International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

23:25 [Job][New] Software Security Engineer, Oblong Industries

  Oblong Industries

Los Angeles, CA, United States


What would you do: Oblong is looking for a Security Software Engineer responsible for keeping our core product, Mezzanine, secure. This is a high-impact role in charge of enhancing our existing PKI, writing new security related code, auditing existing code and architectures for security flaws, and reviewing new features for security and privacy. You will work closely with many parts of the organization and interact with customers occasionally. Clear communications skills are crucial for this role.


• Develop production-quality code

• Architect and develop security requirements for Mezzanine

• Take responsibility for current PKI and code

• Improve and maintain current Mezzanine security policies and communicate them to other parts of the company

• Keep up-to-date with software vulnerabilities and provide and implement recommendations

• Evaluate third-party security updates


• Substantial experience delivering production-quality, security-related code

• Fluency in C and C++ programming and at least one scripting language

• Proven ability to design security policies and specifications

• Excellent written and verbal communications

• Good understanding of cryptography (symmetric and asymmetric ciphers) and secure protocols (TLS, SRTP)

• Experience with at least one crypto library (e.g. OpenSSL, GnuTLS)

• Good knowledge of PKI and certificate standards

Nice to have:

• Experience working with Open Source projects

• DOD 8570 compliant certification such as CISSP, CISM, CISA or equivalent

Benefits and perks:

• Competitive compensation package of salary and stock options?

• Medical, dental, and vision insurance ?

• 401K plan

• Gourmet lunches 3 days/week

15:39 [Event][New] SPE2015: IEEE 5th International Workshop on Security and Privacy Engineering

  Submission: 14 April 2015
Notification: 24 April 2015
From June 27 to July 2
Location: New York, USA
More Information:

17:55 [Job][New] Marie Sklodowska-Curie Research Fellows in Cryptography (Early Stage Researchers - 2 posts), Royal Holloway, University of London

  The Information Security Group at Royal Holloway, University of London, is seeking to recruit two Marie Sklodowska-Curie Research Fellows in Cryptography to start in September 2015, as part of the ECRYPT-NET project.

ECRYPT-NET is a research network of six universities and two companies that intends to develop advanced cryptographic techniques for the Internet of Things and the Cloud, and to create efficient and secure implementations of those techniques on a broad range of platforms. ECRYPT-NET is funded by a prestigious Marie Sklodowska-Curie ITN (Integrated Training Network) grant. The network will educate a group of 15 PhD students with a set of interdisciplinary skills in the areas of mathematics, computer science and electrical engineering. The training will be provided in an international context that include Summer Schools, workshops and internships. Participants are expected to spend at least six months abroad in a network partner or in one of the seven associated companies. We are looking for highly motivated candidates, ideally with background on cryptology and with proven research abilities.

Two of the ECRYPT-NET ESR (Early Stage Researcher) positions will be based at the Information Security Group at Royal Holloway, to work on the following projects:

(1) Design and analysis of efficient and lightweight authenticated encryption schemes.

(2) Secure outsourcing of computation.

Marie Curie ITN eligibility criteria apply to both of these positions.

Founded in 1990, the Information Security Group at Royal Holloway is a world-leading interdisciplinary research group dedicated to research and education in the area of cyber security, with an extensive and long-standing record of research in cryptography. It has 16 established academics, 11 RAs, and over 50 PhD students. It gained the status of UK Academic Centre of Excellence in Cyber Security Research by EPSRC and GCHQ, and hosts one of the

12:17 [Pub][ePrint] Fully-Dynamic Verifiable Zero-Knowledge Order Queries for Network Data, by Esha Ghosh and Michael T. Goodrich and Olga Ohrimenko and Roberto Tamassia

  We show how to provide privacy-preserving (zero-knowledge) answers to order queries on network data that is organized in lists, trees, and partially-ordered sets of bounded dimension. Our methods are efficient and dynamic, in that they allow for updates in the ordering information while also providing for quick and verifiable answers to queries that reveal no information besides the answers to the queries themselves.

12:17 [Pub][ePrint] A Note on Scalar Multiplication Using Division Polynomials, by Binglong~Chen, Chuangqiang~Hu and~Chang-An~Zhao

  Scalar multiplication is the most important and expensive operation in elliptic curve cryptosystems. In this paper we improve the efficiency of the Elliptic Net algorithm to compute scalar multiplication by using the equivalence of elliptic nets. The proposed method saves $four$ multiplications in each iteration loop. Experimental results also indicates that our algorithm will be more efficient than the previously known results in this line.

12:17 [Pub][ePrint] Improved Linear Trails for the Block Cipher Simon, by Tomer Ashur

  Simon is a family of block ciphers designed by the NSA and published in 2013. Due to their simple structure and the fact that the specification lacked security design rationale, the ciphers have been the subject of much cryptanalytic work, especially using differential and linear cryptanalysis.

We improve previously published linear trail bias estimations by presenting a novel method to calculate the bias of short linear hulls in Simon and use them to construct longer linear approximations. By using these linear approximations we present key recovery attacks of up to 25 rounds for Simon64/128, 24 rounds for Simon32/64, Simon48/96, and Simon64/96, and 23 rounds for Simon48/72. The attacks on Simon32 and Simon48 are currently the best attacks on these versions. The attacks on Simon64 do not cover as many rounds as attacks using differential cryptanalysis but they work in the more natural setting of known plaintexts rather than chosen plaintexts.

