International Association for Cryptologic Research

IACR News Central

Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

17:50 [Job][New] Post-Doc, Mathematical Institute, Oxford, UK

  This is a 3-year Postdoctoral Research Assistantship in Post-Quantum Cryptography. Candidates should have expertise in cryptography. Knowledge of quantum computing is desirable but not essential.

16:20 [Job][New] Ph.D. student in Security and Privacy of Cyber-Physical Systems, University College Cork, Ireland

  Project: Secure and Privacy-Preserving Cyber-Physical Systems

Subject to approval from funding agency, the research project will investigate security and privacy issues in Cyber-Physical Systems. A team of 5 researchers will work on the project, including 3 Ph.D. students.

Applications are invited for fixed-term studentships (annual value of €18K, plus fees) from suitably qualified candidates who wish to undertake a PhD within the Department of Computer Science. Applicants should have a Masters degree in computer science or a closely related discipline, although applications from truly exceptional students with a honours bachelor\'s degree will be considered. Ideally, applicants will have some project experience in the areas of network security (intelligent transportation systems or industrial control systems would be a plus), privacy, or more generally computer security. Applicants must have very good mathematical ability and an interest in systems programming and experimental computer science.

Applicants must demonstrate good inter-personal skills, and a high standard of spoken and written English. The positions are open to applicants of any nationality. Non-EU applicants should visit for UCC English Language Requirements.

How to apply:

Applications by email to Mary Noonan m.noonan (at) and must include “PhD Studentship CyPS” in the subject line. Applications must include, in PDF format only:

1. 300 word personal statement explaining your interest in the project and computer security&privacy research;

2. full CV;

3. copy of transcript(s) showing names of all courses taken and grades achieved;

4. summaries of projects (BSc/MSC), internships and relevant work experience completed.

5. names and contact information of at least one reference.

For further information about the position, p

16:18 [Job][New] Post-Doc, Mathematical Institute, Oxford

  This is a 3-year Postdoctoral Research Fellowship in Post-Quantum Cryptography. Candidates should have previous post-doctoral experience, and expertise in cryptography. Knowledge of quantum computing is desirable but not essential.

15:44 [Job][New] Professorship in Cyber Security and Privacy, School of Informatics, University of Edinburgh, UK

  Informatics at Edinburgh is recruiting a new (full) professor in the general area of Cyber Security and Privacy. Specific topics of interest include applied cryptography, systems security, network security, but experts in other areas are encouraged to apply.

Our department is the largest, most research productive Informatics and Computer Science department in the UK; we are also one of the top places for undergraduate teaching. We are looking for an outstanding research leader and educator who can help us grow our existing expertise in the security and privacy area.

Please check the information at the link below and the online vacancy details page for full details of the job specification. We encourage making informal contact before application.

22:02 [Event][New] CANS 2015: The 14th International Conference on Cryptology and Network Security

  Submission: 19 June 2015
Notification: 31 August 2015
From December 8 to December 12
Location: Marrakesh, Morocco
More Information:

06:17 [Pub][ePrint] Secure Multi-Party Computation with Identifiable Abort, by Yuval Ishai and Rafail Ostrovsky and Vassilis Zikas

  Protocols for secure multi-party computation (MPC) that resist a dishonest majority are susceptible to \"denial of service\" attacks, allowing even a single malicious party to force the protocol to abort. In this work, we initiate a systematic study of the more robust notion of security with identifiable abort, which leverages the effect of an abort by forcing, upon abort, at least one malicious party to reveal its identity.

We present the first information-theoretic MPC protocol which is secure with identifiable abort (in short ID-MPC) using a correlated randomness setup. This complements a negative result of Ishai et al. (TCC 2012) which rules out information-theoretic ID-MPC in the OT-hybrid model, thereby showing that pairwise correlated randomness is insufficient for information- theoretic ID-MPC.

In the standard model (i.e., without a correlated randomness setup), we present the first computationally secure ID-MPC protocol making black-box use of a standard cryptographic primitive, namely an (adaptively secure) oblivious transfer (OT) protocol. This provides a more efficient alternative to existing ID-MPC protocols, such as the GMW protocol, that make a non-black-box use of the underlying primitives.

As a theoretically interesting side note, our black-box ID-MPC provides an example for a natural cryptographic task that can be realized using a black-box access to an OT protocol but cannot be realized unconditionally using an ideal OT oracle.

06:17 [Pub][ePrint] Cryptanalysis Of An Authenticated Image Encryption Scheme Based On Chaotic Maps And Memory Cellular Automata, by Saeideh Kabirirad and Hamideh Hajiabadi

  Recently an image encryption scheme based on chaotic maps and memory cellular automata has been proposed. In this paper, the security of the scheme is evaluated and it is demonstrated that the scheme can be broken by chosen plain-text attack. Having one or more monochrome plain-images and their corresponding cipher-images, a part of key-stream can be retrieved. Furthermore, it is discovered that the scheme can be broken by brute search attack with efficient time complexity, and it is also vulnerable to differential attack. Meanwhile, we provide experimental results to support the proposed attacks and suggest several improvements to make scheme stronger.

06:17 [Pub][ePrint] Some results on Sprout, by Subhadeep Banik

  Sprout is a lightweight stream cipher proposed by Armknecht and Mikhalev at FSE 2015. It has a Grain-like structure with two State Registers of size 40 bits each, which is exactly half the state size

of Grain v1. In spite of this, the cipher does not appear to lose in security against generic Time-Memory-Data Tradeoff attacks due to the novelty of its design. In this paper, we first present improved results on Key Recovery with partial knowledge of the internal state. We show that if 50 of the 80 bits of the internal state are guessed then the remaining bits along with the Secret Key can be found in a reasonable time using a SAT solver. Thereafter we show that it is possible to perform a distinguishing attack on the full Sprout stream cipher in the multiple IV setting using around $2^{40}$ randomly chosen IVs on an average. The attack requires around $2^{48}$ bits of memory. Thereafter we will show that for every Secret Key, there exist around $2^{30}$ IVs for which the LFSR used in Sprout enters the all zero state during the Keystream generating phase. Using this observation, we will first show that it is possible to enumerate Key-IV pairs that produce keystream bits with period as small as 80. We will then outline a simple Key recovery attack that takes time equivalent to $2^{66.7}$ encryptions with negligible memory requirement. This although is not the best attack reported against this cipher in terms of the Time complexity, it is the best in terms of the memory required to perform the attack.

06:17 [Pub][ePrint] Strongly Secure Authenticated Key Exchange from Ideal Lattices, by Xiaopeng Yang and Wenping Ma

  In this paper, we propose an efficient and practical authenticated key exchange (AKE) protocol from ideal lattices, which is well-designed and has some similarity to the HMQV protocol. Using the hardness of the graded discrete logarithm (GDL) problem and graded decisional Diffie-Hellman (GCDH) problem, the proposed protocol is provably secure in the extended Canetti-Krawczyk model.

06:17 [Pub][ePrint] Non-malleability under Selective Opening Attacks: Implication and Separation, by Zhengan Huang and Shengli Liu and Xianping Mao and Kefei Chen

  We formalize the security notions of non-malleability under selective opening attacks (NM-SO security) in two approaches: the indistinguishability-based approach and the simulationbased approach. We explore the relations between NM-SO security notions and the known selective

opening security notions, and the relations between NM-SO security notions and the standard non-malleability notions.

06:17 [Pub][ePrint] Leakage-Resilient Cryptography over Large Finite Fields: Theory and Practice, by Marcin Andrychowicz and Daniel Masny and Edoardo Persichetti

  Information leakage is a major concern in modern day IT-security. In fact, a malicious user is often able to extract

information about private values from the computation performed on the

devices. In specific settings, such as RFID, where a low computational complexity is required, it is hard to apply standard techniques to achieve resilience against this kind of attacks.

In this paper, we present a framework to make cryptographic

primitives based on large finite fields robust against information leakage

with a bounded computational cost.

The approach makes use

of the inner product extractor and guarantees security in the presence of

leakage in a widely accepted model. Furthermore, we show how to apply the proposed

techniques to the authentication protocol Lapin, and we compare it to existing