Research
Cryptography provides a fundamental set of techniques that underpin secure systems. It includes basic techniques to enable services such as confidentiality and integrity of data in secure communication systems, as well as much more advanced methods such as cryptographic schemes that enable searches over encrypted data. It draws broadly from theoretical computer science (algorithms, complexity theory), mathematics (number theory, probability) and engineering (both electronic- and software-engineering).
Our research in Applied Cryptography brings all of these strands together to produce impactful research that improves the security of today’s and tomorrow’s cryptographic systems.
We analyse cryptographic protocols that are deployed at Internet scale, using techniques from provable security to provide assurance in such systems. Our work in this domain includes analysis of TLS, perhaps the most widely-used secure communications protocol today, as well as SSH, the sysadmin’s tool of choice for remote access to computer systems. This work involves the development of new, practice-driven security models and their immediate application to real-world systems. We also perform system-, protocol- and algorithm-level cryptanalysis to detect defects in such systems. Here, our work has led to significant changes in the way protocols such as WPA, SSH and TLS make use of cryptography today, with billions of users being better protected as a result.
We are involved in the on-going global effort to develop post-quantum cryptography — cryptography which resists attacks by quantum computers. Here, we are designing new cryptographic algorithms and protocols with a focus on combining efficiency, conservative design, and security proofs. In parallel, we have initiated a study of side-channel attacks on such algorithms, where an attacker learns additional information through the execution of the cryptographic algorithm or via memory leakage.
In another strand of work, we have been examining the security of data at rest. One focus has been on key rotation, which refers to the ability of customers to efficiently and conveniently change their encryption keys for data held in cloud systems. Another focus is on analysing and exploiting the leakage from encrypted database systems that support rich classes of queries on data. Our work here has shown that certain classes of leakage — such as access pattern leakage or even just data volume leakage — can be fatal to security. It illustrates the shortcomings of current approaches to security data at rest and motivates the development of new, theory-backed solutions with strong security guarantees.
Privacy-Preserving Technologies are another research focus of the group. They aim to reconcile privacy and usability when these may a priori seem antagonistic, e.g., proving that one is above a certain age to access a service without revealing any information beyond that. Such technologies for instance include group signatures and credential systems. Our goal in this line of work is to build practical schemes that can be analysed in models which capture strong security and privacy requirements.
Zero-Knowledge Proofs are fundamental in cryptography as they allow to prove statements without revealing any information beyond their validity. Their versatility makes them suitable for a wide range of applications which include CCA encryption, digital signatures, privacy-preserving protocols, secure computation and cryptocurrencies. We are thus interested in developing practical zero-knowledge proof systems under minimal assumptions.
The group also studies, from a cryptanalytic viewpoint, the security of these proofs when deployed in larger real-world systems, wherein the running time of a larger protocol may for example induce an undesirable leak of information.
Randomness in Cryptography is also a research focus of the group. The security of most cryptosystems relies on access to perfect randomness, especially when generating keys, but it is hardly ever guaranteed in practice. We thus study the impact of randomness failure on real-world schemes. A complementary research direction of the group is that of randomness certification, i.e., attesting that cryptographic keys were generated with high-entropy randomness.