International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2011-09-07
11:02 [Job][Update] Professor of Secure Digital Systems, Centre for Secure Information Technologies (CSIT), Queen\'s University Belfast, UK

  Queen\'s University Belfast wishes to appoint a Professor to lead and develop research and teaching activities within the area of Secure Information Technology in the School of Electronics, Electrical Engineering and Computer Science. This is a senior appointment and the appointee will have leadership and management responsibilities in the area of Secure Digital Systems within the UK\'s 30M strategic Centre for Secure Information Technologies (CSIT), at the Institute of Electronics, Communications and Information Technology (www.ecit.qub.ac.uk).

Applicants with research expertise in one or more of the following areas are strongly encouraged to apply: information and data security; network security; embedded security; computer forensics; software security/assurance



11:01 [Job][New] Professor of Secure Digital Systems, Centre for Secure Information Technologies (CSIT), Queen's University Belfast, UK

  Queen\'s University Belfast wishes to appoint a Professor to lead and develop research and teaching activities within the area of Secure Information Technology in the School of Electronics, Electrical Engineering and Computer Science. This is a senior appointment and the appointee will have leadership and management responsibilities in the area of Secure Digital Systems within the UK\'s �30M strategic Centre for Secure Information Technologies (CSIT), at the Institute of Electronics, Communications and Information Technology (www.ecit.qub.ac.uk).

Applicants with research expertise in one or more of the following areas are strongly encouraged to apply: information and data security; network security; embedded security; computer forensics; software security/assurance



07:09 [Event][New] Stream Ciphers: Special Issue on "Stream Ciphers" in the journal CCDS, Springer

  Submission: 31 December 2011
Notification: 20 March 2012
From December 31 to December 31
Location: Kolkata, India
More Information: http://www.isical.ac.in/~subho/ccdscfp.txt


05:15 [Job][New] Senior Lecturer/Associate Professor, Queensland University of Technology, Brisbane, Australia

 

The Computer Science Discipline within the Faculty of Science and Technology at Queensland University of Technology, Brisbane, Australia, is seeking an experienced academic with an established research reputation to make significant contributions to network security research activities and to teaching in data communications.

Appointee(s) will undertake their research in QUT\'s Information Security Institute, a multi-disciplinary institute bringing together information security researchers from computer science, mathematics, engineering, business, and law, with a leading national profile and strong international links.





2011-09-06
08:37 [Job][Update] Access Management and Cryptographic Operations Manager, A major UK payments/ credit organisation - Hampshire

  The team will deliver Access Management and Cryptographic Services for key services such as our Authorisations, Mobile Gateway and Clearing and Settlement services.

Key Activities

  • Delivery of Access Management services across the Production and Corporate estate in conjunction with Corporate IT.
  • Delivery and administration of recertification and compliance programmes that meet the departmental goals.
  • Delivery of Cryptographic Key Management services with ITS Technologies team for the business and production services. Typically these activities will include Key Management Ceremonies and cryptographic token management.
  • Participate in project engagement process and perform delegated Operational Acceptance process tasks to ensure that all projects delivered meet our Operational and Compliance requirements.
  • Develop the Access Management and Cryptographic service strategy to improve service controls, service delivery and cost.
  • Develop and maintain the IT Security Standards in relation to the assigned services to ensure that they meet the Corporate Key Control requirements.
  • Operate the Corporate Key Controls Exceptions process as non Compliance is established via the operation of the framework.
  • Participate in the regular Security Resource Board framework to establish project effort and resource allocation.
  • Demonstrable experience relating to service, change and problem management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre Operations processes, PCI DSS, SAS70 and COBIT and COSO based controls.
  • Experience across a wide variety of technology disciplines and deep understanding of Networks, HSMs, Key Ceremonies, Cisco devices, Microsoft Windows, Solaris and AIX.
  • Good understanding of middleware and application server products.
  • Familiar with Security Industry standard methods, and security practices CIA, AAA etc



2011-09-05
10:53 [Job][New] Access Management and Cryptographic Operations Manager, A major UK payments/ credit organisation - Hampshire

  The team will deliver Access Management and Cryptographic Services for key services such as our Authorisations, Mobile Gateway and Clearing and Settlement services.

