Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
After four successful Africacrypt conferences (Dakar Senegal 2011; Stellenbosch, South Africa 2010 ; Gammarth, Tunis, Tunisia, 2009; and Casablanca, Morocco 2008), the fifth edition of Africacrypt (http://www.aui.ma/africacrypt2012) will take place at Al Akhawayn University in Ifrane, Morocco, 10-12 July 2012, whereby establishing a tradition in the science of cryptology and related disciplines in the African continent. Beyond providing an international forum for practitioners and researchers from industry, academia, and government from all over the world, the conference aims at the promotion of cryptography research in Africa, especially among your African researchers. Located in the middle of the Atlas mountains, and at the cross road of major imperial cities, the venue for this edition, that is Ifrane, Morocco, is synonymous of a social program as rich as the scientific program.
Papers must be submitted electronically through https://africacrypt2012.epfl.ch/iChair More instructions are available in the call for papers. Important dates:
The 2011 election was held to fill three of nine IACR Director positions. The term of the following three directors expires by the end of 2011: Josh Benaloh, Stuart Haber, and Antoine Joux. This year, we had six candidates: Josh Benaloh, Alexandra Boldyreva, Shai Halevi, Phong Nguyen, Tom Shrimpton, and Nigel Smart
Voting IACR members were invited to cast their votes between October 1 and November 15, 2011. The vote was run electronically by the heliosvoting.org service. This year, IACR switched to "approval voting", meaning that each voter could vote for as many candidates as they desire (but only once for each candidate).
We had 1484 eligible voters. We collected 621 ballots, giving a record participation rate of 41.8%. The tallies are
The election committee would like to thank all candidates for their participation, to congratulate the three elected directors, and to warmly thank Ben Adida for his help in running the helios system.
The election committee: Serge Vaudenay (Chair), Greg Rose, and Martijn Stam.
Key establishment is the process whereby two or more parties derive a shared secret, typically used for subsequent confidential communication. However, identifying the exact security requirements for key establishment protocols is a non-trivial task. This thesis compares, extends and merges existing security definitions and models for key establishment protocols.\r\n\r\n
The primary focus is on two-party key agreement schemes in the public-key setting. On one hand new protocols are proposed and analyzed in the existing Canetti-Krawzcyk model. On the other hand the thesis develops a security model and novel definition that capture the essential security attributes of the standardized Unified Model key agreement protocol. These analyses lead to the development of a new security model and related definitions that combine and extend the Canetti-Krawzcyk pre- and post- specified peer models in terms of provided security assurances.\r\n\r\n
The thesis also provides a complete analysis of a one-pass key establishment scheme. There are security goals that no one-pass key establishment scheme can achieve, and hence the two-pass security models and definitions need to be adapted for one-pass protocols. The analysis provided here includes the description of the required modification to the underlying security model. Finally, a complete security argument meeting these altered conditions is presented as evidence supporting the security of the one-pass scheme.\r\n\r\n
Lastly, validation and reusing short lived key pairs are related to efficiency, which is a major objective in practice. The thesis considers the formal implication of omitting validation steps and reusing short lived key pairs. The conclusions reached support the generally accepted cryptographic conventions that incoming messages should not be blindly trusted and extra care should be taken when key pairs are reused.[...]
Research experience is required in at least one of the following topics: secure identity management, privacy by design, trusted computing and secure computation outsourcing, network security, design of efficient cryptosystems, digital rights management, security and usability.
Experienced researcher or 4-10 yrs (Post-Doc)
Nr. Job Positions : 1
This is a long term contract position working at the headquarters ITC security laboratory of Applus+ based in Bellaterra (Barcelona). It is important to note that some projects will be in collaboration with one of the site security laboratories that Applus+ has in Shanghai (China), so for this job position is also required travel availability.
We are hiring hardware security analyst with the aim of widen our hardware security team. He/She will be in charge of evaluations related to secure applications/platforms (as banking or identification) using the testing as a tool to investigate possible bugs or security warnings that can be exploited using Side-Channel or Fault analysis attacks. The candidate should have the following skills and knowledge:
High level of written and spoken English is required.
FDTC 2011 was held in Nara, on the 28-th of September 2011. The workshop attracted 117 participants from 10 countries, in descending order, from Asia, Europe and North America. The technical program included 12 papers: two invited presentations, and 10 regular papers, categorized into four sessions, that were selected from 18 submissions. Each paper was reviewed by at least 3 reviewers and detailed discussions were later conducted to reach final decisions. Most of the presentation slides for the technical sessions are now available on the workshop website. The workshop proceedings were published by IEEE CS Press and will soon be available on the IEEE Digital Library. Ingrid Verbauwhede from Leuven University (Belgium) and Rob Bekkers from Brightsight (The Netherlands), delivered the two invited lectures on the topics "The Fault Attack Jungle – A Classification Model to Guide You" and "Fault Injection – A Fast Moving Target in Evaluations," respectively.
Junko Takahashi from NTT (Japan) and Sylvain Guilley from Telecom ParisTech (France), were the program co-chairs. David Naccache from Ecole Normale Supérieure (France) was the invited presentations chair. We thank the sponsors for their generous support and contributions to the success of the conference, as well as Akashi Satoh for his continuous support of FDTC, and Tetsuya Izu and Yumi Sakemi for their tremendous help with the local arrangements.