12:17 [Pub][ePrint] Impossible Differential Cryptanalysis of Reduced Round SIMON, by Zhan Chen and Ning Wang and Xiaoyun Wang

  Impossible differential is a useful method for cryptanalysis. SIMON is a light weight block cipher that has attracted lots of attention ever since its publication in 2013. In this paper we propose impossible differential attack on five versions of SIMON, using bit conditions to minimize key bits guessed. We calculate keybits and give the exact attack results.

20:54 [Job][New] Internship – M.S./Ph.D. student in Computer Science or a closely related field, Bosch Research and Technology Center North America – 2835 East Carson St., Pittsburgh, PA, 15203 USA


Robert Bosch RTC is looking to fill several internship positions in its Software Intensive Systems research group in Pittsburgh to work on a variety of applied cryptography, (embedded and hardware) security, and privacy related projects. Applicants with a history of building secure systems are particular encouraged to apply. Ideal candidates for this position should have experience in one of the following:

  • Applied cryptography and protocols
  • Distributed system security and cloud computing
  • Privacy enhancing technologies
  • Data mining and security
  • Embedded security, hardware security and noisy crypto, PUFs, etc.

Candidates pursuing a Ph.D. in Computer Science or a related area are preferred. Specific internship projects and requirements are as follows:

  • Secure Databases: requires expertise in SQL databases and applied cryptography.
  • Distributed Security: requires expertise in distributed systems and applied crypto. Knowledge and or familiarity with two party or multi-party computation highly desirable.
  • Hardware supported encryption operations: requires expertise in VHDL, FPGAs, and applied crypto. Knowledge of trusted computing, computer architecture are highly desirable.
  • Physics-based security I: requires expertise in signal processing and applied crypto mechanisms. Familiarity and knowledge of data mining, PUFs, watermarking highly desirable.
  • Physics-based security II: requires expert knowledge of image processing algorithms. Familiarity with cryptographic algorithms will be helpful.
  • Software Engineer: expert knowledge of java, software architecture and GUI design. Familiarity with security risk analysis and assessments is desirable.

15:17 [Pub][ePrint] Leakage-Flexible CCA-secure Public-Key Encryption: Simple Construction and Free of Pairing, by Baodong Qin and Shengli Liu

  In AsiaCrypt~2013, Qin and Liu proposed a new approach to CCA-security of Public-Key Encryption (PKE) in the presence of bounded key-leakage, from any universal hash proof system (due to Cramer and Shoup) and any one-time lossy filter (a simplified version of lossy algebraic filters, due to Hofheinz). They presented two instantiations under the DDH and DCR assumptions, which result in leakage rate (defined as the ratio of leakage amount to the secret-key length) of $1/2-o(1)$. In this paper, we extend their work to broader assumptions and to flexible leakage rate, more specifically to leakage rate of $1-o(1)$.


\\item We introduce the Refined Subgroup Indistinguishability (RSI) assumption, which is a subclass of subgroup indistinguishability assumptions, including many standard number-theoretical assumptions, like the quadratic residuosity assumption, the decisional composite residuosity assumption and the subgroup decision assumption over a group of known order defined by Boneh et al.

\\item We show that universal hash proof (UHP) system and one-time lossy filter (OT-LF) can be simply and efficiently constructed from the RSI assumption. Applying Qin and Liu\'s paradigm gives simple and efficient PKE schemes under the RSI assumption.

\\item With the RSI assumption over a specific group (free of pairing), public parameters of UHP and OT-LF can be chosen in a flexible way, resulting in a leakage-flexible CCA-secure PKE scheme. More specifically, we get the first CCA-secure PKE with leakage rate of $1-o(1)$ without pairing.


15:17 [Pub][ePrint] Dual System Encryption via Predicate Encodings, by Hoeteck Wee

  We introduce the notion of predicate encodings, an information-theoretic primitive reminiscent of linear secret-sharing that in addition, satisfies a novel notion of reusability. Using this notion, we obtain a unifying framework for adaptively-secure public-index predicate encryption schemes for a large class of predicates. Our framework relies on Waters\' dual system encryption methodology (Crypto \'09), and encompass the identity-based encryption scheme of Lewko and Waters (TCC \'10), and the attribute-based encryption scheme of Lewko et al. (Eurocrypt \'10). In addition, we obtain several concrete improvements over prior works. Our work offers a novel interpretation of dual system encryption as a methodology for amplifying a one-time private-key primitive (i.e. predicate encodings) into a many-time public-key primitive (i.e. predicate encryption).

15:17 [Pub][ePrint] Low Depth Circuits for Efficient Homomorphic Sorting, by Gizem S. \\c{C}etin and Yark{\\i}n Dor\\\"{o}z and Berk Sunar and Erkay Sava\\c{s}

  We introduce a sorting scheme which is capable of efficiently sorting encrypted data without the secret key. The technique is obtained by focusing on the multiplicative depth of the sorting circuit alongside the more traditional metrics such as number of comparisons and number of iterations. The reduced depth allows much reduced noise growth and thereby makes it possible to select smaller parameter sizes in somewhat homomorphic encryption instantiations resulting in greater efficiency savings. We first consider a number of well known comparison based sorting algorithms as well as some sorting networks, and analyze their circuit implementations with respect to multiplicative depth. In what follows, we introduce a new ranking based sorting scheme and rigorously analyze the multiplicative depth complexity as $O(\\log(N)+\\log(\\ell))$, where $N$ is the size of the array to be sorted and $\\ell$ is the bit size of the array elements. Finally, we simulate our sorting scheme using a leveled/batched instantiation of a SWHE library. Our sorting scheme performs favorably over the analyzed classical sorting algorithms.