International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also get this service via

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2011-12-03
10:26 [Job][New] Software Security Engineer (All Levels), Qualcomm Incorporated

  A Software Security Engineer is responsible for assisting product development teams throughout the company in detecting and mitigating security vulnerabilities in software design and implementation. Specific responsibilities may include identifying and assessing software vulnerabilities using both manual methods and automated tools, mentoring software developers in adopting secure coding techniques and secure coding standards, assisting product development teams in establishing static analysis and security testing processes, promoting security mindset throughout software development from design to implementation to testing, evaluating new technologies/tools to detect, triage, and mitigate software security defects, identifying and addressing weakness in existing software development life cycle with a goal to improve overall software security.

Skills/Experience:

Applicants should possess at least two years of experience (work or academic) in the field of software security, like performing software security audits. Ability to engage with product teams independently with minimal supervision is a must. Applicants should have expertise in two or more of the following areas:

- Code review, analysis and vulnerability assessment (C, C++, ARM assembly,C#,Java)

- Security testing, e.g. fuzzing, instrumentation, monitoring

- Operating system security

- Mobile platform security

- Mitigation techniques

- Incident response

In-depth knowledge in the following specific areas will be considered a plus:

- Mobile operating system internals (Android, Windows Phone, iOS)

- Static analysis

- Firmware analysis and reverse engineering

- ARM architecture

Education:

Graduate degree in a security related field of Computer Science or Mathematics is a plus.

If interested, please apply directly to requisition G1889943

at www.qualcomm.com/careers

10:25 [Event][New] Inscrypt'2012: The 8th China International Conference on Information Security and Cryptolo

  Submission: 20 August 2012
Notification: 20 August 2012
From November 28 to December 1
Location: Beijing, China
More Information: http://www.inscrypt.cn/




2011-12-02
10:01 [Event][New] HOST'12: IEEE International Symposium on HARDWARE-ORIENTED SECURITY and TRUST

  Submission: 20 January 2012
Notification: 23 March 2012
From June 3 to June 4
Location: San Francisco, CA, USA
More Information: http://www.hostsymposium.org


07:45 [PhD][New] Christiane Peters: Curves, Codes, and Cryptography

  Name: Christiane Peters
Topic: Curves, Codes, and Cryptography
Category: public-key cryptography



05:17 [Event][Update] CSIA - 2012: The Third International Conference on Communications Security & Information

  Submission: 13 December 2011
Notification: 30 January 2012
From May 25 to May 27
Location: Delhi, India
More Information: http://airccse.org/csia2012/csia2012.html




2011-11-30
23:33 [Event][Update] TRUST 2012: 5th International Conference on Trust and Trustworthy Computing

  Submission: 22 February 2012
Notification: 25 March 2012
From June 13 to June 15
Location: Vienna, Austria
More Information: http://trust.sba-research.org


23:32 [Event][New] RFIDSec'12: The 8th workshop of RFID security and privacy

  Submission: 23 March 2012
Notification: 21 May 2012
From July 1 to July 3
Location: Nijmegen, The Netherlands
More Information: http://rfidsec12.cs.ru.nl


23:30 [Job][New] PhD student, Norwegian Information Security Laboratory, GUC

  Large-Scale Online Learning for Intrusion Detection and Proactive Forensics

** Main objective of the research is to overcome limitations of existing intrusion-detection systems (IDS), which are presently mainly based on expert knowl­edge or contemporary online learning. For IDSs, the continuous learning of new and changing attack patterns, and the use of relevant attributes or fea­tures that represent abnormal behaviour in network-traffic data is of greatest importance in order to detect hostile activities in dynamic network environ­ments. Online-learning systems with an embedded online-feature selection have a great potential to assist in understanding the nature of network in­trusions as well as to assist in establishing the ability to process massive amounts of data in large-scale networks. Specific objectives of the proposed research are two-fold:

- To develop new computational-intelligent methods for online-learning in malware and intrusion-detection systems that can deal with the challenges of massive data, obfuscation, adversarial activities, chang­ing environments and the lack of a real-labeled reference data and training dataset, and

