International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

06:58 [Event][New] Inscrypt'13: 9th China International Conference on Information Security and Cryptology

  Submission: 22 August 2013
Notification: 22 October 2013
From November 27 to November 30
Location: Guangzhou, China
More Information:

21:17 [Forum] [IACR Publication Reform] Response to the invitation for comments by eoswald

  I welcome an open discussion about the publication routes that we currently have in our community and the option to comment on the current proposal. I find myself in agreement with several of the points raised, but at the same time there are two key points which I dislike and want to be different. To explain what these are I require several lines of text so please bear with me. To begin with, I think it is important to be clear on goals, very much alike how the proposal approaches the problem. Personally I think that our goals could be stated more simply: a) we want enjoyable conferences which are inclusive (i.e. all community should have a reason to go there), albeit there is certainly a need for specialist workshops/conferences b) reviewing needs to be credible and ethical and we need to be clear what our criteria are (i.e. are we selecting based on correctness, completeness, or potential to attract lots of citations only, etc.) c) we want to reduce unnecessary reviews and overhead so that a) and b) can actually materialise. In light of these goals, and the clear inefficiency of the hidden multi-round reviews that we are doing now, I completely agree that we need to finally drop the idea of relying on conferences as major publication venues. However, I don\'t find the idea of a single journal that essentially hoovers up all conference and workshop publications enticing, and the idea that conference chairs select only/mainly(?) from already published work doesn\'t sound good to me either. I would very much advocate that we think about setting up \'Transactions on\' (using IEEE terminology) or \'Communications\' (ACM terminology) in the already identified specialist areas. This is not only to achieve some differentiation of topics, but also different communities might want to have slightly different review processes, and this could be addressed in this way. For instance, among practitioners the idea of a first \'quick\' round and subsequent (almost) open-ended multi-round review process finds some supporters. Joan Damen\'s post in this forum echoes this as well. This might be because implementation or experimental work can take many different routes and so a decision about the work can be based on it\'s applicability per se but the precise nature of the implementation/experimentation is up for discussion and some paper benefit greatly from reviewer comments. This is at least an experience from the many CHES PCs I have been on over the last decade. By having some more journals available conferences would be freed from having to ask for original research only. We could hence have conferences with some original contributions without proceedings but which invite an actual conversation about on-going work! Conferences could hence become much more than just the \'one talk after another\' event, they could have interactive sessions, overview talks, etc. Obviously, the whole community takes a gamble by initiating any kind of radical change in the publication model as any new journal will start from zero in terms of impact. Because impact is important in the long run we better make this change sooner rather than later, as LNCS is a poor currency. And this sad fact is particularly concerning for young researchers in academia whose potentially great results will be undervalued in the wider academic community just because they appear as LNCS proceedings. Thanks to all those who drafted the current proposal and thanks to everyone who read my lengthy ramblings until this end. Elisabeth Oswald From: 2013-08-08 20:50:34 (UTC)

11:10 [Event][New] TCC: Theory of Cryptography Conference

  Submission: 3 September 2013
Notification: 5 November 2013
From February 24 to February 26
Location: La Jolla, CA, USA
More Information:

18:07 [News] Revisiting the IACR Publication Strategy: An Invitation for Comments


One of the key roles of the the IACR is the review and dissemination of scientific publications. In the past three years, there has been an intensive discussion of publication options, in which several alternatives have been reviewed thoroughly.

At the end of 2012, the IACR has signed a new publication contract with Springer for a 4-year period (2013-2017); IACR continues to publish the proceedings of our flagship conferences and workshops in Springer's Lecture Notes in Computer Science series. This new contract makes substantial progress towards broader access to our publications and reduces the cost of publications. However, the IACR Board believes that the area of scientific publications will undergo further changes in the next years, in particular towards open access. In addition, the expansion of our field (more than 1200 submissions and more than 250 publications per year) has resulted in a steadily increasing reviewing load. Some other scientific communities have updated their publication models with a shift towards journal publications.

The IACR Board understands that any change to our publication model has major implications on our members and on the cryptographic community at large. We also have learned that changing this model would be complex and time consuming: in order to be ready for a new publication model in 2018, a new strategy would need to be in place by mid 2015.

In view of this, the IACR Board has decided to start an open discussion on the future of IACR publications. In order to focus this discussion, Nigel Smart has drafted a radical proposal, that would involve moving towards a journal publication model. This proposal has been outlined at the rump session of Eurocrypt'13 and has been further refined based on comments received. The reason for working with a detailed document is that this seems the best way to make sure that all issues are identified and detailed solutions are proposed and compared.

It should be fully understood that this document is a strawman proposal: it does not reflect the view of the IACR Board; the document has also not been discussed with the steering committees of the workshops. Its only intention is to start an open discussion. In particular, the Board welcomes detailed comments and alternative proposals for the future of IACR publications.

