Tag: job

Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Cryptography at King’s College London 2026

We are looking to recruit a lecturer in cryptography at King’s College London to work with us within the cybersecurity group:

https://www.kcl.ac.uk/jobs/134305-lecturer-in-cryptography

I think it’s fair to say we got strong expertise in lattice-based and post-quantum cryptography here, as well as in protocols with an applied cryptography bent. Check out our publications to get a better picture. For this position, we do not aim to strengthen lattices further, but rather aim to strengthen other areas of cryptography, e.g. protocols, applied cryptography, cryptography in the wild or theory.

The application deadline is somewhat far into the future (5 March 2026). So, if you like, there’s time to reach out to discuss or even to come visit us to check us out.

We’d appreciate any help in spreading the word.

Continue reading “Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Cryptography at King’s College London 2026”

Postdoc Position in Lattice-Based Cryptography

We are recruiting a postdoc to work with us on “practical advanced post-quantum cryptography from lattices”, the title of my ERC selected, UKRI Frontier Research funded project:

Standardisation efforts for post-quantum public-key encryption and signatures are close to completion. At the same time the most recent decade has seen the deployment, at scale, of more advanced cryptographic algorithms where no efficient post-quantum candidates exist. These algorithms e.g. permit to give strong guarantees even after some parties were compromised, privacy-preserving contact lookups, credentials and e-cash. This project will tackle the challenge of “lifting” such constructions to the post-quantum era by pursuing three guiding questions:

  • What is the cost of solving lattice problems with and without hints on a quantum computer? Answers to this question will provide confidence in the entire stack of lattice-based cryptography from “basic” to “advanced”. Studying the presence of hints tackles side-channel attacks and advanced constructions.
  • What are the lattice assumptions that establish feature- and (near) performance-parity with pre-quantum cryptography? Standard lattice assumptions do not seem to establish feature parity with pairing-based or even some Diffie-Hellman-based pre-quantum constructions, how can we achieve efficient and secure advanced practical post-quantum solutions?
  • How efficient is a careful composition of lattice-base cryptography with other assumptions? If we want to deploy our post-quantum solutions in practice, we will need to design hybrid schemes that are secure if either of their pre- or post-quantum part is secure and to deploy many advanced lattice-based primitives in practice we need to carefully compose them with zero-knowledge proofs to rule out some attacks.

Lattice-based cryptography has established itself as a key technology to realise both efficient basic primitives like post-quantum encryption and advanced solutions such as computation with encrypted data and programs. It is thus well positioned to tackle the middle ground of advanced yet practical primitives for phase 2 of the post-quantum transition.

So when I say “advanced”, I don’t mean Functional Encryption or Indistinguishability Obfuscation, but OPRFs, Blind Signatures, Updatable Public-Key Encryption, even NIKE (sadly!).

I’m quite flexible on what background applicants bring to the table

All of that is in scope. If in doubt, drop me an e-mail and we can discuss.

Continue reading “Postdoc Position in Lattice-Based Cryptography”

Cryptography Postdoc Position in Social Foundations of Cryptography

We are looking for a postdoc to work with us on the social foundations of cryptography. This is a two-year full-time position based in London at a salary of £47,978 per annum.

We. This postdoc position is part of the EPSRC-funded project “Social Foundations of Cryptography”. The project team consists of:

  • Rikke Bjerg Jensen, who is an ethnographer at Royal Holloway, University of London.
  • Andrea Medrado, who is an ethnographer at Westminster University (soon Exeter University).
  • Benjamin Dowling, who is a cryptographer at Sheffield University (soon King’s College London).
  • Keye Tersmette, who is an ethnographer at Royal Holloway, University of London.
  • Mikaela Brough, who is an ethnographer at Royal Holloway, University of London.
  • me, I am a cryptographer at King’s College London.

The postdoc would work with all of us, but would be formally supervised by me at King’s College London.