- To develop new embedded-online-feature-selection methods without prior knowledge or limited number of features (open-system system approach)

** Specific background and skills in one or more of the following areas is highly desirable:

- Excellent MSc degree in computer science/engineering, mathematics or statistics

- Experience in numerical analysis, algorithms and complexity analysis

- Knowledge in machine learning and pattern recognition

- Programming ability in one or more of the following languages: Matlab, Python, Java,C, C++, or C#

- Fluent in English: oral and written communication skills

- Ability to communicate technical concepts clearly and effectively

- Scientific publications in re



2011-11-28
15:08 [Event][New] SECOTS 2012: Intl. Symposium on Security in Collaboration Technologies and Systems

  Submission: 30 December 2011
From May 21 to May 25
Location: Denver, USA
More Information: http://cisedu.us/rp/cts12/2-conference/symposia/symposium-2--secots-2012


15:06 [Job][New] Ph.D. Students and Post-Doc, University of Luxembourg

  ==================================================================

* 2 Ph.D. Students in Computer Security

* 1 Ph.D. Student in Socio-Technical Aspects of Security

Duration: 3 years (extension up to 4 years in total is possible).

==================================================================

For more information see URLs:

http://wwwen.uni.lu/university/jobs/snt/doctorants_chercheurs_en_formation_doctorale/phd_candidates_in_computer_security_m_f

http://wwwen.uni.lu/university/jobs/snt/doctorants_chercheurs_en_formation_doctorale/phd_candidate_in_socio_technical_aspects_of_security_m_f

==================================================================

* 1 Post-Doc in Socio-Technical Aspects of Security

Duration 2 years (extension up to 5 years is possible).

==================================================================

For more information and for application see URL:

http://wwwen.uni.lu/university/jobs/snt/post_doctorants_assistants_chercheurs/research_associate_postdoc_in_socio_technical_aspects_of_security_m_f

==================================================================

All the positions are related to the CORE-FNR project \\\"Socio-Technical Analysis of Security and Trust\\\" (STAST). STAST will be highly interdisciplinary. It teams up the Interdisciplinary Centre for Reliability, Security and Trust (SnT), the Applied Security and Information Assurance (APSIA), led by Prof. P. Y. A. Ryan who is also the principal investigator of the project, and Security and Trust of Software Systems (SaToSS), led by Prof. S. Mauw, and the Educational Measurement and Applied Cognitive Science (EMACS), ref. Dr. V. Koenig.





2011-11-25
13:58 [Conf][EC] Report on Eurocrypt 2011, May 15-19, 2011, Tallinn, Estonia

  Eurocrypt 2011, May 15-19, 2011, Tallinn, Estonia

Eurocrypt 2011 was held at Sokos Viru Hotel, Tallinn, Estonia, on 15-19 May 2011. The conference was organized in Sokos Viru Hotel, next to the old town of Tallinn, and a majority of the participants lived either in the same hotel or nearby. Participation fee was 500 USD (regular participants) and 250 USD for students.

A total of 31 research papers, categorized into 11 sessions, were presented, selected from 167 submissions. Ronald Cramer, CWI, and Phong Nguyen from IBM Research delivered the invited lectures on the topics "The Arithmetic Codex: Theory and Applications" and "Lattice Reduction Algorithms: Theory and Practice", respectively.

The Rump Session was chaired by Nigel Smart who was helped by men in shining armor.

The conference banquet was held at the Art Museum of Estonia. The best paper award was also presented during the banquet to Eike Kiltz, Krzysztof Pietrzak, David Cash, Abhishek Jain and Daniele Venturi for their paper "Efficient Authentication from Hard Learning Problems".

The conference ended successfully on 19 May, having attracted about 305 participants (more than 60 being students), from approximately 40 countries, mainly from Europe (approximately 185), Asia (70) and North America (40). We thank the sponsors for their generous support and contributions to the success of the conference.

Program Chair was Kenny Paterson and General Chair was Helger Lipmaa.