International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

12:15 [Job][New] Postdoc Positions in Cloud-Computing and Storage Security, IBM Research - Zurich

  Postdoc Positions in Cloud-Computing and Storage Security

The cloud storage and cloud solutions security research teams at IBM Research - Zurich are looking for outstanding researchers to strengthen their activities covering security mechanisms for storage systems and cloud computing. Topics include cryptographic schemes addressing privacy and authenticity, software-defined storage systems, and distributed secure protocols.

The successful candidate will hold a PhD in computer science or a related field, with an excellent record of publications and other accomplishments in the field. A good understanding of cryptographic techniques and a strong background in storage systems, file systems, databases, distributed systems and operating systems is beneficial. Candidates must have a strong desire and proven ability to conduct research independently, invent new ideas, implement them in real systems, and publish the results of their work.

The highly motivated, creative individual will join a multi-disciplinary research team to design and implement advanced mechanisms for protecting cloud computing and storage systems.

IBM is committed to diversity at the workplace. With us, you will find an open, multicultural environment. Excellent, flexible working arrangements enable both women and men to strike the desired balance between their professional development and their personal lives.

Multiple positions are available with starting dates in 2015. For obtaining more information about the topic, please contact: Dr. Christian Cachin and mention \"Cloud security position\" in the subject line.

There is no specific closing date, even though the form here asks for a date.

To apply, please send your CV including contact information for two references by email to: cloudsec (at)

IBM Research - Zurich

12:10 [Event][New] ACISP 2015: 20th Australasian Conference on Information Security and Privacy

  Submission: 20 February 2015
Notification: 6 April 2015
From June 30 to July 1
Location: Brisbane, Australia
More Information:

02:11 [Job][New] Post-Doc, Université de Caen Basse-Normandie

  Applications are invited a post-doctoral position in pairing-based cryptography at Caen University. The successful applicant will participate in the project SIMPATIC (SIM and PAiring Theory for Information and Communications security) financed by the French governemental research funding agency ANR (Agence Nationale de la Recherche) and organized by Orange Labs, Caen. He/she will be a member of one of the research teams in the Computer Science (GREYC) or Mathematics (LMNO) laboratories at Caen University, France.

The position is open for one year. The starting date can be arranged as convenient, but in any case not later than 1st July 2015.

The partners involved in the SIMPATIC project are the crypto teams of the Laboratoire d\'Informatique de l\'ENS Paris, of IMB (Bordeaux), of University Paris 8, of University Rennes 1, Oberthur, INVIA, ST (Le Mans) and Orange Labs (Caen).

The successful applicant will work on the conception of cryptographic primitives suitable for SIMs and other small supports. Candidates are expected to have a high quality potential in theoretical cryptography. He/she will be expected to interact with members of the Applied Crypto Group (ACG) at Orange Labs (OL) in Caen.

However, if no suitable applicant is found, we shall consider hiring a candidate to work on one of the other themes of the project, with a priority on the study of suitable pairing-friendly curves, both theoretical and algorithmic aspects. Such candidates should have a very strong background in relevant number theory and algebraic geometry. Some experience in software implementation (for example in Pari, Magma, Sage, ...) would be useful.

Candidates must hold a PhD thesis or equivalent in mathematics or computer science, together with a strong research record. Applicants should send a detailed curriculum vitae, list of publications, and arrange for letters of recommandation to arrive not later than 1st April 201

02:11 [Job][New]


02:04 [PhD][New] AbdelAlim Kamal Farag: Cryptanalysis and Secure Implementation of Modern Cryptographic Algorithms

  Name: AbdelAlim Kamal Farag
Topic: Cryptanalysis and Secure Implementation of Modern Cryptographic Algorithms
Category: public-key cryptography

Description: Cryptanalytic attacks can be divided into two classes: pure mathematical attacks and Side Chan- nel Attacks (SCAs). Pure mathematical attacks are traditional cryptanalytic techniques that rely on known or chosen input /output pairs of the cryptographic function and exploit the inner structure of the cipher to reveal the secret key information. On the other hand, in SCAs, it is assumed that attackers have some access to the cryptographic device and can gain some information from its physical implementation.\r\nCold-boot attack is a SCA which exploits the data remanence property of Random Access Memory (RAM) to retrieve its content which remains readable shortly after its power has been removed. Fault analysis is another example of SCAs in which the attacker is assumed to be able to induce faults in the cryptographic device and observe the faulty output. Then, by careful inspection of faulty outputs, the attacker recovers the secret information, such as secret inner state or secret key. Scan-based Design-For-Test (DFT) is a widely deployed technique for testing hardware chips. Scan-based SCAs exploit the information obtained by analyzing the scanned data in order to retrieve secret information from cryptographic hardware devices that are designed with this testability feature.[...]

20:18 [PhD][New] Benjamin Fuller: Strong Key Derivation from Noisy Sources

  Name: Benjamin Fuller
Topic: Strong Key Derivation from Noisy Sources
Category: foundations

Description: A shared cryptographic key enables strong authentication. Candidate sources for creating such a shared key include biometrics and physically unclonable functions. However, these sources come with a substantial problem: noise in repeated readings.\r\n\r\nA fuzzy extractor produces a stable key from a noisy source. It consists of two stages. At enrollment time, the generate algorithm produces a key from an initial reading of the source. At authentication time, the reproduce algorithm takes a repeated but noisy reading of the source, yielding the same key when the two readings are close. For many sources of practical importance, traditional fuzzy extractors provide no meaningful security guarantee. \r\n\r\nThis dissertation improves key derivation from noisy sources. These improvements stem from three observations about traditional fuzzy extractors. \r\n\r\nFirst, the only property of a source that standard fuzzy extractors use is the entropy in the original reading. We observe that additional structural information about the source can facilitate key derivation. \r\n\r\nSecond, most fuzzy extractors work by first recovering the initial reading from the noisy reading (known as a secure sketch). This approach imposes harsh limitations on the length of the derived key. We observe that it is possible to produce a consistent key without recovering the original reading of the source.\r\n\r\nThird, traditional fuzzy extractors provide information-theoretic security. However, security against computationally bounded adversaries is sufficient. We observe fuzzy extractors providing computational security can overcome limitations of traditional approaches.\r\n\r\nThe above observations are supported by negative results and constructions. As an example, we combine all three observations to construct a fuzzy extractor achieving properties that have eluded prior approaches. The construction remains secure even when the initial enrollment phase is repeated multiple t[...]

