A PRIL 2017, N O 7

Cryptacus Newsletter

April’17 Cryptacus Newsletter

Welcome to the latest edition of the monthly newsletter, offering a glimpse into
recent developments in the IoT cryptanalysis
area. We’d love to receive more of your con-
tributions, comments & feedback at crypta-

News from the Chair speakers who participated in the re- newsletter.
by G ILDAS AVOINE cent Montenegro’s workshop. They
came from Finland, France, Greece, In addition, Cryptacus is look-
Italy, Luxembourg, Serbia, Turkey, ing for a volunteer to manage the
and the United Kingdom. website. Pascal Junod has been the
website manager for two years but
Another workshop will likely be he got a new position and he decided
organized in Fall 2017, and a training to resign from Cryptacus.
school in Spring 2018. More infor- Pascal did a great job during two
mation will be provided in the next years to set up and manage the web-
newsletter. site.
Dear Cryptacus Members, Cryptacus is consequently now look-
ing for a volunteer to replace Pascal.
April 30th is the end of the current Now that the website site is launched,
yearly grant period. During this pe- the task is pretty lightweight. Pascal
riod, Cryptacus organized a meeting said he will ensure the transition.
at Sophia-Antipolis in France, and Please contact me if you want to vol-
a recent workshop at Sutomore in unteer.
Montenegro. It was a great success
and an enjoyable experience, in a All the best.
big part due to the excellent organ- In the meanwhile, Cryptacus’
isation my Milena Djukanovic, and members are invited to collaborate Gildas
it even got some coverage by Mon- on their own. Several initiatives have
tenegro’s Ministry of Research (see also been launched: a H2020 project Recommended reading proposal (see the email sent by Billy
Brumley), a collaborative book about
We also funded 6 grants for short- cryptanalysis in ubiquitous comput-
term scientific missions from, or to, ing systems (Julio Hernandez-Castro
the following countries: Belgium, will provide us with more details in
Finland, Greece, Italy, Israel, Nether- the coming weeks), and also do not
lands, Spain, Sweden, and Switzer- forget to promote STSMs, open fac- This month we will start with a
land. Cryptacus also funded the 14 ulty positions, and PhD theses in the paper on Grouping Proofs by Denis

Trc̆ek. It was published in the Journal per annum. Needless to say,
Sensors in 2016, number 16, volume this is the largest informa-
1. Its title is Wireless Sensors Grouping tion security group in the UK,
Proofs for Medical Care and Ambient and one of the most presti-
Assisted-Living Deployment, and you gious. More info at https://
can read it at http://www.mdpi. Please send us any employment op- They also of-
com/1424-8220/16/1/33. portunity you want to publicize in fer a
the newsletter. more teaching-focused position
The paper provides a lengthy at the same Lecturer level.
and detailed review of the grouping There are plenty of interesting • Lecturer in Computer Security
proofs literature, detailing the many open positions, such as:
at the School of Computer Sci-
security issues encountered and tries
ence, within the College of
to extract lessons and prudent engi- • A PhD Scholarship is open for
Engineering and Physical Sci-
neering practices from them. It offers a thesis on forensics in em-
ences of the University of Birm-
a new lightweight grouping proof bedded systems in the research
ingham. Deadline for applica-
with privacy provisioning, and with group of Prof. Gildas Avoine in
tions is the 2nd of April. Salary
a formal security proof in HLPSL for Rennes (France). The PhD the-
range is £39,324 to £52,793,
AVISPA. sis will start in Fall 2017. Ap-
for a full time, permanent po-
plications must be sent before
sition. Birmingham has a much
Funding News April 20th , 2017. More informa-
smaller security group but they
tion at http://www.avoine.
have some very talented peo-
ple and have recently recruited
• Prof. Milutinovic wants us very well and continue to at-
to announce this position tract talent. Also one of the very
with Maxeler CyberSecu- top security groups in the UK.
rity https://www.maxeler. For applying, check https://
opportunities/#cyber_sec For other interesting positions
all across Europe, please check the
• Professor in Cryptology at
recently revamped “Researchers in
Aalto University. Deadline is
Motion” portal https://euraxess.
Following our H2020 Opportu- the 01/04/2017. More info at
nities presentation in Montenegro,
we are happy that both Miodrag Mi-
haljevic and Billy Brumley gave it a
• Professorship in Computer Net- Proposals for STSMs
works and Communication Sys-
try to mount consortia and propos-
tems at Brandenburg Univer-
als for the Crypto call. Good luck to
sity of Technology (BTU). They
both and thanks for moving things
mention their interest in the ar-
forward! I am sure that many great
eas of “the internet of things”
things will come in the future when
and “security in computer net-
we target other calls with more time.
works”. The application dead-
This is why we will continue to ar- By now, you should be already
line is the 06/04/2017. Ger-
range another H2020 session on the familiar with what Short Term Scien-
man and English fluency re-
next Cryptacus meeting. It will be a tific Missions (or STSMs, for short)
quired. More info at https://
good opportunity to discuss some of are, but we have a healthy budget for
the most relevant future calls in de- them within the Cryptacus project
tail, and plan well ahead of them to In addition, a good number of and not enough demand.
increase your success chances. positions in the other side of the
If you are interested in participating channel have recently opened Until somebody sends more pro-
in this session, and particularly if you or are about to close: posals, we will repeat the STSM of-
want to briefly present a project idea fers of the past, including that of
to get feedback and potentially start • Lecturer in Information Secu-
Aurélien Francillon and mine.
building-up a consortium, please con- rity at the Information Secu-
tact me for booking a slot. rity Group of Royal Holloway,
University of London. Dead- • “At Eurecom we are actively
line is the 9th of April, and working on analyzing em-
Open Positions the salary £41,458 to £49,059 bedded devices software and

