International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2013-03-06
19:51 [Event][New]

Submission: 1 July 2013
From November 27 to November 27
Location: Guangzhou, China

19:50 [Event][New]

Submission: 5 July 2013
From November 28 to November 30
Location: Singapore, Singapore

00:07 [Job][New]

In view of its ongoing development, the crypto group of the University of Versailles St-Quentin-en-Yvelines (France) invites applications for the following full-time position.

A faculty position at the tenured Assistant Professor (\\\"Maître de Conférences\\\") level is open to highly qualified candidates who are committed to a career in research and teaching. Preference will be given to candidates with strong research achievements in one or several of the areas related to the general fields of cryptology and/or information security.

Responsibilities include research, supervision of undergraduates and graduate students, preparation and management of research projects, and teaching in various study programs.

IMPORTANT NOTE: A \\\"qualification aux fonctions de Maître de Conférences\\\" certificate from to the French \\\"Conseil National des Universités\\\" is usually required to apply. However candidates who already hold an Assistant Professor (or equivalent) position may be exempted from this certificate.

00:07 [Job][New]

The Cryptography, Security, and Privacy (CrySP) research group at the University of Waterloo is seeking applications for a postdoctoral research position in the field of security and privacy for location-based or mobile systems and applications. This position will be held in the Cheriton School of Computer Science, and there will be the possibility for collaboration with Google Waterloo.

Applicants must hold a PhD in a related field and should have a convincing publication record.

The start date of the position is negotiable. The position may be for one or two years.

Applicants should submit a CV, a research plan, two or three selected papers, and the names and contact information of three references.

2013-03-05
15:25 [Job][New]

The Digital Security (DS) group of RU Nijmegen has a PhD position in side-channel analysis and countermeasure design and implementation.

Candidates should have a Master’s degree in computer science, applied mathematics or engineering with strong interest in algorithms and signal processing. Prior experience in side-channel analysis and embedded software or hardware design is an asset.

This research addresses potential threats within the scope of side-channel analysis and fault injection. The successful candidate will contribute to a research project entitled Side-channel resistant devices for pervasive security (SIDES), which is funded by STW. The project is a joint collaboration with Riscure.

Conditions of employment

The position is for 4 years, the expected starting date is flexible, preferably not later than September. Salary is 2042-2612 euro/month.

Candidates moving to the Netherlands from abroad may qualify for a tax incentive scheme, where 30% of your income is tax free.

15:24 [Job][New]

INVIA provides security-related semiconductor design IP and embedded software to ASIC and FPGA designers. Our customers are semiconductor vendor and OEM addressing markets where security is a key requirement.

Description

The integrated circuit designer will work in the R&D digital team and will contribute to the development of innovative IP for secure products. Main activities include various technical aspects as target specifications, technology survey, architecture, concept, IP development and validation, prototyping, IP packaging, documentation, etc.

He could be also visible from customers side in relationship with Invia marketing through market needs enquiries, technical meeting, deliveries to the customer, field support, etc.

Qualifications

PhD Degree in digital IC design, cryptography, MSc Degree in electrical engineering or equivalent.

Permanent position. The gross income depends on the experience level. Min package is about 40,000 EUR per year.

13:17 [Pub][ePrint]

We present several software and hardware implementations of QUAD, a recently introduced stream cipher designed to be provably secure and practical to implement. The software implementations target both a personal computer and an ARM microprocessor. The hardware implementations target field programmable gate arrays. The purpose of our work was to first find the baseline performance of QUAD implementations, then to optimize our implementations for throughput. Our software implementations perform comparably to prior work. Our hardware implementations are the first known implementations to use random coefficients, in agreement with QUAD\'s security argument, and achieve much higher throughputs than prior implementations.

13:17 [Pub][ePrint]

At Pairing 2010, Lauter et al\'s analysis showed that Ate pairing computation in affine coordinates may be much faster than projective coordinates at high security levels. In this paper, we further investigate techniques to speed up Ate pairing computation in affine coordinates. We first analyze Ate pairing computation using $4$-ary Miller algorithm in affine coordinates. This technique allows us to trade one multiplication in the full extension field and one field inversion for several multiplications in a smaller field. Then, we focus on pairing computations over elliptic curves admitting a twist of degree $3$. We propose new fast explicit formulas for Miller function that are comparable to formulas over even twisted curves. We further analyze pairing computation on cubic twisted curves by proposing efficient subfamilies of pairing-friendly elliptic curves with embedding degrees $k = 9$, and $15$. These subfamilies allow us not only to obtain a very simple form of curve, but also lead to an efficient arithmetic and final exponentiation.

13:17 [Pub][ePrint]

Attribute-based credentials (ABCs) are an important building block of privacy-enhancing identity management. Since non-identifying attributes can easily be abused as the anonymity they provide hides the perpetrator, cryptographic mechanisms need to be introduced to make them revocable. However, most of these techniques are not efficient enough in practice.

ABCs with practical revocation have recently been proposed by Hajny and Malina~\\cite{Hajny-Malina-2012}. Their ABCs make use of different discrete logarithm representations of a fixed value. Although this technique is attractive as the verification of a particular issuer\'s credentials is easy, it has an intrinsic weakness. Colluding users can efficiently forge new credentials that are indistinguishable from legally issued ones.

13:17 [Pub][ePrint]

Recently, Gennaro, Gentry, Parno and Raykova~\\cite{eprint2012:GennaroGPR} proposed an efficient non-interactive zero knowledge argument for Circuit-SAT, based on non-standard notions like conscientious and quadratic span programs. We propose a new non-interactive zero knowledge argument, based on a simple combination of \\emph{standard} span programs (that verify the correctness of every individual gate) and high-distance linear error-correcting codes (that check the consistency of wire assignments). We simplify all steps of the argument. As one of the corollaries, we design an (optimal) wire checker, based on systematic Reed-Solomon codes, of size $8 n$ and degree $4 n$, while the wire checker from~\\cite{eprint2012:GennaroGPR} has size $24 n$ and degree $76 n$, where $n$ is the circuit size. Importantly, the new argument has constant verifier\'s computation.

13:17 [Pub][ePrint]

RIPEMD-128 is an ISO/IEC standard cryptographic hash function proposed

in 1996 by Dobbertin, Bosselaers and Preneel. There are two

different and independent parallel lines called $line1$ operation and

$line2$ operation, and each operation has 64 steps. The results of two

line operations are combined at the end of every application of the

compression function. In this paper, we present collision

differential characteristics for both $line1$ operation and $line2$ operation by choosing a proper message difference. By using message modification technique seriously, we improve the probabilities of the differential characteristics so that we can give a collision attack on 40-step RIPEMD-128 with a complexity of $2^{35}$ computations.