International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-12-16
15:47 [Job][New] Postdoc Positions in IT-Security, Privacy, and Cryptography, Max Planck Institute for Software Systems, Saarbrücken, Germany

  The security and privacy group (S&P) group at the Max Planck Institute for Software Systems is currently offering postdoc positions under the supervision of Michael Backes. The S&P group collaborates closely with the Center for IT-Security, Privacy and Accountability (CISPA) at Saarland University.

Please refer to the link below for a full description of the open positions.

08:38 [Job][New] Ph.D student , Chalmers University of Technology, Sweden

  We are looking for an excellent PhD candidate to work in the area of information and communication security with a focus on authentication problems in constrained settings. This is particularly important for applications involving mobile phones, wireless communication and RFID systems, which suffer from restrictions in terms of power resources, network connectivity, computational capabilities, as well as potential privacy issues. The overall aim of the project will be to develop nearly optimal algorithms for achieving security and privacy while minimising resource use.

More concretely, part of the research will involve the analysis and development of authentication protocols in specific settings. This will include investigating resistance of both existing and novel protocols against different types of attacks, theoretically and experimentally. In addition to investigating established settings, such as RFID authentication, the research will also explore more general authentication problems, such as those that arise in the context of trust in social networks, smartphone applications and collaborative data processing. This will be done by grounding the work in a generalised decision-making framework. The project should result in the development of theory and authentication mechanisms for noisy, constrained settings that strike an optimal balance between reliable authentication, privacy-preservation and resource consumption. Some previous research related to this research project can be found here: http://lasecwww.epfl.ch/~katerina/Publications.html

Qualifications

Applicants for the position shall have a Master’s Degree or corresponding in Computer Science, Informatics, Telecommunications, Information Security and Cryptography or in a related discipline. A master\\\'s degree in information security and cryptography is a bonus.

Experience in one or more of cryptography, probability and statistics, decision and game theory are ben

08:07 [Event][New] IEEE Computer SI on Mobile App Sec: IEEE Computer SI on methodologies and solutions for mobile app. security

  Submission: 31 December 2013
Notification: 1 February 2014
From June 1 to June 1
More Information: http://www.computer.org/portal/web/peerreviewmagazines/computer




2013-12-11
13:17 [Pub][ePrint] Decentralized Traceable Attribute-Based Signatures, by Ali El Kaafarani and Essam Ghadafi and Dalia Khader

  Attribute-based signatures allow a signer owning a set of attributes to anonymously sign a message w.r.t.\\ some signing policy. A recipient of the signature is convinced that a signer with a set of attributes satisfying the signing policy has indeed produced the signature without learning the identity of the signer or which set of attributes was used in the signing.

Traceable attribute-based signatures add anonymity revocation mechanisms to attribute-based signatures whereby a special tracing authority equipped with a secret key is capable of revealing the identity of the signer. Such a feature is important in settings where accountability and abuse prevention are required.

In this work, we first provide a formal security model for traceable attribute-based signatures. Our focus is on the more practical case where attribute management is distributed among different authorities rather than relying on a single central authority.

By specializing our model to the single attribute authority setting, we overcome some of the shortcomings of the existing model for the same setting.

Our second contribution is a generic construction for the primitive which achieves a strong notion of security. Namely, it achieves CCA anonymity and its security is w.r.t.\\ adaptive adversaries. Moreover, our framework permits expressive signing polices.

Finally, we provide some instantiations of the primitive whose security reduces to falsifiable intractability assumptions and without relying on idealized assumptions.



12:10 [Job][New] Research Assistent, Institute for Security in Information Technology, Technische Universitaet Muenchen; Munich (Germany)

  We are part of the electrical engineering and information technology department at TUM. We develop new technologies, to counteract new threats in hardware security. Due to the increasing complexity of integrated and embedded systems, designing tools to support the hardware design of such secure devices is a challenging task and in our focus. Also research on PUFs and architectures for secure embedded systems is carried out at our Institute. To ensure security in the long term we research new attacks on secure elements.

To advance the Development of Tools for the Design of Secure Embedded Systems, we are searching for the closest possible point in time a

Research Assistant (m/f)

for a full time position.

Your Tasks:

  • Participation in industry-related research projects with focus on development and implementation of new approaches and tools to support designers in the design of secure embedded systems.
  • Tutor for labs and/or lectures

You:

  • finished your master’s degree in Electrical Engineering or Computer Sciences or equivalent with outstanding grades.
  • have strong focus on security.
  • are autonomous, can work in teams and are highly motivated.
  • like to work with students.
  • should have practical or theoretical previous knowledge on embedded systems and/or circuit design. You are also experienced in programming and have good mathematical skills.

We offer

a position as research assistant which includes the ability to carry out a PhD thesis. With your research, you contribute to one of our main fields.

The position as research assistant is initially offered for a limited time of 2.5 years. It is paid according to TV-L E13.

TUM aims at increasing the percentage of women. Therefore, qualified women

05:43 [Job][New] Assistant Professor, Simon Fraser University, Burnaby, Canada, North America

  Department of Mathematics at Simon Fraser University invites applications for up to two tenure-track positions at the Assistant Professor level starting September 1, 2014.

