International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

13:47 [Event][New] FC14: Financial Cryptography and Data Security 2014

  Submission: 25 October 2013
Notification: 15 December 2013
From March 3 to March 7
Location: Rockley, Christ Church, Barbados
More Information:

20:20 [Conf] Report on ICITS


6th International Conference on Information Theoretic Security (ICITS 2012)

ICITS 2012 was held from August 15 to 17, 2012 in Montréal (Canada). The organizing committee included Adam D. Smith (Program Chair), Jürg Wullschleger (General Chair), Alain Tapp, Claude Crépeau and Olivier Coutu.

It is a conference about all aspects of information-theoretic security. Its aim is to bring together researchers from all over the world from the areas of cryptography, information theory and quantum information. The conference was created as a successor of the “IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security” on Awaji Island, Japan, and takes place every 18 month, alternating between Asia, Europe and North America. Previous ICITS conferences were held in Madrid (Spain), Calgary (Canada), Shizuoka (Japan) and Amsterdam (The Netherlands).

As in previous ICITS conferences, the plenary talks were given by the leading researchers in the field. This year, these talks were given by Serge Fehr (CWI Amsterdam), Patrick Hayden (McGill University), Negar Kiyavash (University of Illinois at Urbana-Champaign), Xin Li (University of Washington), Krzysztof Pietrzak (IST Austria) and Salil Vadhan (Harvard University).

The usual process for conferences in Computer Science is that all submitted papers first undergo a careful reviewing process, and all papers that are accepted are not only presented at the conference, but they also appear in the conference’s proceedings. Previous ICITS conferences also used this format, but it turned out not to be optimal for information theorists and physicists. For this years ICITS, the organizers therefore decided to make a special “workshop track,” in addition to the more standard “conference track,” where the speakers needed to submit only a one-page abstract which will appear in the proceedings. This new format with both a conference and a workshop track was a big success, both in quality and quantity, and having as additional track also increased the number of participants.

The ICITS 2013 will take place in Singapore, from November 28 to 30, 2013.

20:16 [PhD][New] Yossef Oren: Secure Hardware - Physical Attacks and Countermeasures

  Name: Yossef Oren
Topic: Secure Hardware - Physical Attacks and Countermeasures
Category: implementation

Description: Any cryptographic functionality, such as encryption or authentication, must be implemented in the real world before it can be put to practical use. This implementation typically takes the form of either a software implementation for a general-purpose device such as a personal computer, or as a dedicated secure hardware device, whose main purpose is to embody the cryptographic functionality. Examples of such secure hardware devices include smart cards, car alarm key fobs and computerized ballots. To evaluate the security of a cryptographic system, researchers look for flaws which allow an attacker to break the security assumptions of the system (for example, allowing an unauthorized party to view or modify a message intended for someone else). Physical attacks (also called implementation attacks) compromise the system by taking advantage of the physical aspects of the algorithm\'s implementation. Some physical attacks (such as, for example, power analysis) recover the secret key used by the secure device by analyzing physical effects produced during its use; Others (such as, for example, relay attacks) disable or otherwise limit its secure behaviour by exploiting design or implementation flaws or by changing the underlying assumptions made by the designers of the system. \r\n
\r\nThis research focuses on physical attacks on secure hardware devices and on countermeasures which protect against these attacks. My goals were to investigate vulnerabilities in current secure hardware implementations and to evaluate the effectiveness of current and proposed countermeasures against these vulnerabilities. The two main tracks of my research are side-channel analysis (and explicitly power analysis) and secure RFID.\r\n
\r\nIn the side-channel analysis track, I investigated ways of reducing the data requirements of power analysis attacks. We showed how to mount key recovery attacks on a secure device using an extremely low amount of measurement data. The main novelty of our[...]

