International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

07:36 [Job][Update] Lecturer, Queensland University of Technology, Brisbane, Australia


The Queensland University of Technology (QUT) in Brisbane, Australia, invites applications for full-time Lecturer positions starting in 2012. Up to nine positions are available in the Science and Engineering Faculty.

The Science and Engineering Faculty at QUT has an active research group in cryptography, network security, and digital forensics, with a leading national profile and strong international links.

Applicants should have completed (or be under examination for) a PhD and be early career researchers (less than three years in an academic role). Appointee(s) will develop and maintain an active research program, teach at undergraduate and graduate levels, supervise research students, and participate in QUT\\\'s Early Career Academic Development program.

00:17 [Pub][ePrint] Quantifying Side-Channel Information Leakage from Web Applications, by Luke Mather and Elisabeth Oswald

  Recent research has shown that many popular web applications are vulnerable to side-channel attacks on encrypted streams of network data produced by the interaction of a user with an application. As a result, private user data is susceptible to being recovered by a side-channel adversary. A recent focus has been on the development of tools for the detection and quantification of side-channel information leaks from such web applications. In this work we describe a model for these web applications, analyse the effectiveness of previous approaches for the quantification of information leaks, and describe a robust, effective and generically applicable metric based on a statistical estimation of the mutual information between the user inputs made in the application and subsequent observable side-channel information. We use our proposed metric to construct a test capable of analysing sampled traces of packets to detect information leaks, and demonstrate the application of our test on a real-world web application.

21:17 [Pub][ePrint] Self-pairings on Hyperelliptic Curves, by Steven D. Galbraith and Chang-An Zhao

  A self-pairing is a pairing computation where both inputs are the same group element. Self-pairings are used in some cryptographic schemes and protocols. In this paper, we show how to compute the Tate-Lichtenbaum pairing (D,\\phi(D)) on a curve more efficiently than the general case. The speedup is obtained by requiring a simpler final exponentiation. We also discuss how to use this pairing in cryptographic applications.

21:17 [Pub][ePrint] On a CCA2-secure variant of McEliece in the standard model, by Edoardo Persichetti

  We consider public-key encryption schemes based on error-correcting

codes that are IND-CCA2 secure in the standard model. We analyze a system due

to Dowsley, Muller-Quade and Nascimento. We then show how to instantiate the

Rosen-Segev framework with the McEliece scheme.

12:59 [Job][New] Postdoctoral Research Assistant in Cryptography, Dept Computer Science, University of Bristol

  Based in the Cryptography group which has grown considerably in the last year, you will be an additional researcher in one of the following areas:

•Analysis of “real world” protocols

•Formal Methods applied to security protocols

•Fully Homomorphic Encryption

•Lattice Based Cryptography

•Provable Security, i.e. Protocol and Mechanism design

The post is funded by an ERC Advanced Grant awarded to Prof. Nigel Smart.

The expected starting date will be as soon as possible depending on the your circumstances.

Please apply using the Online System linked to from the link below. We cannot accept applications via email.

09:22 [Event][Update] STM 2012: 8th International Workshop on Security and Trust Management

  Submission: 16 June 2012
Notification: 15 July 2012
From September 13 to September 14
Location: Pisa, Italy
More Information:

18:10 [PhD][New] Côme Berbain: Analyse et conception d\'algorithmes de chiffrement à flot

  Name: Côme Berbain
Topic: Analyse et conception d\'algorithmes de chiffrement à flot
Category: secret-key cryptography


The primary goal of cryptography is to protect the confidentiality of data and communications. Stream ciphers is one of the two most popular families of symmetric encryption algorithms that allow to guaranty\r\nconfidentiality and to achieve high performances.


In the first part of this thesis, we present different cryptanalysis techniques against stream ciphers: correlation\r\nattack against the stream cipher GRAIN, guess and determine attack against the BSG mechanism, algebraic attack against special\r\nkinds of non-linear feedback shift registers, and chosen IV attack against a reduced version of the stream cipher SALSA.


