International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

11:49 [Event][New] TrustED 2014: International Workshop on Trustworthy Embedded Devices

  Submission: 25 July 2014
Notification: 25 August 2014
From November 3 to November 3
Location: Scottsdale, Arizona, United States of America
More Information:

16:05 [Job][Update] Research Associate, University of New Brunswick, Fredericton, Canada

  The Information Security Centre of Excellence (ISCX) at the Faculty of Computer Science, University of New Brunswick’s Fredericton Campus invites application for a Research Associate in the field of Cyber Security. The successful candidate will work with the members of ISCX to conduct original research, design, and development for the Intelligent Tools for an Automated Security Analysis and Risk Management for Large-Scale Systems project. This project will be

carried out in collaboration with IBM Security Division and is mainly funded under the Atlantic Innovation Foundation (AIF) program. For more information on the project and ISCX, please see

To be considered for the position the applicant should have a PhD degree in Computer Science. Some postdoctoral research experience is an asset. Good oral and written communication skills and the ability to work on a team project are essential.

This is a full-time position, available as of October 1, 2014 and will initially be for one year, with the possibility of renewal for three more years. Salary will depend upon the qualifications and experience of the successful applicant.

Interested applicants should submit a covering letter, along with a resume, and the name, address, phone and e-email addresses of three academic references. Review of applications will begin in August 1, 2014 and will continue until the position is filled.

16:05 [Job][New]


15:17 [Job][New]


15:16 [Job][New] Full-Time PhD Position in Cryptographic Protocol Design, University of Twente, The Netherlands


The Centre for Telematics and Information Technology (CTIT) at the University of Twente invites applications for a 4-year PhD position in cryptographic protocol design.

In the course of the PhD project, the PhD student will deal with cryptographic concepts such as Homomorphic Encryption, Functional Encryption, and Secure Multiparty Computation. The research focus of the project is on the design and evaluation of new cryptographic protocols for specific application scenarios.

The PhD candidate will be expected to do active and internationally visible research which will be supervised by Dr. Andreas Peter from the Services, Cybersecurity and Safety Group of the University of Twente. The PhD candidate will be appointed for a period of four years, at the end of which he/she must have completed a PhD thesis. During this period, the PhD student has the opportunity to broaden his/her knowledge by joining international exchange programs, to participate in national and international conferences and workshops, and to visit other research institutes and universities worldwide.

Successful candidates must hold an outstanding M.Sc. degree (or equivalent) from the university study of Computer Science, Mathematics, or similar, obtained within the last two years. The topic of the master thesis should ideally have relevance to cryptography. Applications from students that are about to finish their master thesis will be accepted as well. Further requirements include excellent skills in the English language, firm knowledge in cryptography and basic programming skills. Early experiences with scientific publications are of advantage.

The position will be closed as soon as a suitable candidate is found. Applications must include:

  • CV and academic transcript (with grades)
  • motivation letter (including a description of prior

08:40 [Event][New] Cryptography Summer School

  From July 21 to July 24
Location: Bucharest, Romania
More Information:

08:34 [Event][New] AsiaCCS'15: 10th ACM Symposium on Information, Computer and Communications Security

  Submission: 26 October 2014
Notification: 22 December 2014
From April 14 to April 17
Location: Singapore, Singapore
More Information:

08:06 [Event][New] FSE 2015: 22nd International Workshop on Fast Software Encryption

  Submission: 7 November 2014
Notification: 16 January 2015
From March 8 to March 11
Location: İstanbul, Turkey
More Information:

18:17 [Pub][ePrint] On Key Recovery Attacks against Existing Somewhat Homomorphic Encryption Schemes, by Massimo Chenal and Qiang Tang

  In his seminal paper at STOC 2009, Gentry left it as a future work to investigate (somewhat) homomorphic encryption schemes with IND-CCA1 security. At SAC 2011, Loftus et al. showed an IND-CCA1 attack against the somewhat homomorphic encryption scheme presented by Gentry and Halevi at Eurocrypt 2011. At ISPEC 2012, Zhang, Plantard and Susilo showed an IND-CCA1 attack against the somewhat homomorphic encryption scheme developed by van Dijk et al. at Eurocrypt 2010. Both attacks recover the secret key of the encryption schemes.

In this paper, we continue this line of research and show that most existing somewhat homomorphic encryption schemes are not IND-CCA1 secure. In fact, we show that these schemes suffer from key recovery attacks (stronger than a typical IND-CCA1 attack), which allow an adversary to recover the private keys through a number of decryption oracle queries. The schemes, that we study in detail, include those by Brakerski and Vaikuntanathan at Crypto 2011 and FOCS 2011, and that by Gentry, Sahai and Waters at Crypto 2013. We also develop a key recovery attack that applies to the somewhat homomorphic encryption scheme by van Dijk et al., and our attack is more efficient and conceptually simpler than the one developed by Zhang et al.. Our key recovery attacks also apply to the scheme by Brakerski, Gentry and Vaikuntanathan at ITCS 2012, and we also describe a key recovery attack for the scheme developed by Brakerski at Crypto 2012.

18:17 [Pub][ePrint] On Decomposition of an NFSR into a Cascade Connection of Two Smaller, by Tian Tian and Wen-Feng Qi

  Nonlinear feedback shift registers (NFSRs) are an important type of sequence generators used for building stream ciphers. The shift register used in Grain, one of eSTREAM finalists, is a cascade connection of two NFSRs, which is also known as nonlinear product-feedback shift registers proposed in 1970. This paper provides a series of algorithms to decompose a given NFSR into a cascade connection of two smaller NFSRs. By decomposing an NFSR into a cascade connection of two smaller NFSRs, some properties regarding cycle structure of the original NFSR could be known.

18:17 [Pub][ePrint] Constrained Verifiable Random Functions, by Georg Fuchsbauer

  We extend the notion of verifiable random functions (VRF) to constrained VRFs, which generalize the concept of constrained pseudorandom functions, put forward by Boneh and Waters (Asiacrypt\'13), and independently by Kiayias et al. (CCS\'13) and Boyle et al. (PKC\'14), who call them delegatable PRFs and functional PRFs, respectively. In a standard VRF the secret key $\\sk$ allows one to evaluate a pseudorandom function at any point of its domain; in addition, it enables computation of a non-interactive proof that the function value was computed correctly. In a constrained VRF from the key $\\sk$ one can derive constrained keys $\\sk_S$ for subsets $S$ of the domain, which allow computation of function values and proofs only at points in $S$.

After formally defining constrained VRFs, we derive instantiations from the multilinear-maps-based constrained PRFs by Boneh and Waters, yielding a VRF with constrained keys for any set that can be decided by a polynomial-size circuit. Our VRFs have the same function values as the Boneh-Waters PRFs and are proved secure under the same hardness assumption, showing that verifiability comes at no cost. Constrained (functional) VRFs were stated as an open problem by Boyle et al.