*15:00* [Job][Update]
1 Post-Doc position in Privacy-preserving biometrics , *Chalmers University of Technology, Sweden*
We are looking for an excellent, motivated, self-driven post-doctoral researcher to work in the area of cryptography with a focus on privacy-preserving biometrics. More precisely, the researcher will be employed in the European FP7 project BEAT (Biometric Evaluation and Testing). The researcher is expected to investigate and analyse the security and privacy of existing privacy-preserving biometric authentication systems against different types of attacks and propose new ones robust to the identified weaknesses.Some info about the BEAT research project can be found here: http://www.beat-eu.org

More info about the research of the group can be found here: http://lasecwww.epfl.ch/~katerina/Publications.html

The employment is limited to 1 year and may be extended to 1 more year.

The applicant should have Ph.D. degree preferably in information security, computer science, cryptography or equivalent by the start of the appointment. Experience in security communication protocols, provable security, homomorphic encryption, zero-knowledge proofs, privacy-preservation and biometric authentication is highly valued.

*08:59* [Job][New]
1 Post-Doc position in Privacy-preserving biometrics , *Chalmers University of Technology, Sweden*
We are looking for an excellent, motivated, self-driven post-doctoral researcher to work in the area of cryptography with a focus on privacy-preserving biometrics. More precisely, the researcher will be employed in the European FP7 project BEAT (Biometric Evaluation and Testing). The researcher is expected to investigate and analyse the security and privacy of existing privacy-preserving biometric authentication systems against different types of attacks and propose new ones robust to the identified weaknesses.Some info about the BEAT research project can be found here: http://www.beat-eu.org

More info about the research of the group can be found here: http://lasecwww.epfl.ch/~katerina/Publications.html

The employment is limited to 1 year and may be extended to 1 more year.

The applicant should have Ph.D. degree preferably in information security, computer science, cryptography or equivalent by the start of the appointment. Experience in security communication protocols, provable security, homomorphic encryption, zero-knowledge proofs, privacy-preservation and biometric authentication is highly valued.

*08:59* [Job][New]
PhD students, *Queensland University of Technology, Brisbane, Australia*
The cryptography group in the Information Security discipline at the Queensland University of Technology (QUT) in Brisbane, Australia, invites applications for PhD students starting in 2014 in various aspects of cryptographic protocols and algorithms. We are always interested in taking on new research students with appropriate background knowledge and an interest in challenging problems in the area.

Research interests of the group include:

- design and cryptanalysis of stream ciphers
- elliptic curves and pairings; identity-based cryptography
- lattice-based cryptography
- design and analysis of key exchange protocols
- real-world Internet cryptography protocols

Interested students should contact one of the potential supervisors (Emeritus Professor Ed Dawson, Associate Professor Xavier Boyen, Dr Leonie Simpson, Dr Douglas Stebila) to discuss the availability of a suitable project. For these projects students will be expected to have a strong mathematical and computer science background. Previous experience in cryptography and networking is an advantage.

QUT offers competitive scholarships for living expenses and tuition fee waivers to support domestic and international PhD students. Applications for admission are accepted year-round, but the deadline for the annual scholarship competition is Sunday 13 October 2013.

*08:59* [Job][Update]
Post-Doc, *University of Athens, Greece*
We are looking for a Post-Doc in cryptography. Contact us if you have (or about to receive) a Ph.D. in cryptography (or very related subject), an excellent publication record that includes IACR conferences and you want to work in a fun environment in Athens - Greece.

Funding is through the European Research Council project CODAMODA. More information about the Crypto.Sec group at the National and Kapodistrian University of Athens can be found here http://crypto.di.uoa.gr

Applications will be considered immediately. The position is for 1 year with the possibility of renewal. Salary is competitive.