building methodologies and people) and lots of practical labs. In
tools for this. An example of addition, they offer a limited number
that is ourvopen source Avatar of student stipends to cover registra-
Framework (see http://s3. tion.
which is aimed to reverse en- The summer school on real-world
gineer devices and search for crypto and privacy organised by Lejla
vulnerabilities. We are happy will take place in Sibenik (Croatia),
to receive visitors interested in June 5 to 9. Highly recommended,
Another interesting news item is
the topic, for example to get for all ages! Registration will open
the development of a new Metas-
help to start using the Avatar early February 2017. More relevant
ploit extension for testing the secu-
framework on a given device.” info at
rity of IoT devices. This extension
is called RFTransceiver and will let
ESORICS is this year in beautiful
us detect and scan wireless devices
Oslo, from 11-15 September. Submis-
operating outside the 802.11 spec.
sion deadline is April 19th . Hope to
This could be very useful for pen-
see many of you there!
testers and researchers finding vul-
nerabilities, for example, in smart
lighting systems using the Zigbee
communication protocol, network-
• I will be happy to receive any- enabled alarms, surveillance and
one interested in investigating door control systems, etc. More info Indocrypt is this year in Chennai,
the many limitations and pit- at This is with a paper submission deadline of
falls of the PRNGs and the an useful addition to their IoT- August 20th and notification on the
TRNGs currently in use on IoT seeker free tool for finding connected 5th of October. The conference will be
devices. IoT devices and checking for de- from 10-13 December.
fault passwords, that can be down-
Blogs and posts to read loaded from https://information.

Agusti Solanas is organising a

special session in a IEEE Conference
on Smart Health with many topics
of interest for Cryptacus members,
including: Security, privacy and trust
Event calendar management for Smart Healthcare
The first spring school (thanks services/applications, Lightweight
Stefan!) on security and correctness cryptography for Smart Healthcare
in IoT, takes place May 8-12 in Graz, devices and systems and Cryptanal-
Austria. Topics range from software ysis of protocols for Smart Health-
exploits and hardware side-channels care devices. More info at http:
This month, we can recom- to formal methods for security verifi- //rtsi2017.ieeesezioneitalia.
mend a short piece on PKI for cation. Standard registration is open it/tech_sessSH.html
IoT by Jeremy Rowley on Issue until April 16. More info at http:
53 of the Insecure Magazine by // See you all very soon! at https:
// The program is very interesting, Best,
insecuremag/issue-53-march-2017/ and brings in some of the best in Julio Hernandez-Castro
the area (including many Cryptacus

