International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2014-06-21
06:17 [Pub][ePrint] Large Universe Ciphertext-Policy Attribute-Based Encryption with White-Box Traceability, by Jianting Ning, Zhenfu Cao, Xiaolei Dong, Lifei Wei, and Xiaodong Lin

  A Ciphertext-Policy Attribute-Based Encryption (CP-ABE) system extracts the decryption keys over attributes shared by multiple users. It brings plenty of advantages in ABE applications. CP-ABE enables fine-grained access control to the encrypted data for commercial applications. There has been significant progress in CP-ABE over two properties called traceability and large universe in the past few years, which enlarges the commercial applications of CP-ABE. Due to the nature of CP-ABE, it is difficult to identify the original key owner from an exposed key since the decryption privilege is shared by multiple users who have the same attributes. Thus, it is necessary for ABE applications to add the property of traceability to find out the malicious users who intentionally leak the partial or modified decryption keys to others for profits. On the other hand, the property of large universe in ABE proposed by Lewko and Waters enlarges the practical applications by supporting flexible number of attributes. Several systems have been proposed to obtain either of the above properties. None of them achieve the two properties simultaneously in practice, which limits the commercial applications of CP-ABE to a certain extent. In this paper, we propose a practical large universe CP-ABE system supporting white-box traceability, which is suitable for commercial applications. Compared to related work, our new system provides three advantages: (1) The number of attributes is not polynomially bounded; (2) Malicious users who leak their decryption keys could be traced; (3) The storage overhead for tracing is constant. We also prove the selective security of our new system in the standard model under \"q-type\" assumption.





2014-06-19
20:11 [Job][New] PhD / MSc. Scholarships , University of New Brunswick, Canada, North America

  The Information Security Centre of Excellence (ISCX), University of New Brunswick, Fredericton, Canada has several openings for fully funded PhD/MS positions to work with the Centre to carry out research, design and development for the Intelligent Tools for an Automated Security Analysis and Risk Management for Large-Scale Systems project. The proposed toolset will incorporate a set of techniques for automated risk identification, security assessment (e.g., intrusion/malware detection & analysis) and mitigation planning. This project is funded under the Atlantic Innovation Foundation program. For more information about ISCX, please see www.iscx.ca.

Candidates are expected to be proficient in networking, have basic knowledge of computer security, to demonstrate interest in network security.

To apply send your CV.

20:09 [Job][New]
Post-Doc positions, Ecole Normale Supérieure, Lyon, France
Laboratoire de l’Informatique du Parallélisme


  Post-doctoral positions are available in the AriC team, on functional cryptography and/or lattice-based cryptography.

An emerging group on cryptography is looking for excellent researchers to participate to projects on functional encryption and/or lattice-based cryptography, from the algorithmic foundations to the design and implementation of advanced cryptographic primitives.

Candidates must hold (or be close to holding) a PhD thesis related to cryptology, with an emphasis on its mathematical aspects. A strong research record is expected (i.e., publications in first-tier conferences or journals).

Applications should include a CV and recommendation letters. They should be sent before July 31, 2014 but will be considered until the positions are filled. Post-doc duration is negotiable. Salary can be adjusted for senior post-docs.



20:08 [Job][New] Post-Doc positions, Ecole Normale Supérieure, Lyon, France
Laboratoire de l’Informatique du Parallélisme


  Post-doctoral positions are available in the AriC team, on functional cryptography and/or lattice-based cryptography.

An emerging group on cryptography is looking for excellent researchers to participate to projects on functional encryption and/or lattice-based cryptography, from the algorithmic foundations to the design and implementation of advanced cryptographic primitives.

Candidates must hold (or be close to holding) a PhD thesis related to cryptology, with an emphasis on its mathematical aspects. A strong research record is expected (i.e., publications in first-tier conferences or journals).

Applications should include a CV and recommendation letters. They should be sent before July 31, 2014 but will be considered until the positions are filled. Post-doc duration is negotiable. Salary can be adjusted for senior post-docs.



20:08 [Job][New] Postdoctoral fellow, University of New Brunswick, Canada, North America

  The Information Security Centre of Excellence (ISCX), University of New Brunswick, Fredericton, Canada is seeking a full-time postdoctoral fellow to work with the Centre to carry out research, design and development for the Intelligent Tools for an Automated Security

Analysis and Risk Management for Large-Scale Systems project. The proposed toolset will incorporate a set of techniques for automated risk identification, security assessment and mitigation planning. Within this toolset a risk management methodology will be provided to

support a process of identifying system threats and assessing the corresponding risks. The risk management toolset will also be equipped with means to trace and analyze roots of these threats for proper selection of follow-up mitigation strategies. This project is funded under the Atlantic Innovation Foundation program. For more information about ISCX, please see www.iscx.ca.

Applicants should have a Ph.D. and expertise in one or both of following research areas:

• Information and Network Security, and network technologies and tools.

• Machine learning and data mining techniques and tools.