Key Activities

Delivery of Access Management services across the Production and Corporate estate in conjunction with Corporate IT.

Delivery and administration of recertification and compliance programmes that meet the departmental goals.

Delivery of Cryptographic Key Management services with ITS Technologies team for the business and production services. Typically these activities will include Key Management Ceremonies and cryptographic token management.

Participate in project engagement process and perform delegated Operational Acceptance process tasks to ensure that all projects delivered meet our Operational and Compliance requirements.

Develop the Access Management and Cryptographic service strategy to improve service controls, service delivery and cost.

Develop and maintain the IT Security Standards in relation to the assigned services to ensure that they meet the Corporate Key Control requirements.

Operate the Corporate Key Controls Exceptions process as non Compliance is established via the operation of the framework.

Participate in the regular Security Resource Board framework to establish project effort and resource allocation.

Demonstrable experience relating to service, change and problem management and governance, such as ITIL incident and change management, Prince, Patch Management, Data Centre Operations processes, PCI DSS, SAS70 and COBIT and COSO based controls.

Experience across a wide variety of technology disciplines and deep understanding of Networks, HSMs, Key Ceremonies, Cisco devices, Microsoft Windows, Solaris and AIX.

Good understanding of middleware and application server products.

Familiar with Security Industry standard methods, and security practices CIA, AAA etc

Pleas



2011-09-04
14:50 [PhD][Update] Jens Groth: Honest Verifier Zero-Knowledge Arguments Applied

  Name: Jens Groth
Topic: Honest Verifier Zero-Knowledge Arguments Applied
Category:foundations





2011-09-03
20:31 [PhD][New] Jens Groth: Honest Verifier Zero-Knowledge Arguments Applied

  Name: Jens Groth
Topic: Honest Verifier Zero-Knowledge Arguments Applied
Category: foundations



17:50 [News] Distinguished Lectures Online: Gus Simmons and Ron Rivest

  The distinguished lectures of Gus Simmons (1994) and Ron Rivest (2011) are now online on the IACR web page. You also find slides, abstracts or notes of other, previously held lectures there.



2011-09-02
17:26 [PhD][Update] Thomas Schneider: Engineering Secure Two-Party Computation Protocols - Advances in Design, Optimization, and Applications of Efficient Secure Function Evaluation

  Name: Thomas Schneider
Topic: Engineering Secure Two-Party Computation Protocols - Advances in Design, Optimization, and Applications of Efficient Secure Function Evaluation
Category:cryptographic protocols

Description:

Secure two-party computation, called Secure Function Evaluation (SFE), enables two mutually mistrusting parties (client & server) to evaluate an arbitrary function $f$ on their respective private inputs $x,y$ while revealing nothing but the result $z=f(x,y)$. Although such generic techniques were widely believed to be inefficient, the rapidly growing speed of computers and communication networks, algorithmic improvements, automatic generation and optimizations of SFE protocols have made them usable in practical application scenarios.

This thesis presents the following advances in the design, optimization and applications of efficient SFE protocols.

Circuit Optimizations and Constructions. The complexity of today's most efficient SFE protocols depends linearly on the size of the boolean circuit representation of the evaluated function. Further, recent techniques for SFE based on improved Garbled Circuits (GCs) allow for very efficient secure evaluation of XOR gates.
We give transformations that substantially reduce the size of boolean circuits if the costs for evaluating XOR gates are lower than for other types of gates. Our optimizations provide more efficient circuits for standard functionalities such as integer comparison and fast multiplication.
Applications that benefit from our improvements are secure first-price auctions.

Hardware-Assisted GC Protocols. We improve the deployability of SFE protocols by using tamper-proof Hardware (HW) tokens.
In particular, GCs can be generated by a tamper-proof HW token which is provided by the server to a client but not trusted by the client. The presented HW-assisted SFE protocol makes the communication between client and server independent of the size of the evaluated function. Further, we show how GCs can be evaluated in HW in a leakage resilient way, so-called One-Time Programs.
As application we show how the combination of GCs and tamper-proof HW allows to[...]


14:08 [PhD][New] Hans Ulrich Simon

  Name: Hans Ulrich Simon