We are looking forward to hearing from the community.

Bart Preneel
IACR-International Association for Cryptologic Research

15:17 [Forum] [IACR Publication Reform] Re: IACR publication reform - background material by nigel

  Please read the following letter from the President Before reading the straw man proposal Yours Nigel From: 2013-05-08 13:45:42 (UTC)

19:50 [Job][New] Senior / Scientists, A*STAR, Data Storage Institute, Singapore

  Highly motivated candidates interested in the area of Cryptography and Theory of Computation in general. Candidates are expected to have thorough undersnding of the state-of-the-art research in Cryptography, Security & Privacy and with the breadth of knowledge of the current issues and recent technology advancements.Research topics include but not necessary limited to New approaches of Computing on Encrypted Data in both theoretical and computational.


- Deep understanding of theory and implementation of Security protocols and applied cryptography

- Demonstrated expertise with computer architecture

- A strong programming background and experience with functional programming languages is preferred

- Experience in developing prototypes in a research environment

- A demonstrated potential to excel in collaborative research

- PhD in computer science or computer engineering

10:40 [Job][New] Computing Security Department Chair, Rochester Institute of Technology, Rochester, NY, USA

  The Department of Computing Security at the Rochester Institute of Technology invites applications for the position of Department Chair to begin August 2014.

In July of 2012, the Department of Computing Security at RIT was established to address critical security challenges that cut across computing disciplines. The department engages in a wide range of research and teaching activities, including: big data analytics, cryptology and covert communications, digital forensics, mobile devices, networks, privacy, security measurement, security pedagogy, sensors, software, and systems security. Through these activities, the department seeks to advance the discipline and to meet the rapidly growing need for computing security professionals.

The successful candidate will be ready to assume the leadership and administrative responsibilities of the department. A key role will be to lead the department in shaping and expanding its research and scholarship profile. Applicants are required to have a Ph.D. or equivalent in a related field and experience commensurate with that of a full professor. Applicants must have demonstrated research excellence in computing security, a track record of external funding, and a strong commitment to undergraduate and graduate education.

Candidates should visit and search 575BR for specific information about the position and the application process. Refer to for information about RIT and the B. Thomas Golisano College of Computing and Information Sciences.

RIT is an equal opportunity employer that promotes and values diversity, pluralism, and inclusion.  For more information or inquiries, please visit

06:17 [Pub][ePrint] Practical Cryptanalysis of a Public-Key Encryption Scheme Based on New Multivariate Quadratic Assumptions, by Martin R. Albrecht and Jean-Charles Faugère and Robert Fitzpatrick and Ludovic Perret

  In this paper, we investigate the security of a public-key encryption scheme introduced by Huang, Liu and Yang (HLY) at PKC\'12. This new scheme can be provably reduced to the hardness of solving a set of quadratic equations whose coefficients of highest degree are chosen according to a discrete Gaussian distributions. The other terms being chosen uniformly at random. Such a problem is a variant of the classical problem of solving a system of non-linear equations (PoSSo), which is known to be hard for random systems. The main hypothesis of Huang, Liu and Yang is that their variant is not easier than solving PoSSo for random instances. In this paper, we disprove this hypothesis. To this end, we exploit the fact that the new problem proposed by Huang, Liu and Yang reduces to an easy instance of the Learning With Errors (LWE) problem. The main contribution of this paper is to show that security and efficiency are essentially incompatible for the HLY proposal. That is, one cannot find parameters which yield a secure and a practical scheme. For instance, we estimate that a public-key of at least 1.03 GB is required to achieve 80-bit security against known attacks. As a proof of concept, we present practical attacks against all the parameters proposed Huang, Liu and Yang. We have been able to recover the private-key in roughly one day for the first challenge proposed by HLY and in roughly three days for the second challenge.

06:17 [Pub][ePrint] Obfuscating Conjunctions, by Zvika Brakerski and Guy N. Rothblum

  We show how to securely obfuscate the class of conjunction functions (functions like $f(x_1, \\ldots, x_n) = x_1 \\land \\lnot x_4 \\land \\lnot x_6 \\land \\cdots \\land x_{n-2}$). Given any function in the class, we produce an obfuscated program which preserves the input-output functionality of the given function, but reveals nothing else.

Our construction is based on multilinear maps, and can be instantiated using the recent candidates proposed by Garg, Gentry and Halevi (EUROCRYPT 2013) and by Coron, Lepoint and Tibouchi (CRYPTO 2013). We show that the construction is secure when the conjunction is drawn from a distribution, under mild assumptions on the distribution. Security follows from multilinear entropic variants of the Diffie-Hellman assumption. We conjecture that our construction is secure for any conjunction, regardless of the distribution from which it is drawn. We offer supporting evidence for this conjecture, proving that our obfuscator is secure for any conjunction against generic adversaries.