In a second part, we focus on proofs of security for stream ciphers: we introduce the new algorithm QUAD and give some \r\nprovable security arguments in order to link its security to the conjectured intractability of Multivariate Quadratic problem. We also try to extend the security requirements of stream ciphers to the case where initialisation values (IV) are used: we present a construction which allows us\r\nto build a secure IV dependent stream cipher from a number generator and apply it to QUAD, which becomes the first IV dependent\r\nstream cipher with provable security arguments. We also present the algorithms DECIM and SOSEMANUK, to which we made\r\ndesign contributions.


Finally in a third part, we present efficient software and hardware implementations of the QUAD algorithm.


18:09 [Job][New] M.Sc. and Ph.D. positions with scholarship, Koç University, Turkey


Want to store your data online securely? Want a fair Internet? What about outsourcing your job while still being assured of the result?

If you want to secure the cloud through the use of provable cryptographic techniques, then you should definitely apply to the Cryptography, Security & Privacy Research Group at Koç University, ?stanbul, Turkey. We have multiple openings for both M.Sc. and Ph.D. level applications. All accepted applicants will receive competitive scholarships.

Koç University has a beautiful campus in the middle of a forest, with a nice view of the Black Sea and the Bosporus, and is very close to the Istanbul city center. The application deadline is 15th of April for early applications and 15th of June for late applications.

For more information about our group, visit

For applying online, visit

Late applications will be considered in exceptional cases.

18:07 [Event][New] CryptoBG*2012: CryptoBG*2012: [MC3D] Meet Challenges in Cryptography and Cyber Defense

  Submission: 1 June 2012
From July 28 to August 5
Location: Oriahovitza, Bulgaria
More Information:

06:17 [Pub][ePrint] Garbling Schemes, by Mihir Bellare and Viet Tung Hoang and Phillip Rogaway

  Garbled circuits, a classical idea rooted in the work of Andrew Yao,

have long been understood as a cryptographic technique, not a

cryptographic goal. Here we cull out a primitive corresponding to

this technique. We call it a garbling scheme. We provide a

provable-security treatment for garbling schemes, endowing them with a

versatile syntax and multiple security definitions. The most basic of

these, privacy, suffices for two-party secure function evaluation

(SFE) and private function evaluation (PFE). Starting from a PRF, we

provide an efficient garbling scheme achieving privacy and we analyze

its concrete security. We next consider obliviousness and

authenticity, properties needed for private and verifiable outsourcing

of computation. We extend our scheme to achieve these ends. We

provide highly efficient blockcipher-based instantiations of both

schemes. Our treatment of garbling schemes presages more efficient

garbling, more rigorous analyses, and more modularly designed

higher-level protocols.

06:17 [Pub][ePrint] Compilation Techniques for Efficient Encrypted Computation, by Christopher Fletcher and Marten van Dijk and Srinivas Devadas

  Fully homomorphic encryption (FHE) techniques are capable of

performing encrypted computation on Boolean circuits, i.e., the

user specifies encrypted inputs to the program, and the server computes on the encrypted inputs. Applying these techniques to general programs with recursive procedures and data-dependent loops

has not been a focus of attention. In this paper, we take a first

step toward building a compiler that, given programs with complex

control flow, generates efficient code suitable for the application of

FHE schemes.

We first describe how programs written in a small Turing-complete instruction set can be executed with encrypted data and

point out inefficiencies in this methodology. We then provide examples of transforming (a) the greatest common divisor (GCD)

problem using Euclid\'s algorithm and (b) the 3-Satisfiability

(3SAT) problem using a recursive backtracking algorithm into a

path-levelized form to which FHE can be applied. We describe

how path levelization reduces control flow ambiguity and improves

encrypted computation efficiency. Using these techniques and data-dependent loops as a starting point, we then build support for hierarchical programs made up of phases, where each phase corresponds to a fixed point computation that can be used to further improve the efficiency of encrypted computation.

In our setting, the adversary learns an estimate of the number of

steps required to complete the computation, which we show is the

least amount of leakage possible.