International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

17:39 [Job][New] Postdoc, Microsoft Research

  I wanted to bring your attention to the availability of post-doc research positions at MSR Cambridge.

The Constructive Security team within Programming Principles and Tools devises formal techniques and models for understanding cryptographic primitives, protocols and security critical systems, and develops related implementation technology. Our approach is informed by code-based cryptographic reasoning as well as cutting-edge language-based security and program verification. We are looking for exceptional postdoctoral research candidates to join our vibrant research community.

MSR Cambridge:

Programming Principles and Tools:

Constructive Security:

To apply for a post-doc position, use the tool here:

The deadline for completed applications and references is January 5 – do start early so your referees can upload their letters in time.

It’s a good idea to drop me (markulf (at) or Cedric (fournet (at) an email too, to let us know you plan to apply.

17:53 [Event][New] EUSIPCO: European Signal Processing Conference, Information Forensics and Security

  Submission: 13 February 2015
Notification: 22 May 2015
From August 31 to September 4
Location: Nice, France
More Information:

18:59 [PhD][New]


18:58 [PhD][New]


18:57 [PhD][New] Miklos Santha

  Name: Miklos Santha

18:57 [PhD][Update] Henri Gilbert: Cryptanalyse des algorithmes de chiffrement symétrique

  Name: Henri Gilbert
Topic: Cryptanalyse des algorithmes de chiffrement symétrique
Category:secret-key cryptography

15:32 [Job][New] Ph.D. student and Post-Doc, University of Luxembourg

  The Laboratory of Algorithms, Cryptology and Security (LACS) at the University of Luxembourg is looking for one post-doc and one Ph.D. student to work on a new project on Fully Homomorphic Encryption (FHE). The goal is to improve existing FHE schemes, and possibly design and implement new ones.

The post-doc candidate should have a Ph.D. in cryptography. Experience with FHE is a plus but not a necessity. The Ph.D. candidate should have a master in computer science or in mathematics. Both positions are for three years.

To apply please follow the link below.

Ph.D. student:


15:32 [Job][New] Postdoc, Saarland University, Germany

  Starting 2015 the Information Security & Cryptography Group at Saarland

University, Germany, has several open positions for postdocs and we are

looking forward to your application.

Our major current research focus is on the recently awarded ERC Synergy

Grant imPACT, which aims at providing foundations for privacy,

accountability, compliance and trust in the Internet of the Future,

including cutting-edge methods and tools for assessing and enhancing

customer privacy.

You have the chance to work at one of Europe\'s top sites for IT security

and privacy research, in the beautiful region between Germany, France

and Luxembourg with a high quality of life. Postdocs are paid employees

of Saarland University. Salary and employment conditions are attractive.

We encourage the application of outstanding PhDs in computer science or

IT security, who would like to work with us in the field of next

generation privacy techniques. The positions start from February 1, 2015

or later and are funded for two years, with a possible extension by one

year. We solicit applications by January 15, 2015, but we will consider

applications until the positions are filled. Applications should include a

curriculum vitae, a brief description of research interests, three

selected own publications, and, if available, letters of recommendation.

Applications and informal inquiries should be sent to Michael Backes at

the following email address: application-erc (at)

Further information:

Center for IT Security, Privacy and Accountability -

Information Security & Cryptography Group -

ERC Synergy Grant imPACT -

04:17 [Pub][ePrint] Undermining Isolation through Covert Channels in the Fiasco.OC Microkernel, by Michael Peter and Jan Nordholz and Matthias Petschick and Janis Danisevskis and Julian Vetter and Jean-Pierre Seifert

  In the new age of cyberwars, system designers have

come to recognize the merits of building critical systems on top

of small kernels for their ability to provide strong isolation at

system level. This is due to the fact that enforceable isolation is

the prerequisite for any reasonable security policy. Towards this

goal we examine some internals of Fiasco.OC, a microkernel of

the prominent L4 family. Despite its recent success in certain highsecurity

projects for governmental use, we prove that Fiasco.OC

is not suited to ensure strict isolation between components meant

to be separated.

Unfortunately, in addition to the construction of system-wide

denial of service attacks, our identified weaknesses of Fiasco.OC

also allow covert channels across security perimeters with high

bandwidth. We verified our results in a strong affirmative way

through many practical experiments. Indeed, for all potential use

cases of Fiasco.OC we implemented a full-fledged system on its

respective archetypical hardware: Desktop server/workstation on

AMD64 x86 CPU, Tablet on Intel Atom CPU, Smartphone on

ARM Cortex A9 CPU. The measured peak channel capacities

ranging from 13500 bits/s (Cortex-A9 device) to 30500 bits/s

(desktop system) lay bare the feeble meaningfulness of Fiasco.

OC\'s isolation guarantee. This proves that Fiasco.OC cannot

be used as a separation kernel within high-security areas.

04:17 [Pub][ePrint] Statistical weakness in Spritz against VMPC-R: in search for the RC4 replacement, by Bartosz Zoltak

  We found a statistical weakness in the Spritz algorithm designed by Ronald L. Rivest and Jacob C. N. Schuldt. For N=8: Prob(output(x)=output(x+2)) = 1/N + 0.000498. The bias becomes statistically significant (for N=8) after observing about 2^21.9 outputs. Analogous bias occurs for N=16. We propose an algorithm (VMPC-R) which for N=8 produced 2^46.8 (31 million times more) outputs which remained undistinguishable from random in the same battery of tests. Supported by a series of additional statistical tests and security analyses we present VMPC-R as an algorithm we hope can be considered a worthwhile replacement for RC4.

04:17 [Pub][ePrint] Related-Key Differential Attack on Round Reduced RECTANGLE-80, by Jinyong Shan and Lei Hu and Ling Song and Siwei Sun and Xiaoshuang Ma

  RECTANGLE is a newly proposed lightweight block cipher which allows fast implementations for multiple platforms by using bit-slice techniques. It is an iterative 25-round SPN block cipher with a 64-bit block size and a 80-bit or 128-bit key size. Until now, the results on analyzing the cipher are not too much, which includes an attack on the 18-round reduced version proposed by the designers themselves. In this paper, we find all 15-round differential characteristics with 26--30 active S-boxes for given input, output and round subkey differences, which have a total probability $2^{-60.5}$. Based on these differential characteristics, we extend the corresponding distinguisher to 2 rounds backward and forward respectively, and propose an attack on the 19-round reduced RECTANGLE-80 with data complexity of $2^{62}$ plaintexts, time complexity of about $2^{67.42}$ encryptions and memory complexity of $2^{72}$. TThese data and time complexities are much lower than that of the designers for the 18-round reduced RECTANGLE-80.