International Association for Cryptologic Research

# IACR News Central

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2015-04-06
18:38 [Event][New]

Submission: 15 December 2015
From May 31 to June 2
Location: Kota Kinabalu, Sabah, Malaysia

17:10 [News]

The IACR has selected 6 new members to be recognized as Fellows of the IACR. The 2015 Fellows are (in alphabetical order):

• Ernie Brickell, for founding the Journal of Cryptology, for industrial implementations supporting privacy, and for contributions to secret sharing, attestation, and the cryptanalysis of knapsack-based cryptosystems.
• Joe Kilian, for ingenious contributions to areas including primality testing, secure computation, oblivious transfer, interactive proofs, zero knowledge, and watermarking.
• Kaisa Nyberg, for fundamental contributions to the design and analysis of block ciphers, for contributions to mobile phone security, and for service to the IACR.
• Tatsuaki Okamoto, for theoretical and practical contributions to areas including encryption, signatures, identification, elliptic-curve cryptosystems, zero knowledge, and electronic cash, and for service to the IACR.
• Bart Preneel, for outstanding service to the IACR, for numerous research contributions, for sustained educational leadership, and for effectively leading the European cryptologic research community.
• Tal Rabin, for contributions to the theory of multiparty computation, encryption, and signatures, and for leadership on cryptographic research within industry.

In 2004, the IACR established the IACR Fellows Program to recognize outstanding IACR members for technical and professional contributions that:

• Advance the science, technology, and practice of cryptology and related fields;
• Promote the free exchange of ideas and information about cryptology and related fields;
• Develop and maintain the professional skill and integrity of individuals in the cryptologic community;
• Advance the standing of the cryptologic community in the wider scientific and technical world and promote fruitful relationships between the IACR and other scientific and technical organizations.
In general, two broad categories of accomplishment will be considered: technical contributions and distinguished service to the cryptologic community. Fellows are expected to be "model citizens" of the cryptologic community, and thus most of them will have demonstrated sustained and significant accomplishment in both categories, but a very small number may be chosen for unique and crucial accomplishment in one category only.

More information about the Fellows program, including the list of all Fellows, can be found at http://iacr.org/fellows/.

2015-04-04
20:40 [Event][New]

Submission: 1 June 2015
From September 21 to September 22
Location: Vienna, Austria

2015-04-03
16:34 [Job][New]

1. Security mechanisms in Internet of Things

Contact: Xin.Huang (at) xjtlu.edu.cn

2. Wireless localization

Contact: Dawei.Liu (at) xjtlu.edu.cn

The two PhD fundings start from 2015-09, please send your applications as soon as possible.

Requirements:

The candidate should have a first class or upper second class honours degree, or a master’s degree, in Computer Science, Electrical Engineering, or Security.

Degree:

The student will be awarded a PhD degree from the University of Liverpool (UK) upon successful completion of the program.

Funding:

The award covers tuition fees for three years (currently equivalent to RMB 80,000 per annum) and provides a monthly stipend of 3500 RMB as a contribution to living expenses.

How to Apply:

Interested applicants are advised to email the following documents to

Doctoralstudies (at) xjtlu.edu.cn (please put the project title and primary supervisor’s name in the subject line).

• CV

• Two reference letters

• Personal statement outlining your interest in the position

• IELTS score of above 6.5 or equivalent is required

• Verified school transcripts in both Chinese and English (for international students, only the English version is required)

• Verified certificates of education qualifications in both Chinese and English (for international students, only the English version is required)

16:33 [Job][New]

The University of Luxembourg is looking for a Postdoc in Cryptography, with a fixed-term contract of 3 years.

You will work on a new project on Fully Homomorphic Encryption (FHE). The goal is to improve existing FHE schemes, and possibly design and implement new ones.

You should have a PhD in cryptography. Experience with FHE is a plus but not a necessity.

We offer a personal work space at the University, a highly competitive salary, and a dynamic and multicultural environment.

To apply: http://emea3.mrted.ly/n139

Please send your application online until May 15th, 2015. Applications will be considered on receipt therefore applying before the deadline is encouraged

2015-04-01
23:54 [Job][New]

Key Job Responsibilities:

Conduct both fundamental as well as applied research that advances the state-of-the-art and deliver innovation. Candidate should have the ability to conduct (and desirably lead) research projects in the area of System-, Cloud-, or Networking- Security, in collaboration with other Bell Labs researchers (on site and overseas) as well as development engineers.

Research areas of interest include (but are not limited to):

- Network security;

- Security of Cloud and large-scale distributed systems;

- Security aspects of Programmable software-defined networks, Network controllers;

- Security of Systems at large.

Education: PhD in Computer Science or Electric Engineering related to security

Skills and Experience:

Proven research ability in the area of Networking-, System- or Cloud- Security. Experience with software development, system architecture, test-beds, simulations, or deployment and integration is strongly desired.

23:44 [Job][New]

A post-doctoral position is immediately available in Bell Labs Israel. The research group is focused on the field of "distributed cloud networking" a new paradigm in which Cloud and SDN are used to virtualized many of the services currently deployed over dedicated hardware. The candidate is expected to conduct research in the area of Cloud, Networking, or System Security, in collaboration with other Bell Labs researchers as well as development engineers. Specific interest fields include, but are not limited to SDN, NFV, or Cloud infrastructure security.

Education: recent PhD in Computer Science or Electric Engineering related to cyber and security

Skills and Experience: Proven research ability in the area of Networking, System, or Cloud, Security. Experience with software or hardware development, system architecture, test-beds, or deployment and integration is strongly desired.

15:17 [Pub][ePrint]

We propose a method for integrating NTRUEncrypt into the ntor key exchange protocol as a means of achieving a quantum-safe variant of forward secrecy. The proposal is a minimal change to ntor, essentially consisting of an NTRUEncrypt-based key exchange performed in parallel with the ntor handshake. Performance figures are provided demonstrating that the client bears most of the additional overhead, and that the added load on the router side is acceptable.

We make this proposal for two reasons. First, we believe it to be an interesting case study into the practicality of quantum-safe cryptography and into the difficulties one might encounter when transitioning to quantum-safe primitives within real-world protocols and code-bases. Second, we believe that Tor is a strong candidate for an early transition to quantum-safe primitives; users of Tor may be justifiably concerned about adversaries who record traffic in the present and store it for decryption when technology or cryptanalytic techniques improve in the future.

15:17 [Pub][ePrint]

Precomputation techniques are useful to improve real-time performance of complex algorithms at the expense of extra memory, and extra preparatory computations. This practice is neglected especially in the embedded context where energy and memory space is limited. Instead, the embedded space favors the immediate reduction of energy and memory footprint. However, the embedded platforms of the future may be different from the traditional ones. Energy-harvesting sensor nodes may extract virtually limitless energy from their surrounding, while at the same time they are able to store more data at cheaper cost, thanks to Moore\'s law. Yet, minimizing the run-time energy and latency will still be primary targets for today\'s as well as future real-time embedded systems. Another important challenge for the future systems is to provide efficient public-key based solutions that can thwart quantum-cryptanalysis. In this article, we address these two concepts. We apply precomputation techniques on two post-quantum digital signature schemes: hash-based and lattice-based digital signatures. We first demonstrate that precomputation methods are extensible to post-quantum cryptography and are applicable on current energy-harvesting platforms. Then, we quantify its impact on energy, execution time, and the overall system yield. The results show that precomputation can improve the run-time latency and energy consumption up to a factor of 82.7$\\times$ and 11.8$\\times$, respectively. Moreover, for a typical energy-harvesting profile, it can triple the total number of generated signatures. We reveal that precomputation enables very complex and even probabilistic algorithms to achieve acceptable real-time performance on resource-constrained platforms. Thus, it will expand the scope of post-quantum algorithms to a broader range of platforms and applications.

15:17 [Pub][ePrint]

A new lightweight stream cipher, Sprout, has been presented at FSE 2015. The main concern in the design philosophy of the cipher is to decrease the internal state size without compromising the security against Time-Memory-Data (TMD) tradeoff attacks. In this work, we have mounted a TMD tradeoff attack to Sprout using $2^d$ output bits in $2^{71.7-d}$ encryptions of Sprout along with $2^{d}$ table lookups. The memory complexity is $2^{85-d}$ where $d\\leq 40$. In one instance, it is possible to recover the key in faster than $2^{33}$ encryption time if we have $2^{40}$ bits of keystream output by using tables of 770 Terabytes in total. The offline phase of preparing the tables consists of solving roughly $2^{42}$ system of linear equations with 20 unknowns.

15:17 [Pub][ePrint]

Pairing-based cryptography has exploded over the last decade, as this algebraic setting offers good functionality and efficiency. However, there is a huge security gap between how schemes are usually analyzed in the academic literature and how they are typically implemented. The issue at play is that there exist multiple types of pairings: Type-I called \"symmetric\" is typically how schemes are presented and proven secure in the literature, because it is simpler and the complexity assumptions can be weaker; however, Type-III called \"asymmetric\" is typically the most efficient choice for an implementation in terms of bandwidth and computation time.

There are two main complexities when moving from one pairing type to another. First, the change in algebraic setting invalidates the original security proof. Second, there are usually multiple (possibly thousands) of ways to translate from a Type-I to a Type-III scheme, and the \"best\" translation may depend on the application.

Our contribution is the design, development and evaluation of a new software tool, AutoGroup+, that automatically translates from Type-I to Type-III pairings. The output of AutoGroup+ is: (1) \"secure\" provided the input is \"secure\" and (2) optimal based on the user\'s efficiency constraints (excluding software and run-time errors). Prior automation work for pairings was either not guaranteed to be secure or only partially automated and impractically slow. This work addresses the pairing security gap by realizing a fast and secure translation tool.