Continue reading “Cryptography Postdoc Position in Social Foundations of Cryptography”

Postdoc Position in Lattice-Based Cryptography

We are recruiting a postdoc to work with us on “practical advanced post-quantum cryptography from lattices”, the title of my ERC selected, UKRI Frontier Research funded project:

Standardisation efforts for post-quantum public-key encryption and signatures are close to completion. At the same time the most recent decade has seen the deployment, at scale, of more advanced cryptographic algorithms where no efficient post-quantum candidates exist. These algorithms e.g. permit to give strong guarantees even after some parties were compromised, privacy-preserving contact lookups, credentials and e-cash. This project will tackle the challenge of “lifting” such constructions to the post-quantum era by pursuing three guiding questions:

  • What is the cost of solving lattice problems with and without hints on a quantum computer? Answers to this question will provide confidence in the entire stack of lattice-based cryptography from “basic” to “advanced”. Studying the presence of hints tackles side-channel attacks and advanced constructions.
  • What are the lattice assumptions that establish feature- and (near) performance-parity with pre-quantum cryptography? Standard lattice assumptions do not seem to establish feature parity with pairing-based or even some Diffie-Hellman-based pre-quantum constructions, how can we achieve efficient and secure advanced practical post-quantum solutions?
  • How efficient is a careful composition of lattice-base cryptography with other assumptions? If we want to deploy our post-quantum solutions in practice, we will need to design hybrid schemes that are secure if either of their pre- or post-quantum part is secure and to deploy many advanced lattice-based primitives in practice we need to carefully compose them with zero-knowledge proofs to rule out some attacks.

Lattice-based cryptography has established itself as a key technology to realise both efficient basic primitives like post-quantum encryption and advanced solutions such as computation with encrypted data and programs. It is thus well positioned to tackle the middle ground of advanced yet practical primitives for phase 2 of the post-quantum transition.

So when I say “advanced”, I don’t mean Functional Encryption or Indistinguishability Obfuscation, but OPRFs, Blind Signatures, Updatable Public-Key Encryption, even NIKE (sadly!).

I’m quite flexible on what background applicants bring to the table?

All of that is in scope. If in doubt, drop me an e-mail and we can discuss.

Continue reading “Postdoc Position in Lattice-Based Cryptography”

Senior Research Scientist in Post-Quantum Cryptography at SandboxAQ

The post-quantum research team at SandboxAQ, i.e. the team I’m in, is looking to hire a full-time researcher to join our team. Currently, the PQC team consists of:

and you can get a sense what we’ve been up to by checking out our respective DBLP pages linked above and the SandboxAQ publications page. Here are some details about the role:

The SandboxAQ team is looking for a Research Scientist to help functionalize the next generation of cryptographic systems. A successful candidate will be comfortable with research in post-quantum cryptography. We are open to strong candidates that reinforce existing expertise of the team as well as candidates extending our expertise. They will be part of a team of diverse cryptographers and engineers, where they will play a key role in efficient and effective enablement of the technologies being developed. They can learn more about what we’ve been doing so far by checking out our publications page or the individual DBPL pages of our permanent researchers.

Core Responsibilities

  • Research and design of new post-quantum cryptography primitives and protocols
  • Engage in team collaborations to meet ambitious product and engineering goals
  • Present research discoveries and developments including updates and results clearly and efficiently both internally and externally, verbally and in writing

Minimum Qualifications

  • PhD in Mathematics or Computer Science or equivalent practical experience
  • Strong background in post-quantum cryptography with a proven publication record at flagship conferences
  • Deep understanding of cryptographic primitives and protocols
  • Capacity to work both as an individual contributor and on collaborative projects with strong teamwork skills

Preferred Qualifications

  • Experience in C, C++, Rust or Go, or equivalent skills to implement and validate innovative cryptographic constructions and/or protocols
  • Experience with the real-world aspects of cryptography
  • Experience contributing to open source projects and standardization bodies
  • Curiosity in a variety of domains of cryptography, security, privacy, or engineering

Postdoc Position(s)

I am recruiting a postdoc1 to work with me on “practical advanced post-quantum cryptography from lattices”, the title of my ERC selected, UKRI Frontier Research funded project:

Standardisation efforts for post-quantum public-key encryption and signatures are close to completion. At the same time the most recent decade has seen the deployment, at scale, of more advanced cryptographic algorithms where no efficient post-quantum candidates exist. These algorithms e.g. permit to give strong guarantees even after some parties were compromised, privacy-preserving contact lookups, credentials and e-cash. This project will tackle the challenge of “lifting” such constructions to the post-quantum era by pursuing three guiding questions:

  • What is the cost of solving lattice problems with and without hints on a quantum computer? Answers to this question will provide confidence in the entire stack of lattice-based cryptography from “basic” to “advanced”. Studying the presence of hints tackles side-channel attacks and advanced constructions.
  • What are the lattice assumptions that establish feature- and (near) performance-parity with pre-quantum cryptography? Standard lattice assumptions do not seem to establish feature parity with pairing-based or even some Diffie-Hellman-based pre-quantum constructions, how can we achieve efficient and secure advanced practical post-quantum solutions?
  • How efficient is a careful composition of lattice-base cryptography with other assumptions? If we want to deploy our post-quantum solutions in practice, we will need to design hybrid schemes that are secure if either of their pre- or post-quantum part is secure and to deploy many advanced lattice-based primitives in practice we need to carefully compose them with zero-knowledge proofs to rule out some attacks.

Lattice-based cryptography has established itself as a key technology to realise both efficient basic primitives like post-quantum encryption and advanced solutions such as computation with encrypted data and programs. It is thus well positioned to tackle the middle ground of advanced yet practical primitives for phase 2 of the post-quantum transition.

So when I say “advanced”, I don’t mean Functional Encryption or Indistinguishability Obfuscation, but OPRFs, Blind Signatures, Updatable Public-Key Encryption, even NIKE (sadly!).

I’m quite flexible on what background applicants bring to the table?

All of that is in scope. If in doubt, drop me an e-mail and we can discuss.

Continue reading “Postdoc Position(s)”

SandboxAQ Internships

You may or may not be aware that at SandboxAQ we have an internship residency programme. Residencies would typically be remote but can be on-site, they can take place year round and last between three to twelve months, full-time or part-time. To take part, you’d need to be a PhD student or postdoc somewhere.

In the interest of advertising our programme, here are two example ideas I’d be interested in.

Add SIS and (overstretched-)NTRU to the Lattice Estimator

The name “lattice estimator” at present is more aspirational than factual. In particular, we cover algorithms for solving LWE but not algorithms for solving SIS or (overstretched) NTRU. Well, we implicitly cover SIS because solving SIS implies solving LWE (and we cost that: the “dual attack”), we don’t have a nice interface to ask “how hard would this SIS instance be”. Adding this would be a nice contribution to the community, given how widely that estimator is used.

OPRFs from Lattices

Our first work on building OPRFs from lattices costs about 2MB of bandwidth if you ignore the zero-knowledge proofs and something like 128GB (yes, GB) if you count them. Since then, proving lattice statements has become a lot cheaper, so a natural project is to reconsider our construction: use newer/smaller proofs, tune the parameters, prove it in a nicer game-based model or in UC. To give you a taste of what is possible: This work building a non-interactive key-exchange (NIKE) has to solve essentially the same problem (noise drowning + ZK proofs) and achieves smaller parameters.

If you are interested, or have some other ideas, ping me and apply for a PQC resident position.

Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Cryptography at King’s College London

As you may or may not have heard, I will join the Department of Informatics at King’s College London from 2023. Specifically, I will join the Cybersecurity Group there with the aim to build a cryptography lab. As part of that plan, we are going to hire for four staff positions (three at the lecturer level, one at the senior lecturer level). The first of these is now on the market:

https://jobs.kcl.ac.uk/gb/en/job/054515/Lecturer-in-Cryptography

Note that the plan here is not to build an exclusive lattice-based cryptography, mathematical cryptography, post-quantum cryptography or a cryptanalysis lab, but our ambition is to build a lab with expertise across cryptography. I think this creates a fun and interesting research environment. So consider applying if you consider FSE, CHES, PKC, TCC or RWC your home venue or any other area of cryptography.

Normally, in this genre of blog posts I’d now go on talking about how amazing the department and everybody in it is but I’ve yet to start at KCL myself. However, everything I’ve seen so far makes me really quite optimistic, the department is strong and the people are nice.

The application deadline is somewhat far into the future (1 March 2023). So, if you like, there’s plenty of time to reach out to discuss or even to come visit us to check us out.

We’d appreciate any help in spreading the word. Happy to answer any questions I can answer or to direct to you to someone who can.

Continue reading “Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Cryptography at King’s College London”

Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Computer Science (Quantum Computing)

Our colleagues in Computer Science (I am a computer scientist by training but I sit in the Department of Information Security aka the “Information Security Group”) are looking to hire a lecturer (roughly equivalent to assistant professor, Juniorprofessor or maître de conférences) with a focus on quantum algorithms. I’m reproducing the full ad below, but here’s why I think that’s rather exciting and you should apply if that’s your jam.

As you may know, several of us in the ISG work in the area of post-quantum cryptography, an area adjacent to quantum computing. To give some examples, Simon and co-authors showed that there are regimes where subexponential quantum attacks on SIDH exist; Eamonn, me and co-authors gave resource estimates for running quantum sieving attacks on lattice-based schemes; Carlos and co-authors gave polynomial-time quantum attacks (i.e. with superposition queries) against the CPA security of contracting Feistel structures; Chris discussed the impact of quantum computing on 5G; Fernando and co-authors gave resource estimates (and Q# code!) for breaking AES on a quantum computer; Eamonn and co-authors improved “low-memory” sieving in a quantum setting. We have a lively research community of PhD students, postdocs and staff. Speaking of PhD students, due to our CDT in Cyber Security of the Everyday, we are currently recruiting 10 students per year across the field of information security, including the “quantum threat”. Moreover, as mentioned in the ad, the College considers quantum a key priority. Some of our physicists work in various areas of quantum, some of our mathematicians work on quantum dynamics.

Feel free to reach out to me if you want to discuss what it is like working at Royal Holloway. For specifics about this post, reach out to Magnus (HoD of CS). Also feel encouraged to disseminate this ad through your networks.

Continue reading “Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Computer Science (Quantum Computing)”

10 PhD Positions at Royal Holloway’s Centre for Doctoral Training in Cyber Security for the Everyday

At Royal Holloway we are again taking applications for ten fully-funded PhD positions in Information Security. See the CDT website and the ISG website for what kind of research we do. Also, check out our past and current CDT students and our research seminar schedule to get an idea of how broad and diverse the areas of information security are in which the ISG works.

More narrowly, to give you some idea of cryptographic research (and thus supervision capacity) in the Cryptography Group at Royal Holloway: currently, we are nine permanent members of staff: Simon Blackburn (Maths), Saqib A. Kakvi, Keith Martin, Sean Murphy, Siaw-Lynn Ng, Rachel Player, Liz Quaglia and me. In addition, there are three postdocs working on cryptography and roughly 14 PhD students. Focus areas of cryptographic research currently are: lattice-based cryptography and applications, post-quantum cryptography, symmetric cryptography, statistics, access control, information-theoretic security and protocols.

To give you a better sense of what is possible, here are some example projects. These are in no way prescriptive and serve to give some ideas:

  1. I am, as always, interested in exploring lattice-based and post-quantum cryptography; algorithms for solving the hard underlying protocols, efficient implementations, lifting pre-quantum constructions to the post-quantum era.
  2. Together with my colleague Rikke Jensen, we want to explore security needs and practices in large-scale protests using ethnographic methods. We’ve done an interview-based (i.e. not ethnography-based) pilot with protesters in Hong Kong and think grounding cryptographic security notions in the needs, erm, on the ground, will prove rather fruitful.
  3. My colleague Rachel Player is looking at privacy-preserving outsourced computation, with a focus on (fully) homomorphic encryption.
  4. My (new) colleague Guido Schmitz uses formal methods to study cryptographic protocols.

Note that most of these positions are reserved for UK residents, which does, however, not mean nationality (see CDT website for details) and we can award three of our scholarships without any such constraint, i.e. international applicants. The studentship includes tuition fees and maintenance (£21,285 for each academic year).

To apply, go here. Feel free to get in touch if you have questions about whether this is right for you. Official announcement follows.

Continue reading “10 PhD Positions at Royal Holloway’s Centre for Doctoral Training in Cyber Security for the Everyday”