International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

13:51 [Job][Update] Head of Card Cryptography, Large, prestigious financial institution in the United Kingdom

  A leading, financial organisation is searching for a Head of Card Cryptography to lead the development of cryptographic applications to further support risk operations.

As the Head of Cryptography, you will be responsible for developing cryptographic applications utilising your SME knowledge of cryptography. You will utilise your in-depth knowledge of security models and technologies including Public-Key Infrastructure (PKI) and Hardware Security Modules (HSMs). In addition, you will have strong application development knowledge, in particular with Java and .NET technologies. You will draw upon your experience in a similar role where you have delivered change.

To be considered for this business critical position, you will have:

* In-depth knowledge of Cryptography concepts

* Strong knowledge of PKI

* Extensive knowledge of HSMs

* Developed cryptographic applications

* Adept with Java and .NET technologies

* Delivered change focused projects

* Excellent communication and presentation skills

This is an excellent opportunity to further progress your knowledge and career for a global organisation who is renowned in the marketplace for their commitment to change.

You will be able to demonstrate your in-depth Information Security knowledge, in particular with cryptography, PKI and HSMs. In return, you will be offered a permanent role, a salary between £35,000-£50,000 and an unrivalled package.

06:17 [Pub][ePrint] How to Sign Paper Contracts? Conjectures & Evidence Related to Equitable & Efficient Collaborative Task Scheduling, by Eric Brier and David Naccache and Li-yao Xia

  This paper explores ways of performing commutative tasks by $N$ parties. Tasks are defined as {\\sl commutative} if the order at which parties perform tasks can be freely changed without affecting the final result. It is easy to see that arbitrary $N$-party commutative tasks cannot be completed in less than $N-1$ basic time units.

We conjecture that arbitrary $N$-party commutative tasks cannot be performed in $N-1$ time units by exchanging less than $4N-6$ messages and provide computational evidence in favor this conjecture. We also explore the most equitable commutative task protocols.

06:17 [Pub][ePrint] On Symmetric Encryption with Distinguishable Decryption Failures, by Alexandra Boldyreva and Jean Paul Degabriele and Kenneth G. Paterson and Martijn Stam

  We propose to relax the assumption that decryption failures are indistinguishable in security models for symmetric encryption. Our main purpose is to build models that better reflect the reality of cryptographic implementations, and to surface the security issues that arise from doing so. We systematically explore the consequences of this relaxation, with some surprising consequences for our understanding of this basic cryptographic primitive. Our results should be useful to practitioners who wish to build accurate models of their implementations and then analyse them. They should also be of value to more theoretical cryptographers proposing new encryption schemes, who, in an ideal world, would be compelled by this work to consider the possibility that their schemes might leak more than simple decryption failures.

06:17 [Pub][ePrint] Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures, by Susan Hohenberger and Amit Sahai and Brent Waters

  In this work, we explore building constructions with full domain hash structure, but with standard model proofs that do not employ the random oracle heuristic. The launching point for our results will be the utilization of a ``leveled\'\' multilinear map setting for which Garg, Gentry, and Halevi (GGH) recently gave an approximate candidate. Our first step is the creation of a standard model signature scheme that exhibits the structure of the Boneh, Lynn and Shacham signatures. In particular, this gives us a signature that admits unrestricted aggregation.

We build on this result to offer the first *identity-based* aggregate signature scheme that admits unrestricted aggregation. In our construction, an arbitrary-sized set of signatures on identity/message pairs can be aggregated into a single group element, which authenticates the entire set. The identity-based setting has important advantages over regular aggregate signatures in that it eliminates the considerable burden of having to store, retrieve or verify a set of verification keys, and minimizes the total cryptographic overhead that must be attached to a set of signer/message pairs. While identity-based signatures are trivial to achieve, their aggregate counterparts are not. To the best of our knowledge, no prior candidate for realizing unrestricted identity-based aggregate signatures exists in either the standard or random oracle models.

A key technical idea underlying these results is the realization of a hash function with a Naor-Reingold-type structure that is publicly computable using repeated application of the multilinear map. We present our results in a generic ``leveled\'\' multilinear map setting and then show how they can be translated to the GGH graded algebras analogue of multilinear maps.

06:17 [Pub][ePrint] Efficient Cryptosystems From $2^k$-th Power Residue Symbols, by Marc Joye and Benoit Libert

  Goldwasser and Micali (1984) highlighted the importance of randomizing the plaintext for public-key encryption and introduced the notion of semantic security. They also realized a cryptosystem meeting this security notion under the standard complexity assumption of deciding quadratic residuosity modulo a composite number. The Goldwasser-Micali cryptosystem is simple and elegant but is quite wasteful in bandwidth when encrypting large messages. A number of works followed to address this issue and proposed various modifications. This paper revisits the original Goldwasser-Micali cryptosystem using 2^k-th power residue symbols. The so-obtained cryptosystems appear as a very natural generalization for k >= 2 (the case k = 1 corresponds exactly to the Goldwasser-Micali cryptosystem). Advantageously, they are efficient in both bandwidth and speed; in particular,they allow for fast decryption. Further, the cryptosystems described in this paper inherit the useful features of the original cryptosystem (like its homomorphic property) and are shown to be secure under a similar complexity assumption. As a prominent application, this paper describes an efficient lossy trapdoor function based thereon.

