*10:33*[Job][New]

Get an update on changes of the IACR web-page here. For questions, contact *newsletter (at) iacr.org*.
You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

2011-09-23

2011-09-22

These are pure research positions, without teaching duties, in the context of the ARES project (http://www.aresproject.org). Successful candidates are supposed to publish in security and privacy in a broad sense.

Depending on when the candidate got her/his Ph.D., we can offer junior or senior post-docs, an international work environment and plenty of travel money to present results at security and privacy conferences.

Faculty of Mathematics, Informatics and Mechanics of the University of Warsaw is looking for a post-doctoral fellow to work on the project \\\"Cryptographic Protocols Provably-Secure Against Physical Attacks\\\". The candidate must have a PhD degree, ideally in cryptography, or in a related field.

starting date: 1.12.2011 (negotiable)

duration: 2.5 years (negotiable)

2011-09-20

Name: Goutam Paul

Topic: Analysis and Design of RC4 and Its Variants

Category: secret-key cryptography

Description: The main focus of this thesis is the analysis of RC4 stream cipher and its implications in the design issues of shuffle-exchange paradigm of stream cipher.\r\n

\r\nThe RC4 stream cipher has two components. These are the Key Scheduling Algorithm (KSA) and the Pseudo-Random Generation Algorithm (PRGA). The KSA uses a secret key $K[0\\ldots l-1]$ of $l$ bytes to scramble a permutation $S[0\\ldots N-1]$ of $N$ bytes using two indices $i$ and $j$. The PRGA uses this scrambled permutation and performs further shuffle-exchanges to produce keystream output bytes $z_1, z_2, z_3,\\ldots$.\r\n

\r\nFirst, we perform a detailed theoretical analysis of RC4 KSA. We derive explicit formulae for the probabilities with which the permutation bytes $S[y]$ at any stage of the KSA are biased to the secret key. Theoretical proofs of these probabilities have been left open since Roos\' observation (1995). Along the same line, we analyze a generalization of the RC4 KSA corresponding to a class of update functions of\r\nthe indices involved in the swaps and find that such weaknesses are intrinsic in shuffle-exchange kind of key scheduling. Moreover, for the first time we show that biases towards the secret key also exist in $S[S[y]], S[S[S[y]]]$, and so on, for initial values of $y$. We also study a weakness of the RC4 Key Scheduling Algorithm (KSA) that has already been noted by Mantin and Mironov. We present a simple proof that each permutation byte after the KSA is\r\nsignificantly biased (either positive or negative) towards many values in the range $0, \\ldots, N-1$. Further, we present a detailed empirical study over Mantin\'s work when the theoretical formulae vary significantly from\r\nexperimental results due to repetition of short keys in RC4.\r\n

\r\nBased on our analysis of the key scheduling, for the first time we show that the secret key of RC4 can be recovered from the state information in a time much less than the exhaustive search with good probability. Our research ge[...]

Submission: 22 November 2011

Notification: 1 February 2012

From April 16 to April 18

Location: Tuscon, Arizona, USA

More Information: http://www.sigsac.org/wisec/WiSec2012

2011-09-19

We are looking for a Ph.D. student in the area of formal methods based approaches to computer security and electronic privacy. The successful candidate will join the SaToSS group led by Prof. Dr. Sjouke Mauw.

**Profile:**

- A Master\'s degree in Computer Science, Mathematics, or a related field.
- Prior exposure to and strong interest in formal methods.
- Prior exposure to and strong interest in computer and information security.
- Inquisitiveness, creativity, critical attitude.
- Very good written and oral English skills.

**Employment:**

The candidate will be employed as a Junior Researcher at the Faculty of Sciences, Technology and Communication of the University of Luxembourg. The initial contract will be for three years (40 hours/week) with a six month trial period. The contract may be extended once by one year.

Network Security Group at Institute for Infocomm Research is looking for research scientists. Candidates should have a PhD degree in information security and strong R&D capability (especially on network security). They are expected to create valuable intellectual properties, publish papers at leading conferences and journals, and produce project deliverables in time. Fresh PhD is welcome to apply.

2011-09-17

Submission: 20 November 2011

Notification: 29 February 2012

From March 15 to July 1

Location: Tehran, Iran

More Information: http://isecure-journal.org/Doc/CfP-IH-SpecialIssue.pdf

2011-09-16

Based in the Cryptography group within the Department of Computer Science, you will work on one of the the areas of cryptography detailed below.

Position 1

You will have a background in either lattice based cryptography or computational number theory. The project is to examine various aspects of lattices related to Fully Homomorphic Encryption schemes. We would be interested in applicants who can contribute on the mathematical analysis of the underlying hard lattice problems (either theoretically or experimentally), or in applicants who can contribute on the cryptographic side by developing new schemes and protocols.

Position 2

You will have a background in formal security protocol analysis. The project is to examine how \"cryptographic proofs\" can be automated by using techniques from formal methods, allied with tools and techniques from programming language theory. Experience with using a tool such a ProVerif, CryptoVerif, Isabelle, FDR would be an advantage, but not required. Applicants who are interested in applying these techniques to real world protocols are encouraged to apply.

Applicants with a strong theoretical or practical understanding in other aspects of modern cryptography are also encouraged to apply, if they feel they could contribute to the projects detailed above.

The posts are funded by an ERC Advanced Grant awarded to Professor Nigel Smart and you will work closely with members of the Cryptography research group; in particular Professor Nigel Smart, and Dr Bogdan Warinschi.

The expected starting date will be as soon as possible depending on your circumstances.Salary dependent on experience and qualifications. Please indicate whether you wish to apply for position 1, 2 or both on your application form.

Contract: Fixed Term Contract (3 - 4 years)

Salary: £29,972 - £37,990

2011-09-15

Name: Phan Duong Hieu

Topic: SÃ©curitÃ© et efficacitÃ© de schÃ©mas cryptographiques

Category: public-key cryptography

Description: Provable security is nowadays one of the major lines of research in Cryptography. It aims at providing security proofs of cryptographic schemes in a complexityâ€“theoretical sense: if one can break the scheme, one can solve the underlying problem. Provable security is strongly related to three main trends in the development of Cryptology: formalization of security notions, design of cryptographic systems, and development of new cryptographic features.\r\n

\r\nIn this thesis, we first deal with notions of security in both asymmetric and symmetric encryption. We study more in detail the relation between different attack models in asymmetric encryption. We also establish the relation between the notion of (super) pseudoâ€“random permutation and that of semantic security in symmetric encryption.\r\n

\r\nSecondly, we propose new efficient constructions for asymmetric encryption in the random oracle model (new paddings for encryption, and universal paddings for both encryption and signature). Furthermore, we introduce a new class of publicâ€“key encryption schemes: chosen ciphertext secure schemes without redundancy. Up to now, redundancy used to be required for proofs of security in publicâ€“key encryption schemes.\r\n

\r\nFinally, we consider the traitor tracing problem in broadcast encryption and we introduce a new feature: public traceability. We construct a basic scheme with such feature, and then generalize it to achieve almost optimal transmission rates.[...]