International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

18:17 [Pub][ePrint] Less is More: Relaxed yet Composable Security Notions for Key Exchange, by C. Brzuska and M. Fischlin and N.P. Smart and B. Warinschi and S. Williams

  Although they do not suffer from clear attacks, various key agreement protocols (for example that used within the TLS protocol) are deemed as insecure by existing security models for key exchange. The reason is that the derived keys are used within the key exchange step, violating the common key indistinguishability requirement.

In this paper we propose a new security definition for key exchange

protocols that offers two important benefits. Our notion is weaker than the more established ones and thus allows the analysis of a larger class of protocols. Furthermore, security in the sense that we define enjoys rather general composability properties. In addition our composability properties are derived within game based formalisms, and do not appeal to any simulation based paradigm.

Specifically, for protocols whose security relies exclusively on some underlying symmetric primitive we show that they can be securely composed with key exchange protocols provided that two main requirements hold: 1) no adversary can break the underlying {\\em primitive}, even when the primitive uses keys obtained from executions of the key exchange protocol in the presence of the adversary (this is essentially the security requirement that we introduce and formalize in this paper), and 2) the security of the protocol can be reduced to that of the primitive, no matter how the keys for the primitive are distributed. Proving that the two conditions are satisfied, and then applying our generic theorem, should be simpler than performing a monolithic analysis of the composed protocol. We exemplify our results in the case of a profile of the TLS protocol. Our definition and results are set entirely within the framework of cryptographic games (and thus avoid the use of simulation).

16:55 [Job][New] Ph.D. scholarship, Center for Advanced Security Research Darmstadt (CASED)

  CASED offers PhD Scholarships in Cybersecurity (Resilient Critical Infrastructures) at the CASED lab under the authority of Technische Universität Darmstadt and Prof. Dr. Max Mühlhäuser with funding from AGT Germany.

Relevant research topics in Cybersecurity range from adversary detection to network resilience, including mitigation and healing. Regarding the application domains, a main emphasis is put on critical infrastructures with Internet backbones. This comprises Smart Cities, Smart Grids, Smart Transport,and large-scale industrial sites.

Experience in IT security, preferably with a focus on Cybersecurity, as well as profound knowledge in computer science, distributed systems and networks are mandatory. Candidates should hold a Diploma or Master degree and should have an excellent command of English and preferably some command of German.

What we offer is an international environment and contact to experienced researchers and other PhD students working on related topics in the area of IT security. Candidates obtain a 3 year scholarship and become members of the CASED graduate school, which supports them during their entire PhD research. This includes professional courses for transferable skills like trainings in giving scientific presentations or writing scientific papers.

Your application should include your Curriculum Vitae, M.Sc./Diploma certificates and grades, a letter of motivation stating your interest in the position as well as your research interests. Furthermore, you should attach at least one letter of recommendation.

Please send your complete application by email to Prof. Dr. Max Mühlhäuser (max (at)

16:55 [Job][New] Post-Doc, Technical University Denmark, Copenhagen


Postdoc within the area of Symmetric Cryptography

Applications are invited for an 18 month (with a possible extension of 6 months) Postdoc position at the Danish-Chinese Center for Applications of Algebraic Geometry in Coding and Cryptology. The center is located at the Department of Mathematics at the Technical University of Denmark. The position is available from July 2012 or earliest thereafter.


The candidate should have a PhD degree or academic qualifications equivalent to the PhD level, and should have a strong background in symmetric cryptography. This is usually demonstrated by having publications in well established journals and/or conferences.

As it is essential for the project to establish research connections with China, applicants are expected to be willing to actively establish these connections. This ideally includes one or several visits to the East China Normal University.

Salary and terms of employment

The appointment will be based on the collective agreement with the Confederation of Professional Associations. The allowance will be agreed with the relevant union.

The period of employment is 18 months.

Further information

Further information about the project may be reached by contacting Associate Professor Gregor Leander, tel. (+45) 4525 3055, g.leander (at)


We must have your online application no later than 31 May 2012. See for details.

21:47 [Event][New] ACM STC: The Seventh ACM Workshop on Scalable Trusted Computing

  Submission: 16 July 2012
Notification: 13 August 2012
From October 15 to October 15
Location: Raleigh, USA
More Information:

12:09 [PhD][Update] Kazuo Sakiyama: Secure Design Methodology and Implementation for Embedded Public-key Cryptosystems

  Name: Kazuo Sakiyama
Topic: Secure Design Methodology and Implementation for Embedded Public-key Cryptosystems

Description: Efficient embedded systems are implemented taking into account both hardware and software (HW/SW). In the security domain, cryptosystems need to be resistant against Side-Channel Attacks (SCAs) to protect secret information. Therefore trade-offs between cost, performance and security need to be explored when implementing cryptosystems. The goal for this thesis is to find the best architecture by investigating the trade-offs. The first contribution of this thesis focuses on a HW/SW architecture for Public-Key Cryptography (PKC). We introduce a new scalable and flexible Modular Arithmetic Logic Unit (MALU) that can be used for both RSA and curve-based cryptosystems such as Elliptic Curve Cryptography (ECC) and Hyper-Elliptic Curve Cryptography (HECC). The MALU is the main block in the hardware coprocessor and can accelerate modulo n operations and modular operations over GF(2^m) efficiently. We conclude that the proposed HW/SW platform can be used commonly for developing public-key cryptosystems. The second part of this thesis deals with several case studies that explore the cost and performance trade-offs based on the proposed platform. Two extreme examples of public-key implementations will be introduced; one offers very high performance that is necessary for powerful security systems such as banking servers. By exploiting multi-level parallelism, the proposed ECC processor can perform more than 80 000 point multiplications per second. Another one is targeting a low-power application such as passive RFID tags. We show that the compact version of the MALU consumes less than 30 uW @500 kHz. In addition, we discuss a system-level design flow that can be used for evaluating the security level of hardware implementations against power analysis attacks. The design flow offers an environment to get a quick and correct evaluation of the first order attacks. In this way, we can take the cost for SCA resistance into account in an early stage of the design.[...]

09:01 [PhD][Update] Amos Beimel: Secure Schemes for Secret Sharing and Key Distribution

  Name: Amos Beimel
Topic: Secure Schemes for Secret Sharing and Key Distribution

07:14 [Event][Update] CARDIS 2012: Eleventh Smart Card Research and Advanced Application Conference

  Submission: 20 August 2012
Notification: 15 October 2012
From November 28 to November 30
Location: Graz, Austria
More Information:

15:54 [Event][New] CARDIS 2012: Eleventh Smart Card Research and Advanced Application Conference

  Submission: 15 October 2012
From November 28 to November 30
Location: Graz, Austria
More Information:

20:24 [Job][New] PhD. student, Orange Labs Caen (France)

  Orange Labs and the ENS (Ecole Normale Supérieure) are searching Ph.D. candidates to work on the way to securely delegate some basic cryptographic operations to a more powerful but not necessarily trusted entity.

The candidate should have a Master degree with a strong knowledge in cryptography. In particular, mathematical and algorithmic aspects of cryptography are very important for this Ph.D. thesis.

20:19 [Event][New] EuroPKI 2012: 9th European PKI Workshop: Research and Applications

  Submission: 25 May 2012
Notification: 15 July 2012
From September 13 to September 14
Location: Pisa, Italy
More Information:

09:23 [Event][Update] ProvSec 2012: The Sixth International Conference on Provable Security

  Submission: 20 April 2012
Notification: 20 June 2012
From September 26 to September 28
Location: Chengdu, China
More Information: