Ph.D. student in Crypto-Finance, Cybersecurity and Privacy, University of Luxembourg
The University of Luxembourg is offering a Ph.D. student position in one of the topics:
- cryptofinance, cryptocurrencies
- anonymity and privacy
Applicants interested in symmetric cryptography, authenticated encryption will be also considered.
- An M.Sc. in Computer Science or Applied Mathematics (some background in Economics/Finance is a plus)
- GPA > 85%
- Fluent written and verbal communication skills in English are mandatory.
We offer international research environment and competitive salary. The position is available from the 1-October 2015. Applications will be considered upon receipt, therefore applying before the deadline is encouraged.
Ph.D., Hochschule Offenburg (University of Applied Sciences)
* The Chair for Security in Distributed Systems, computer science Hochschule Offenburg, Germany, offers a full-time PhD positions:
* The position involves research in the area of IT-security within the project PAL SAaaS \'Building Triangular Trust for Secure Cloud Auduting\' in cooperation with the University of Mannheim (Prof. Dr. Frederik Armknecht).
The successful candidate is expected to contribute to research in IT-Security and applied cryptography for Cloud Security.
Besides other cloud security related aspects topics of interest for the open positions are
- application of homomorphic cryptographic primitives for secure cloud storage,
- applying the above schemes to the auditing process for cloud services.
* The position is available from August on and is fully funded. The salary scale is TV-L E13.
The gross income depends on the candidate\'s experience level. At the lowest level it corresponds to approx. 40,000 EUR per year.
* Contracts are offered for three years.
* She or he is given the possiblity to carry out a Ph.D.
* The successful candidate should have a Master\'s degree in Computer Science, Mathematics, Information Security, or a related field.
Deep Knowledge in cryptography is not a must but an asset.
* The deadline for applications is July 20, 2015. However, late applications will be considered until the position is filled.
Please send your application with reference number to Prof. Dr. Dirk Westhoff (dirk DOT westhoff AT hs-offenburg DOT de).
Analyzing the Efficiency of Biased-Fault Based Attacks, by Nahid Farhady Ghalaty, Bilgiday Yuce, Patrick Schaumont
The traditional fault analysis techniques developed over the past decade rely on a fault
model, a rigid assumption about the nature of the fault. A practical challenge for all faults attacks is to identify a fault injection method that achieves the presumed fault model.
In this paper, we analyze a class of more recently proposed fault analysis techniques,
which adopt a biased fault model. Biased fault attacks enable
a more flexible fault model, and are therefore easier to adopt to practice.
The purpose of our analysis is to evaluate the relative efficiency of several recently proposed biased-fault attacks, including Fault Sensitivity Analysis (FSA), Non-Uniform Error Value Analysis (NUEVA), Non-Uniform Faulty Value Analysis (NUFVA), and Differential Fault Intensity Analysis (DFIA).
We compare the relative performance of each technique in a common framework, using a common circuit and using a common fault injection method. We show that, for an identical circuit and an identical fault injection method, the number of faults per attack greatly varies according with the analysis technique.
In particular, DFIA is more efficient than FSA, and FSA is more efficient than both NUEVA and NUFVA. In terms of number of fault injections until full key disclosure, for a typical case, FSA uses 8x more faults than DFIA, and NUEVA uses 33x more faults than DFIA. Hence, the post-processing technique selected in a biased-fault attack has a significant impact on the probability of a successful attack.
CRYPTO registration open, Journal of Cryptology delivery changes
Registration for CRYPTO 2015 is now open (https://www.iacr.org/conferences/crypto2015/registration.html), which makes it a good time to let you know about a few important updates.
Paper delivery of the Journal of Cryptology is now *opt-in*. If you would like to receive hard-copy JoC editions, you must update your membership info. You can update proactively via the membership info form (https://secure.iacr.org/membership/members/update.html) or when paying your membership dues for 2016 during conference registration. If you have already paid your membership dues for 2016 you can still opt in and pay at a later time.
We have made some changes in how IACR membership records are stored internally. As a result, there is a small chance you will be asked to reset your password when authenticating. You will need access to the email address of record associated with your membership. If you experience problems, please contact the membership secretary at email@example.com.
Strong Security of the Strongly Multiplicative Ramp Secret Sharing based on Algebraic Curves, by Ryutaroh Matsumoto
We introduce a coding theoretic criterion for
Yamamoto\'s strong security
of the ramp secret sharing scheme.
After that, by using it, we show the strong security of
the strongly multiplicative
ramp secret sharing proposed by Chen et al. in 2008.
Diversity and Transparency for ECC, by Jean-Pierre Flori and Jérôme Plût and Jean-René Reinhard and Martin Ekerå
Generating and standardizing elliptic curves to use
them in a cryptographic context is a hard task.
In this note, we don\'t make an explicit proposal
for an elliptic curve, but we deal with the following
Security: We give a list of criteria that should be
satisfied by a secure elliptic curve. Although a few
of these criteria are incompatible, we detail what we
think are the best choices for optimal security.
Transparency: We sketch a way to generate a
curve in a fully transparent way so that it can be
trusted and not suspected to belong to a (not publicly
known to be) vulnerable class. In particular, since the
computational cost of verifying the output of such a
process may be quite high, we sketch out the format
of a certificate that eases the computations. We think
that this format might deserve being standardized.