For one of the positions we welcome applications from researchers working in algebra or geometry, especially in subareas that complement the expertise of our current faculty. Application areas of particular interest are cryptography, communication and computation.



2013-12-10
06:42 [Job][New] Post-Doctoral Position in Systems Security, Network Security, Cryptography or Tech Policy, Boston University, Boston, MA, USA

 

A university-funded post-doc position is available in the RISCS center and the BU Security Group (BUsec), in the Department of Computer Science at Boston University. The successful candidates will have an established research track record in one or more of the following areas: systems security, network security, applied cryptography, or cybersecurity technology policy or law. The position is funded for one year, with an option to extend to two years based on performance and availability of funds. Tentative start date is September 2014, but earlier start dates are also possible.

The BU Security Group does research in cryptography and security within the Department of Computer Science. The BU Center for Reliable Information Systems & Cyber Security (RISCS) takes a multidisciplinary approach to security by bring together experts across several discipline. Both the group and the Center also benefit from collaboration with the vibrant cryptography, security, and tech policy community in the Boston area.



2013-12-09
17:51 [Event][New] IEEE IoT Journal, Special Issue on Security for IoT: the State of the Art

  Submission: 15 February 2014
Notification: 15 May 2014
From October 1 to October 15
More Information: http://iot-journal.weebly.com/uploads/1/8/8/0/18809834/ieee_iot_journal_si_iot_security_cfp.pdf


16:12 [Job][New] Digital Security Expert, Philips Research, Eindhoven, the Netherlands

  Philips Research in Eindhoven NL) is searching for a Digital Security Expert. Please visit the Philips career website for the full vacancy description.

Your Responsibilities

Most of our products are becoming connected to the cyber space. We are looking for top scientists with a strong mathematical background for strengthening our competences in digital cryptography and security and who can help us to build and offer competitive trusted solutions and services in Healthcare, Lifestyle and Lighting.

Your challenges and responsibilities will be:

- Inventing and validating in industrial project teams new digital security technologies for use in Philips products and services, making use of the Internet of Things and Cloud Computing;

- Creating innovation impact with your results in terms of intellectual property creation or research transfers into the business;

- Keeping our digital security competence at world-class level;

- Contributing to our research roadmap by new ideas and winning new proposals;

- Working together with external partners.

Your Team

For more insights you can visit: http://www.research.philips.com/

We are looking for

The successful candidate has/is:

- A PhD in mathematics or computer science and a strong inclination to cryptography, preferably proven by relevant scientific results;

- Proven practical skills in computer simulation, system architecting and computer programming;

- Practical experiences in industry;

- A strong team playing attitude, expressed in taking the lead where appropriate, building on each other’s strengths and working in a cooperative way;

- A self-propelled enthusiast with a can-do mentality.Takes ownership for making it happen;

- Good communication skills and fluent in English.



2013-12-06
22:17 [Pub][ePrint] Distributed Key Generation for Secure Encrypted Deduplication, by Yitao Duan

  Large-scale storage systems often attempt to achieve two seemingly conflicting goals: (1) the systems need to reduce the copies of redundant data to save space, a process called deduplication; and (2) users demand encryption of their data to ensure privacy. Conventional encryption makes deduplication on ciphertexts ineffective, as it destroys data redundancy. A line of work, originated from Convergent

Encryption [28], and evolved into Message Locked Encryption [12], strives to solve this problem. The latest work, DupLESS [11], proposes a server-aided architecture that provides the strongest privacy. The DupLESS architecture relies on a key server to help the clients generate encryption keys that result in convergent ciphertexts. In this paper, we first provide a rigorous proof of security, in the random oracle model, for the DupLESS architecture which is lacking in the original paper. Our proof shows that using additional secret, other than the data itself, for generating encryption keys achieves the best possible security under current deduplication paradigm.We then introduce a distributed protocol that eliminates the need for a key server and allows less managed systems such as P2P systems to enjoy the high security level. Implementation and evaluation show that the scheme is both robust and practical.



22:17 [Pub][ePrint] Differential Indistinguishability for Cryptographic Primitives with Imperfect Randomness, by Michael Backes and Aniket Kate and Sebastian Meiser and Tim Ruffing

  Indistinguishability-based definitions of cryptographic primitives such as encryption, commitments, and zero-knowledge proofs are proven to be impossible to realize in scenarios where parties only have access to non-extractable sources of randomness (Dodis et al., FOCS 2004). In this work we demonstrate that it is, nevertheless, possible to quantify this secrecy loss for non-extractable sources such as the (well-studied) Santha-Vazirani (SV) sources. In particular, to establish meaningful security guarantees in scenarios where such imperfect randomness sources are used, we define and study differential indistinguishability, a generalization of indistinguishability inspired by the notion of differential privacy.

We analyze strengths and weaknesses of differential indistinguishability both individually as well as under composition, and we interpret the resulting differential security guarantees for encryption, commitments, and zero-knowledge proofs.

Surprisingly, indistinguishability with uniform randomness carries over to differential indistinguishability with SV randomness: We show that all primitives that are secure under a traditional indistinguishibility-based definition are differentially secure when they use (a bounded amount of) SV randomness instead of uniform randomness.