*21:17* [Pub][ePrint]
On secret sharing with nonlinear product reconstruction, by Ignacio Cascudo and Ronald Cramer and Diego Mirandola and Carles Padro and Chaoping Xing
Multiplicative linear secret sharing is a fundamental notion in the area of secure multi-party computation (MPC) and,since recently, in the area of two-party cryptography as well. In a nutshell, this notion guarantees that

``the product of two secrets is obtained as a linear function of the vector consisting of the

coordinate-wise product of two respective share-vectors\'\'. This paper focuses on the following foundational question, which is novel to the best of our knowledge. Suppose we {\\em abandon the latter linearity condition} and instead require that this product is obtained by {\\em some},

not-necessarily-linear ``product reconstruction function\'\'. {\\em Is the resulting notion equivalent to

multiplicative linear secret sharing?} We show the (perhaps somewhat counter-intuitive) result that this relaxed notion is strictly {\\em more general}.

Concretely, fix a finite field $\\FF_q$ as the base field $\\FF_q$ over which linear secret sharing is considered.

Then we show there exists an (exotic) linear secret sharing scheme with an unbounded number of players $n$

such that it has $t$-privacy with $t\\approx \\sqrt{n}$

and such that it does admit a product reconstruction function, yet this function is {\\em necessarily} nonlinear. Our proof is based on

combinatorial arguments involving bilinear forms. It extends to similar separation results for important variations,

such as strongly multiplicative secret sharing.

*21:17* [Pub][ePrint]
Improvement of One Anonymous Identity-Based Encryption, by Zhengjun Cao and Lihua Liu
In 2009, Seo et al. proposed an anonymous hierarchical identity-basedencryption (IBE). The ciphertext consists of $(C_1, C_2, C_3, C_4)$, where $C_1$ is the blinded message, $C_4$ is the blinded identity,

both $C_2$ and $C_3$ are used as decrypting helpers. To prove its security, the authors defined five games and introduced a strong simulator who is able to select different Setups for those games.

In this paper, we optimize the IBE scheme by removing one decrypting helper and the strong simulator. We show its security under the $\\ell$-computational Diffie-Hellman assumption with a normal simulator who only requires a unique Setup.

*21:17* [Pub][ePrint]
SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge, by Eli Ben-Sasson and Alessandro Chiesa and Daniel Genkin and Eran Tromer and Madars Virza
An argument system for NP is a proof system that allows efficient verification of NP statements, given proofs produced by an untrusted yet computationally-bounded prover. Such a system is non-interactive and publicly-verifiable if, after a trusted party publishes a proving key and a verification key, anyone can use the proving key to generate non-interactive proofs for adaptively-chosen NP statements, and proofs can be verified by anyone by using the verification key.We present an implementation of a publicly-verifiable non-interactive argument system for NP. The system, moreover, is a zero-knowledge proof-of-knowledge. It directly proves correct executions of programs on TinyRAM, a random-access machine tailored for efficient verification of nondeterministic computations. Given a program $P$ and time bound T, the system allows for proving correct execution of $P$, on any input $x$, for up to T steps, after a one-time setup requiring $\\tilde{O}(|P| T)$ cryptographic operations. An honest prover requires $\\tilde{O}(|P| \\cdot T)$ cryptographic operations to generate such a proof, while proof verification can be performed with only $O(|x|)$ cryptographic operations. This system can be used to prove the correct execution of C programs, using our TinyRAM port of the GCC compiler.

This yields a zero-knowledge Succinct Non-interactive ARgument of Knowledge (zk-SNARK) for program executions in the preprocessing model -- a powerful solution for delegating NP computations, with several features not achieved by previously-implemented primitives.

Our approach builds on recent theoretical progress in the area. We present efficiency improvements and implementations of two main ingredients:

* Given a C program, we produce a circuit whose satisfiability encodes the correctness of execution of the program. Leveraging nondeterminism, the generated circuit\'s size is merely quasilinear in the size of the computation. In particular, we efficiently handle arbitrary and data-dependent loops, control flow, and memory accesses. This is in contrast with existing ``circuit generators\'\', which in the general case produce circuits of quadratic size.

* Given a linear PCP for verifying satisfiability of circuits, we produce a corresponding SNARK. We construct such a linear PCP (which, moreover, is zero-knowledge and very efficient) by building on and improving on recent work on quadratic arithmetic programs.