career seriously and offer the possibility to grow with us in a highly qualified, internationally experienced team. Our work environment is harmonic and team oriented, and at the same time challenging and interesting. We always look to achieve best results, and

15:25 [Job][New] PhD Position on Privacy Enhancing Technologies and Anonymous Communications (NR27372), University of Cambridge, UK

  Applications are invited for one PhD position in the Security Group at the Computer Laboratory to work with Dr Steven Murdoch. Funding for this position is provided by the Engineering and Physical Sciences Research Council (EPSRC) in collaboration with the Royal Society.

The successful candidate will undertake research on methods to analyse the security of anonymous communication systems and privacy enhancing technologies. This broad research topic falls within an EPSRC priority area and provides considerable scope for the PhD candidate to find his or her own research direction.

Candidates should possess, or who will shortly obtain, at least an upper 2nd class honours degree in computer science, software engineering or a related discipline, and ideally, a Masters degree in a computer-science related field. Strong mathematical and programming skills, along with a keen interest in privacy and anonymous communications, are essential. A good understanding of networking and operating systems is highly desirable.

Funding (covering approved fees and living expenses for one person) is available for 3 years, and the successful candidate must be able to start on 30 September 2013. Candidates should be UK or EU citizens, or have appropriate permissions to work in the UK.

Applications should be made via the University of Cambridge Graduate Admissions Office http://www.admin.cam.ac.uk/students/gradadmissions/prospec/ no later than 31st May 2013, but please contact Dr Murdoch as soon as possible if interested.

* Limit of tenure: 3 years

Quote Reference: NR27372

15:24 [Job][New] Research Assistant in Mobile Forensics, University of Bristol, UK, EU

  Based in the Systems Centre and the Cryptography Group within the Department of Computer Science, you will work on a European Union funded project exploring the design and implementation of new approaches for the detection of and response to Internet abuse. You will join a team of researchers working on the same project, with whom you will be expected to work in very close collaboration. As such, evidence of prior teamwork and excellent communication skills are essential.

You will be required to conduct research in computer and network forensics, to design and develop tools for the extraction and forensic analysis of digital evidence from Android Smartphones and to assist with the integration of those tools with a visualization toolkit, which is also being developed as part of the same project. The work will focus primarily on network activity and social networking applications. Other areas will also be investigated during the course of the project, including but not limited to data extraction and forensic investigation of WiFi routers, Femtocells, wireless sensor devices.

You will be expected to disseminate project results by writing academic papers and by making presentations. You will also participate in writing project deliverables and reports. The role will require interaction with law enforcement agencies and legal practitioners, so having the ability to develop a good understanding of legal issues surrounding the abuse of the Internet will be an asset.

Excellent understanding of information security and computer networking is essential. Prior experience with collaborative software development is desirable, with focus on the languages listed in the ‘Further Particulars’ document. You will possess or be near completion of a PhD in information and communication security, computer networks, computer forensics or related discipline.

This post is funded for 12 months. It is expected that interviews will

15:24 [Job][New] Senior Lecturer / Associate Professor, University of Cape Town, South Africa

  The Department of Mathematics and Applied Mathematics is a large and dynamic establishment with over thirty faculty members. We seek to make two new appointments in Pure Mathematics as soon as possible. Applications are sought for two posts at the level of Senior Lecturer / Associate Professor.

Candidates must be in possession of a PhD in the Mathematical Sciences and are expected to have a strong research track record, which must show evidence of independence and leadership.

Applications in all areas of Pure Mathematics will be considered. However we are particularly seeking active researchers whose research field complements and strengthens the existing research in our department in algebra, analysis, discrete mathematics related to computer science (including cryptography), and geometry. The department intends filling one of the posts with an algebraist.

Candidates should indicate for which level of position they are applying. Level of appointment will be commensurate with experience and standing of applicants; at Associate Professor level a record of Post Graduate supervision would normally be expected.

The successful applicants will be expected to teach not only in their areas of research, but also service courses offered to other Faculties such as Engineering and Commerce, to contribute to the administration of the department and its courses, to supervise students and to attract research funding.

The annual remuneration packages, including benefits, are as follows:

• Associate Professor: R 663 359

• Senior Lecturer: R 562 173

To apply, please e-mail the completed UCT Application form (HR201) and all other relevant documentation as indicated on the form, with the subject line “SL/AP - MAM” followed by the reference number to Ms Melanie Falken at melanie.falken (at) uct.ac.za.

Reference number for this position: SR463/13



2013-03-20
03:06 [Event][New] ICISC 2013: The 16th International Conference on Information Security and Cryptology

  Submission: 26 August 2013
Notification: 13 October 2013
From November 27 to November 29
Location: Seoul, South Korea
More Information: http://www.icisc.org/