International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

16:43 [Job][New] Assistant Professor (tenure track), Technische Universiteit Eindhoven

  We are looking for a candidate who meets the following requirements:

  • A PhD degree in Mathematics or Computer Science;

  • Research experience in coding theory or coding theory;

  • Outstanding research achievements and promise for the future;

  • Excellent track record of international publications in leading journals and high-ranked conferences;

  • High potential for the acquisition of external research funds;

  • Readiness to supervise PhD projects;

  • Teaching experience and good teaching skills;

  • Good English speaking and writing skills, and a willingness to learn Dutch (all Master\\\'s and some Bachelor courses are given in English);

  • Basic Teaching Qualification (BKO): if the candidate in question is not in possession of a BKO certificate, he or she is required to meet this requirement within a maximum period of three years.

    The Department of Mathematics and Computer Science of the Eindhoven University of Technology (TU/e) has a vacancy for a Tenure Track Assistant Professor position for five years in the Coding and Crypto group (section Discrete Mathematics, DM).

    The tenure-track nature of the position will be as follows. The successful candidate will first be appointed for a fixed period of five years. Before the start of the contract, the department and the candidate negotiate a list of conditions for successful conversion. If the candidate meets these conditions at the end of the five years, the position becomes permanent; if not, the temporary position is not continued.

16:36 [Event][New] PETShop'13: PETShop: Workshop on Language Support for Privacy Enhancing Technologies

  Submission: 4 August 2013
Notification: 23 August 2013
From November 4 to November 4
Location: Berlin, Germany
More Information:

12:35 [Event][New] RISC '13: The 5th International Workshop on RFID/IoT Security and Cryptography

  Submission: 13 September 2013
Notification: 11 October 2013
From December 9 to December 11
Location: London, UK
More Information:

16:47 [Event][New] SEC@SAC'14: 13th Computer Security track at the 29th ACM Symposium on Applied Computing

  Submission: 13 September 2013
Notification: 15 November 2013
From March 24 to March 28
Location: Gyeongju, Korea
More Information:

09:17 [Forum] [IACR Publication Reform] Re: two-stage review process by cbw

  We don\'t have space limitations anymore - we can accept any good paper from now on :-) Best, Christopher Orr Wrote: > you are susceptible > to variance (Y should be O(X), IMHO) in the number > of accepted papers, or some decent papers gets > rejected due to lack of space. From: 2013-24-06 09:11:00 (UTC)

21:17 [Forum] [IACR Publication Reform] Re: two-stage review process by Orr

  But in this case, if you accept X papers, you need to pass to Stage 2 X+Y papers (assuming some will fail the testing), and then, you are susceptible to variance (Y should be O(X), IMHO) in the number of accepted papers, or some decent papers gets rejected due to lack of space. In addition, why not to just separate the submission into two parts: abstract, and the rest. Then, interested committee members could immediately check the details if they wish. Which is btw, what happens now, but with shorter abstract. From: 2013-23-06 18:32:14 (UTC)

15:17 [Forum] [IACR Publication Reform] Re: Testable change by cbw

  Thanks for the insight! My question would be a different one though: Does rebuttal/rebattle [1] change something from the perspective of the /reviewers/: Do you write your review more carefully (it could be questioned) or not? If the first happens, I guess it\'s worth the overhead. If no, you are right. In this case, it\'s not worth the bother. Best, Christopher [1] I do prefer the second term ;-) From: 2013-23-06 14:10:09 (UTC)

12:17 [Forum] [IACR Publication Reform] two-stage review process by Joan Daemen

  Dear all, Here a proposal that aims at reducing review workload. The idea is to split the review of a paper in two stages. It implies that each paper has two parts: - an abstract aimed at the non-specialized reader clearly stating the contribution of the paper (selling it, actually). So the abstract should probably be longer that what we have now (say a 2-page limit) - a technical part that will typically be more specialized Stage 1: the paper is reviewed by a relatively large number of people from different sub-disciplines, based on the abstract only. Reviewers should assume that the technical part will deliver what the abstract announces. If the paper survives this phase, it proceeds to phase 2. Stage 2: a few specialized reviewers check in detail whether the technical part delivers on the promise made in the abstract. If so, the paper is accepted. This includes verification of proofs, claimed attack complexity etc. At least in theory this may reduce the workload as most reviewers only have to read the abstract. Forcing the authors to write an abstract aimed at a wider audience has the additional benefit that papers may become more accessible to people working in other sub-disciplines. I realise that whether this really works depends on how it is implemented. For example, something must be built in against overselling. This could be done by having a system with (negative) points where each co-author gets a point when his paper passes stage 1 but not stage 2 and these points are somehow taken into account in stage 1. And of course there are many other details that may make this a success or a failure. But let\'s first see if there is support for the basic idea in the first place. Joan From: 2013-23-06 11:06:21 (UTC)

21:17 [Forum] [IACR Publication Reform] Re: Testable change by Orr

  Amit, From my past experience with conferences with two-phase review (rebuttal, or whatever you want to call it) - it rarely changes anything in the final program. In other words, it\'s a lot of overhead, for a very little impact on the outcome of the review process. So this idea, as logical as it sounds, is not "working", IMHO. From: 2013-22-06 18:20:06 (UTC)

09:07 [Event][New] Indocrypt 2013: 14th International Conference on Cryptology in India

  Submission: 15 July 2013
From December 7 to December 10
Location: Mumbai, India
More Information:

18:56 [PhD][Update] Enrico Thomae: About the Security of Multivariate Quadratic Public Key Schemes

  Name: Enrico Thomae
Topic: About the Security of Multivariate Quadratic Public Key Schemes
Category:public-key cryptography

Description: The primary goal of this thesis is to evaluate the security of multivariate quadratic public key schemes. We investigate three main topics related to the security of MQ-schemes, namely the MQ-Problem, the IP-Problem and the MinRank-Problem.
Section 2 discusses the MQ-Problem, which relates to direct pre-image attacks using the public key, i.e. finding x for a given y and P(x) = y, which is known to be difficult in general. In section 2.1 we provide a brief survey on algorithms to solve such systems, like F4, F5, XL and MutantXL. We recap the complexity analysis of the first three algorithms and provide a detailed complexity analysis of the latter. Our contribution is a proof of theorem 2.7 which is hopefully simpler than that in [CKPS, Section 8]. Further we derived theorem 2.29 and thus confirmed results from Yang and Chen [YC04a] in a different way.
In section 2.2 we present a new direct attack on the Unbalanced Oil and Vinegar signature scheme, which forces to raise parameters in order to obtain the same security level again. More generally we present an algorithm to solve underdetermined systems of MQ-equations faster than before.
Section 3 presents the main part of this work and is dedicated to algebraic key recovery attacks on MQ-schemes. Unfortunately naive algebraic attacks are usually far from being efficient due to the large number of variables. So we first formalize the underlying class of problems and introduce the Isomorphism of Polynomials with partial Knowledge (IPpK) Problem in section 3.3. We relate this new problem to known problems, like the Isomorphism of Polynomials Problem with one and two secrets. Our main contribution is to provide a general algebraic framework to tackle the IPpK-Problem. Therefore we generalize the notion of equivalent keys to so-called good keys. In a nutshell equivalent keys allow to reduce the number of variables of an algebraic attack. Good keys further reduce the number of variables, but this time also t[...]