The following skills and experiences are very helpful:

• Development under Linux operating system

• Malware detection and analysis concepts and tools

Successful applicants will assist in one or more of following tasks:

• Developing novel learning and mining techniques for malware detection and analysis

• Develop security data-mining approaches for risk mitigation, automated understanding and predictive analytics.

• Preparing technical documents and writing and submitting the research results for publication.

The post-doc appointment is for two years and can be extended for two more year depending upon the availability of funding.

Applications will be considered until the available position is filled. To apply send your curriculum vita that in

20:07 [Job][New] Applied Cryptographer, ID Quantique SA, Geneva, Swiss, Europe

  ID Quantique SA is a dynamic company specialising in quantum-safe network encryption solutions as well as hardware random number generators. Its products are used by customers in the financial and government sector worldwide. The company is based in Geneva, Switzerland.

Main Responsabilities:

•Provide internal expertise on cryptographic algorithms and protocols.

•Participation in internal as well as collaborative interdisciplinary R&D projects in the field of quantum-safe cryptography primitives, protocols and solutions.

•Implementation of cryptographic protocols.

•Monitoring of vulnerabilities and attacks relevant to the company’s products and services.

•Engagement with customers in the context of pre-sales activities.





2014-06-17
19:27 [Job][New] Research Assistant (PhD student), University of Paderborn

  The working group „Codes and Cryptography“ of the Department for Computer Science at the University of Paderborn is looking for a Research Assistant (PhD student) working in public key cryptography, more specifically in pairing based cryptography. The position also includes teaching duties.

Candidates should be proficient in complexity theory, cryptography, and number theory. A Master in Computer Science or a similar field is a condition of employment. It is expected of any candidate that a doctorate\\\'s degree will be pursued.

Applications, preferably by email, with the usual documents can be sent until June 30th, 2014.



19:26 [Job][New] Ph.D. student, IMDEA Software Institute, Madrid

 

The IMDEA Software Institute (Madrid, Spain) has openings for two Ph.D. positions. We are looking for highly motivated students with a background in at least one of the following fields:

  • cryptography,
  • programming languages,
  • verification

and an interest in carrying out research at their intersection.

The positions are within the computer-assisted cryptography group. The group is actively working on:

  • the development of new programming languages and verification methods for the design and analysis of cryptographic systems,
  • the implementation of computer-aided tools for cryptographic proofs, including EasyCrypt and ZooCrypt, and
  • their application to the formal verification of descriptions and implementations of cryptographic standards and systems.

For more information about the group and our recent research, please visit: https://www.easycrypt.info/Team

The positions start from September 1, 2014 (negotiable); it is expected that students will complete their Ph.D. in 4 years. The salary is around 24K euros per year, which provides for very comfortable living in Madrid; in addition, students will have access to a generous health package. The working language is English.

Applications should arrive no later than July 6, 2014 and should include a CV, a cover letter, and the names and contact details for two references. Later applications will be considered until the positions are filled.



19:25 [Event][New] ECC'14: 18th Workshop On Elliptic Curve Cryptography

  From October 8 to October 10
Location: Chennai, India
More Information: http://www.imsc.res.in/~ecc14


18:17 [Pub][ePrint] Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens, by Daniel Demmler and Thomas Schneider and Michael Zohner

  Secure two-party computation allows two mutually distrusting parties to jointly compute an arbitrary function on their private inputs without revealing anything but the result. An interesting target for deploying secure computation protocols are mobile devices as they contain a lot of sensitive user data. However, their resource restrictions make this a challenging task.

In this work, we optimize and implement the secure computation protocol by Goldreich-Micali-Wigderson~(GMW) on mobile phones. To increase performance, we extend the protocol by a trusted hardware token (i.e., a smartcard). The trusted hardware token allows to pre-compute most of the workload in an initialization phase, which is executed locally on one device and can be pre-computed independently of the later communication partner. We develop and analyze a proof-of-concept implementation of generic secure two-party computation on Android smart phones making use of a microSD smartcard. Our use cases include private set intersection for finding shared contacts and private scheduling of a meeting with location preferences. For private set intersection, our token-aided implementation on mobile phones is up to two orders of magnitude faster than previous generic secure two-party computation protocols on mobile phones and even as fast as previous work on desktop computers.



15:17 [Pub][ePrint] Provably secure and efficient certificateless signature in the standard model, by Lin Cheng and Qiaoyan Wen and Zhengping Jin and Hua Zhang

  Certificateless public key cryptography eliminates inherent key escrow problem in identity-based cryptography, and does not yet requires certificates as in the traditional public key infrastructure. However, most of certificateless signature schemes without random oracles have been demonstrated to be insecure. In this paper, we propose a new certificateless signature scheme and prove that our new scheme is existentially unforgeable against adaptively chosen message attack in the standard model. Performance analysis shows that our new scheme has shorter system parameters, shorter length of signature, and higher computational efficiency than the previous schemes in the standard model.