*22:17* [Pub][ePrint]
Secure multi-party data analysis: end user validation and practical experiments, by Dan Bogdanov and Liina Kamm and Sven Laur and Pille Pruulmann-Vengerfeldt
Research papers on new secure multi-party computation protocolsrarely confirm the need for the developed protocol with its end users.

One challenge in the way of such validation is that it is hard to explain

the benefits of secure multi-party computation to non-experts.

We present a method that we used to explain the application

models of secure multi-party computation to a diverse group of end users

in several professional areas. In these interviews, we learned that

the potential users were curious about the possibility of using

secure multi-party computation to share and statistically analyse

private data. However, they also had concerns on how the new

technology will change the data analysis processes.

Inspired by this, we implemented a secure multi-party

computation prototype that calculates statistical functions in the same way as

popular data analysis packages like R, SAS, SPSS and Stata.

Finally, we validated the practical feasibility of this application by conducting

an experimental study that combined tax records with education records.

*22:17* [Pub][ePrint]
Lower Bounds in the Hardware Token Model, by Shashank Agrawal and Prabhanjan Ananth and Vipul Goyal and Manoj Prabhakaran and Alon Rosen
We study the complexity of secure computation in the tamper-proof hardware token model. Our main focus is on non-interactive unconditional two-party computation using bit-OT tokens, but we also study computational security with stateless tokens that have more complex functionality. Our results can be summarized as follows:- There exists a class of functions such that the number of bit-OT tokens required to securely implement them is at least the size of the sender\'s input. The same applies for receiver\'s input size (with a different class of functionalities).

- Non-adaptive protocols in the hardware token model imply efficient (decomposable) randomized encodings. This can be interpreted as evidence to the impossibility of non-adaptive protocols for a large class of functions.

- There exists a functionality for which there is no protocol in the stateless hardware token model accessing the tokens at most a constant number of times, even when the adversary is computationally bounded.

En route to proving our results, we make interesting connections between the hardware token model and well studied notions such as OT hybrid model, randomized encodings, and obfuscation.

*16:19* [Job][New]
Postdoc Positions in IT-Security, Privacy, and Cryptography, *Center for IT-Security, Privacy and Accountability, Saarland University, Saarbrücken, Germany*
The Information Security and Cryptography (IS&C) group at the Computer Science Department of Saarland University is currently offering several postdoc positions. The IS&C group is part of the Center for IT-Security, Privacy and Accountability (CISPA).

The IS&C group conducts research in various aspects of IT-security, privacy, and cryptography. Topics of particular interest include, but are not limited to:

Positions are being offered for two years, with the possibility of renewal for another year. Postdoc applicants are required to hold a doctoral degree in computer science or a closely related area, or have it completed at the time of taking up the position. We expect successful applicants to have a strong background in one or more of the aforementioned research topics, and to maintain an outstanding academic track record. The working and teaching language is English.

**Application Instructions**

Applications should contain a CV, copies of transcripts, certificates, as well as a research statement and two references. Applications will be accepted for evaluation until the positions have been filled. Please send your application to Michael Backes via e-mail.

*09:52* [Job][New]
Ph.D. Position in Lightweight Cryptography for the Internet of Things, *University of Luxembourg, Luxembourg*
The Laboratory of Algorithmics, Cryptology and Security (LACS) of the University of Luxembourg is looking a Ph.D. student in lightweight cryptography. The successful candidate will contribute to a research project entitled \\\"Applied Cryptography for the Internet of Things (ACRYPT),\\\" which is funded by the Fonds National de la Recherche (FNR). The ACRYPT project is led by Prof. Alex Biryukov and has started in July 2013.

Candidates are expected to hold an M.Sc. degree in computer science, electrical engineering, or applied mathematics with outstanding grades (GPA > 80%). Applications from M.Sc. students who will graduate in spring 2014 will also be considered. A solid background in algorithms and data structures, discrete mathematics, probability theory and statistics, software development, computer architecture, and information security is a general requirement to qualify for a Ph.D. position in LACS. Hands-on experience in hardware design (VHDL, SystemC) or programming of embedded systems (AVR, MSP430, ARM, etc.) is a plus. Candidates with an interest to conduct research in one of the following areas are particularly encouraged to apply:

- Design and analysis of symmetric cryptographic primitives
- Efficient implementation of cryptosystems in HW and/or SW
- Side-channel attacks and countermeasures

The Ph.D. position is initially available for three years, but an extension to a fourth year is possible. LACS offers excellent working conditions in an attractive research environment and a competitive salary (> 2000€ net). Interested candidates are invited to submit their application by email to *lacs.acrypt(at)gmail.com*. The application material should contain a cover letter explaining the candidate\\\'s motivation and research interests, a CV (including detailed information about the obtained degrees and overall GPA in both the undergraduate and graduate program), as well as a transcript of courses and grades. A

*15:40* [Job][New]
Two Ph.D. Positions in Cryptography/IT Security, *University of Luxembourg*
The Laboratory of Algorithmics, Cryptology and Security (LACS) of the University of Luxembourg is looking for two Ph.D. students in cryptography and IT security. The successful candidate for the first position will contribute to a research project entitled \\\"Applied Cryptography for the Internet of Things (ACRYPT)\\\", which is funded by the Fonds National de la Recherche (FNR). The second Ph.D. position can be in any area of research in which LACS is currently engaged (e.g. applied cryptography, network security, anonymity and privacy) and candidates are invited to submit their own proposals for possible projects.

Candidates are expected to hold an M.Sc. degree in computer science, electrical engineering, or applied mathematics with outstanding grades (GPA > 80%). A solid background in algorithms and data structures, discrete mathematics, probability theory and statistics, software development, computer architecture, and information security is a general requirement to qualify for a Ph.D. position in LACS. Hands-on experience in hardware design (VHDL, SystemC) or programming of embedded systems (AVR, MSP430, ARM, etc.) is an asset for the Ph.D. position related to the ACRYPT project. Candidates with an interest to conduct research in one of the following areas are particularly encouraged to apply:

- Design and analysis of symmetric cryptographic primitives
- Efficient implementation of cryptosystems
- Side-channel attacks and countermeasures

Both Ph.D. positions are initially offered for three years, but an extension to a fourth year is possible. LACS offers excellent working conditions in an attractive research environment and a competitive salary (> 2000 Euro net). Interested candidates are invited to submit their application by email to *lacs.acrypt (at) gmail.com*. The application material should contain a cover letter explaining the candidate\\\'s motivation and research interests, a CV (including deta