20:18 [PhD][Update] Jian Guo: Analysis of Cryptographic Hash Functions

  Name: Jian Guo
Topic: Analysis of Cryptographic Hash Functions
Category:secret-key cryptography

Description: This thesis concentrates on analysis of cryptographic hash functions, one of the most important primitives used in the modern cryptography. We start with an introduction of the cryptographic hash functions, and a survey on the development of the cryptanalysis tools. To enrich the cryptanalysts’ toolbox, we developed several interesting techniques under the framework of differential cryptanalysis, and applied them to LAKE, BLAKE, ARIRANG and BMW to ?nd collisions. We also improved the meet-in-the-middle preimage attacks, one of the most powerful techniques for breaking one-wayness of many functions, and applied these techniques to SHA-2, Tiger, MD4, and HAVAL to ?nd preimages. All these techniques await for further development and applications to other hash functions including the candidates in current SHA-3 competition.[...]

13:17 [Pub][ePrint] CamlCrush: A PKCS\\#11 Filtering Proxy, by R. Benadjila and T. Calderon and M. Daubignard

  PKCS\\#11 is a very popular cryptographic API: it is the standard used by many Hardware Security Modules, smartcards and software cryptographic tokens. Several attacks have been uncovered against

PKCS\\#11 at different levels: intrinsic logical flaws, cryptographic

vulnerabilities or severe compliance issues. Since affected hardware remains widespread in computer infrastructures, we propose a user-centric and pragmatic approach for secure usage of vulnerable devices.

We introduce \\textit{Caml Crush}, a PKCS\\#11 filtering proxy. Our solution allows to dynamically protect PKCS\\#11 cryptographic tokens from state of the art attacks. This is the first approach that is immediately applicable to commercially available products. We provide a fully functional open source implementation with an extensible filter engine effectively shielding critical resources. This yields additional advantages to using \\textit{Caml Crush} that go beyond classical PKCS\\#11 weakness mitigations.

13:17 [Pub][ePrint] Optimally Efficient Multi-Party Fair Exchange and Fair Secure Multi-Party Computation, by Handan Kılınç and Alptekin Küpçü

  Multi-party fair exchange (MFE) and fair secure multi-party computation (fair SMPC) are under-studied fields of research, with practical importance. We examine MFE scenarios where every participant has some item, and at the end of the proto- col, either every participant receives every other participant\'s item, or no participant receives anything. This is a particularly hard scenario, even though it is directly ap- plicable to protocols such as fair SMPC or multi-party contract signing. We further generalize our protocol to work for any exchange topology. We analyze the case where a trusted third party (TTP) is optimistically available, although we emphasize that the trust put on the TTP is only regarding the fairness, and our protocols preserve the privacy of the exchanged items even against a malicious TTP.

We construct an asymptotically optimal (for the complete topology) multi-party fair exchange protocol that requires a constant number of rounds, in comparison to linear, and O(n^2) messages, in comparison to cubic, where n is the number of par- ticipating parties. We enable the parties to efficiently exchange any item that can be efficiently put into a verifiable escrow (e.g., signatures on a contract). We show how to apply this protocol on top of any SMPC protocol to achieve a fairness guarantee with very little overhead, especially if the SMPC protocol works with arithmetic cir- cuits. Our protocol guarantees fairness in its strongest sense: even if all n − 1 other participants are malicious and colluding, fairness will hold.

13:17 [Pub][ePrint] A lightweight-friendly modifcation of GOST block cipher, by Andrey Dmukh and Denis Dygin and Grigory Marshalko

  We study the possibility of GOST block cipher modifcation in such way, that

it would resist Isobe and Dinur-Dunkelman-Shamir attacks, and, at the same time,

would be still lightweight-friendly.

13:17 [Pub][ePrint] Arithmetic Addition over Boolean Masking - Towards First- and Second-Order Resistance in Hardware, by Tobias Schneider and Amir Moradi and Tim Güneysu

  A common countermeasure to thwart side-channel analysis attacks is algorithmic masking. For this, algorithms that mix Boolean and arithmetic operations need to either apply two different masking schemes with secure conversions or use dedicated arithmetic units that can process Boolean masked values. Several proposals have been published that can realize these approaches securely and efficiently in software. But to the best of our knowledge, no hardware design exists that fulfills relevant properties such as efficiency and security at the same time.

In this paper, we present two design strategies to realize a secure and efficient arithmetic adder for Boolean-masked values. First, we introduce an architecture based on the ripple-carry adder that targets low-cost applications. The second architecture is based on a pipelined Kogge-Stone adder and targets high-performance applications. In particular, all our implementations adopt the threshold implementation approach to improve their resistance against SCA attacks even in the presence of glitches. We evaluated the security of our designs practically against SCA using a non-specific statistical t-test. Based on our analysis, we show that our constructions not only achieve resistance against first- and (univariate) second-order attacks but also require fewer random bits per operation compared to any existing software-based approach.