20:14 [PhD][New]


20:14 [PhD][New] Avishai Wool: Quorum Systems for Distributed Control Protocols

  Name: Avishai Wool
Topic: Quorum Systems for Distributed Control Protocols
Category: foundations

09:17 [Forum] [IACR Publication Reform] Re: Testable change by amitsahai

  Actually, what I was proposing is largely orthogonal to current "two-stage" review systems. My point was to have a system where authors and fellow PC members review the reviewers. Furthermore, this review would cause bad reviewers to lose the right to publish their own work at future top conferences. This would create (I think) a powerful incentive for reviewers to spend the time to craft better reviews -- at the very least, to understand better technically what is going on in a paper that they are supposed to be reviewing. -- Finally, coming back to the points raised in this thread about multi-stage reviews: At TCC 2013 this year, we tried out a system which allowed for *freeform* interaction between PC members and authors (i.e. a "poly-stage" review process). In my opinion as the PC chair with a global view of what happened, this interaction was extremely helpful, especially with papers that were "on the edge", or were misunderstood during the review process. --Amit From: 2013-29-06 06:34:34 (UTC)

21:35 [Event][New] PKC 2014: 17th International Conference on Practice and Theory of Public-Key

  Submission: 4 October 2013
Notification: 16 December 2013
From March 26 to March 28
Location: Buenos Aires, Argentina
More Information:

15:35 [Event][New] TClouds '13: Workshop on Trustworthy Clouds

  Submission: 21 July 2013
Notification: 16 August 2013
From September 12 to September 13
Location: London (Royal Holloway University of London, Egham), United Kingdom
More Information:

14:26 [Job][New]


14:02 [Job][New] Ph.D. Position in Applied Cryptography, University of Twente, The Netherlands


The Centre for Telematics and Information Technology (CTIT) at the University of Twente invites applications for a 4-year PhD position in cryptographically enforced privacy in electronic healthcare starting immediately. The position is funded by the THeCS project (Trusted HealthCare Services) as part of the Dutch national program COMMIT (

The PhD candidate will be working with Prof. Pieter Hartel and Andreas Peter from the Distributed and Embedded Security Group (DIES, and with Prof. Willem Jonker from the Database Group ( of the University of Twente. The candidate will be expected to do active and internationally visible research on modern topics of applied cryptography and cryptographic protocols with a focus on privacy in electronic healthcare. The PhD candidate will be appointed for a period of four years, at the end of which he/she must have completed a PhD thesis. During this period, the PhD student has the opportunity to broaden his/her knowledge by joining international exchange programs, to participate in national and international conferences and workshops, and to visit other research institutes and universities worldwide.

Successful candidates must hold an outstanding M.Sc. degree (or equivalent) from the university study of Information Security/Cryptology, Mathematics, Computer Science, or similar. Applications from students that are about to finish their master thesis will be accepted as well. The candidate is expected to have excellent skills in the English language.

The position will be closed as soon as a suitable candidate is found. Applications must include:

  • CV and academic transcript (with grades)
  • motivation letter (including a description of prior activities with relevance to cryptography or information security)
  • <

11:21 [Job][New] Research Assistant, TU Darmstadt, Germany, EEA

  The Engineering Cryptographic Protocols Group in the Fachbereich Informatik of the Technische Universität Darmstadt is currently offering a position for a

Research Assistant in Engineering Cryptographic Protocols for Cloud Computing

with the goal to further develop the group\\\'s expertise in the area of engineering of cryptographic protocols, in particular for cloud computing environments. The position is initially assigned for 6 months, in which existing techniques for secure computation should be compared with regard to usage in cloud computing. In case third party funds are required, we aim to extend the position for up to three years and support the researcher to enroll in the Ph.D. program at Technische Universität Darmstadt.

Applicants must have completed (or be close to completing) a Master or Diplom with excellent grades in IT Security, Computer Science, Mathematics, Electrical Engineering, or a closely related subject. Knowledge in applied cryptography, IT security and programming skills are required. Additional knowledge in parallel computing, compiler construction, programming languages, and/or software engineering is a plus. We expect applicants to be highly qualified, self-motivated, and to conduct excellent, independent research within the context of EC SPRIDE, and actively support them in publishing their work on leading international conferences and journals.

Review of applications will start on July 10th, 2013 and applications will be accepted until the position has been filled.