21:17 [Pub][ePrint] Practical-Time Attacks Against Reduced Variants of MISTY1, by Orr Dunkelman and Nathan Keller

  MISTY1 is a block cipher designed by Matsui in 1997. It is widely deployed in Japan where it is an e-government standard, and is recognized internationally as a NESSIE-recommended cipher as well as

an ISO standard and an RFC. Moreover, MISTY1 was selected to be the blueprint on top of which KASUMI, the GSM/3G block cipher, was based. Since its introduction, and especially in recent years, MISTY1 was subjected to extensive cryptanalytic efforts, which resulted in numerous attacks on its reduced variants. Most of these attacks aimed at maximizing the number of attacked rounds, and as a result, their complexities are highly impractical.

In this paper we pursue another direction, by focusing on attacks with a practical time complexity. The best previously-known attacks with practical complexity against MISTY1 could break either 4 rounds (out of 8), or 5 rounds in a modified variant in which some of the FL functions are removed. We present an attack on 5-round MISTY1 with all the FL functions present whose time complexity is 2^38 encryptions. When the FL functions are removed, we present a devastating (and experimentally verified) related-key attack on the full 8-round variant, requiring only 2^18 data and time.

While our attacks clearly do not compromise the security of the full

MISTY1, they expose several weaknesses in MISTY1\'s components, and

improve our understanding of its security. Moreover, future designs which rely on MISTY1 as their base, should take these issues into close consideration.

10:18 [Job][New] Scientific Assistant (m/f, E13 TV-G-U), Deutsche Telekom Chair, Goethe University Frankfurt, Germany, EEA

  The Deutsche Telekom Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt offers a position of a Scientific Assistant (m/f, E13 TV-G-U). To strengthen our team we are looking for a committed, creative and flexible PhD candidate (male/female) with advanced professional knowledge in Information Technology and interest in the current development in business informatics.

We are looking for people with advanced knowledge and special skills in at least three of the following areas:

- Network and System Security

- Privacy-Enhancing Technologies and data protection

- Identity Management

- Mobile Platforms, Smartcards and Trusted Computing

- Mobile Application Development (e.g. in Android, etc.)

- Cryptography

- Programming languages and experiences in software projects

- Administration skills in different platforms (e.g. UNIX, Linux, Windows)

- Web technologies and development

- Project management

The position is available immediately and has a fixed-term of 3 years with an extension option.

Deadline for applications: 2013-07-31

Contact for applications: Prof. Dr. Kai Rannenberg, bewerbungen(at)m-chair(dot)net

Documents recommended to be submitted: personal statement of purpose, current resume, official references, list of publications, official test scores

More Information:

09:33 [Job][Update] Assistant/Associate Professors, University of Washington Tacoma, USA

  The Institute of Technology at the University of Washington Tacoma is seeking applications for five full-time, tenure-track Associate/Assistant Professor positions for the Computer Science and Systems program and the Information Technology and Systems program. A Ph.D. or foreign equivalent in Computer Science, Information Technology, Information Systems or related field is required. Applicants should have experience in teaching and in externally-funded research. Our priority areas for research are (1) information assurance and cybersecurity – 2 positions, (2) data analytics – AI/intelligent systems, (3) CS theory/algorithms, and (4) spatial data/GIS; other areas will also be considered, especially if they are related to needs of the other Institute of Technology programs. Successful candidates will have demonstrated experience or promise for strong potential in research (as evidenced by publications). Evidence of potential to build strong relationships with partners in the technology industry and in developing collaborative research programs is highly desirable.

Applications should be submitted electronically to and include (1) a cover letter describing academic qualifications and experience for this position, (2) a statement of the candidate’s research program, (3) a list of publications, (4) a description of teaching philosophy, including a list of courses the candidate is qualified to teach, (5) evidence of teaching effectiveness, (6) a curriculum vitae, and (7) at least three letters of reference. Screening of applications will begin on October 15, 2013, and will continue until the positions are filled. Salary is competitive and will be commensurate with experience and qualifications.

09:32 [Event][New] VizSec '13: 10th Visualization for Cyber Security Workshop

  Submission: 22 July 2013
Notification: 23 August 2013
From October 14 to October 14
Location: Atlanta, United States
More Information:

09:31 [Event][New] DIPECC2013: The International Conference on Digital Information Processing, E-Business

  Submission: 1 September 2013
Notification: 15 September 2013
From October 23 to October 25
Location: Dubai, United Arab Emirates
More Information:

17:43 [Job][New] Fully Funded PhD Student, Université Paris II Panthéon-Assas, PRES Sorbonne Universités, France, European Union

  We are seeking for candidates for four funded theses.

The candidates will work on the following topics:

Thesis 1 - Faut and side-channel attacks.

Thesis 2 - Formal proofs of hardware and software implementations.

Thesis 3 - Lightweight cryptography (theory and practice).

Thesis 4 - Embedded equipment securit.

Due to employment visa constraints, the candidates must be of EU citizenship or Swiss.

The candidate will be based in the Paris area with access to very advanced laboratory equipment.