Research Areas

Members of the group carry out research in a number of applied and theoretical areas.

  1. Cryptanalysis of symmetric ciphers
    • Cryptology serves as the backbone of most security solutions. Any formal cryptographic design strategy comes up with its own analysis of its security. However, independent analysis and verification of the claim of the designers is an important part of the subject. Our goal is to analyse the current state of the art cryptanalysis techniques applied to various cryptographic primitives such as block ciphers, hash functions and MACs and develop new and improved algorithms.  

      Current lines of enquiry:
      • * Cryptanalysis of primitives such as SHA-3 candidate hash functions
      • * Cryptanalysis of block ciphers and Generalized Feistel Structures
      • * Cryptanalysis of ARX based symmetric ciphers
  1. Public Key Cryptography
    • Public key cryptography started with a breakthrough result by Diffie and Hellman in 1979. This result allowed exchanging a shared secret key between two parties without any prior pre-shared secret. However, they could not provide an encryption scheme for this asymmetric setting. Later, RSA and Rabin cryptosystems succeeded in presenting a concrete public key encryption (PKC) scheme. At the same time, several theoretical security notions of PKC, like IND-CCA1, CCA2, NM-CCA2 etc. emerged. Following this, many practical and secure constructions were developed which aligned with the security notions of PKC, e.g., OAEP, OAEP+, SAEP, SAEP+ etc.  

      Current lines of enquiry:
      • * Develop lighter and faster asymmetric encryption scheme that will be secure in most powerful adversary models and a good alternative to the present OAEP+ scheme
      • * Improve the efficiency of current existing PKC schemes with the aim of reducing the computational load
  1. Signcryption
    • Asymmetric encryption and digital signature are the two basic primitives in public-key cryptography. They provide confidentiality and authenticity independently. In many real-world applications, it is important to provide both confidentiality and authenticity/integrity of the transmitted data; for example secure emailing, electronic elections etc. To respond to this need, Yuliang Zheng introduced the notion of signcryption that simultaneously fulfills the requirements of both the encryption and signature scheme in a way that is more efficient than signing and encrypting separately. 

      Current lines of enquiry:
      • * To design new signcryption schemes which provide better security and achieve higher efficiency
      • * To investigate the security notions provided for signcryption schemes in the various adversary models and provide practice-oriented provable proofs
  1. Authenticated Encryption
    • Authenticated Encryption (AE) is a block cipher mode of operation which simultaneously provides confidentiality, integrity and authenticity assurances on the data. These attributes are provided under single, easy to use programming interface and decryption is combined in single step with integrity validation. Many authentication modes like CCM, GCM, Encrypt-then-MAC etc. have been standardized in ISO.  

      Current lines of enquiry:
      • * Design new Authentication Encryption (AE) Scheme with following key objectives(Cost effective, Memory effective)
      • * Develop new AE schemes which are resistant against side channel attacks
      • * Design AE schemes suitable for memory constrained devices via online cipher mode
  1. Password Hashing
    • A Password is a secret word or string of characters which is used by a principal to prove her identity as an authentic user to gain access to a resource. This is the most common authentication technique, specifically in the world of Internet. In order to ensure the confidentiality of the passwords even when the authentication data is somehow leaked from the server, passwords are never stored in clear, but transformed into an illegible form and then stored. ‘Password Hashing’ is the technique which performs a one-way transformation on a password and turns it into another string, called the ‘hashed’ password. Strong password protection, i.e., a technique of password hashing that makes brute force attack on password guessing infeasible, either in software or by using GPU’s (Graphics Processing Unit), is essential to protect the user security and identity.

      Current lines of enquiry:
      • * Design a new and efficient password hashing scheme to encourage strong password protection technique.
      • * Analyse the existing techniques and the newly submitted designs in the Password Hashing Competition (PHC).
  1. Format Preserving Encryption
    • Many financial or e-commerce databases contain credit card numbers or social security numbers. For both practical and regularity reasons, it is important to encrypt these values. However, encrypting the entire database is cumbersome and impractical. A better alternative is to encrypt only the sensitive values, but in most of the cases, the fields to be encrypted have fixed format and naive encryption produces ciphertexts which violates the specified format. Format Preserving Encryption (FPE) involves transforming data that are formatted as a sequence of the symbols in such sa way that the encrypted form of the data has the same format and length as the original data. Thus, an FPE-encrypted credit card number looks like a random sequence of 16 digits.  

      Current lines of enquiry:
      • * Design a new state-of-art FPE scheme that overcomes the limitations of current existing schemes and is deployable in the real world applications
      • * Investigate current exisiting schemes and improve the efficiency
  1. Side Channel Analysis
    • A practically useful way of cryptanalysis of ciphers was developed in the last decade by P. Kocher et al. This analysis relies on power, time or hard disk cache measurements while the cipher is processing the data. The so called “side channel attacks” have emerged as the greatest threat against real life application of cryptographic algorithms.  

      Current lines of enquiry:
      • * Study and design new types of techniques which can provide resistance against side channel information
      • * Analyse the security of the candidates of the currently ongoing Authenticated Encryption competition CAESAR against side channel leakage
      • * Investigate and exploit new types of side channel leakage apart from the traditionally analyzed
  1. Biometric Security
    • Biometric templates such as fingerprint template, iriscode etc. are stored on server in plain without any protection schemes. This can reveal the biometric templates to attacker which makes them compromised forever. Biometric template protection schemes are proposed that transform the original biometric templates into some other form such that it is computationally infeasible to reveal the original biometric template from the transformed template.  

      Current lines of enquiry:
      • * Designing and analysing secure biometric schemes using Cryptography, particularly iris template protection schemes
      • * Secure authentication using multibiometric systems
      • * Designing secure representation scheme for biometric templates
    1. Post Quantum Cryptography
      • The security of traditional public-key cryptosystems relies mainly on the hardness of factoring large integers, solving discrete logarithmic problems, etc. In the presence of quantum computers, these hard problems would be solvable in polynomial time using Shor’s algorithm . Therefore, it is the need of time to design and analyze post-quantum secure cryptosystems, the importance of which has also been reflected in the efforts made by NIST for standardization of post-quantum secure cryptographic protocols. The currently known post quantum secure cryptosystem emerge from one of these fields: lattice-based, code-based, hash-based and multivariate polynomial based cryptosystems.  

        Current lines of enquiry:
        • * Designing and analysing post-quantum secure cryptosystems
        • * Secure Code Based cryptography schemes
    1. Design and Analysis of Approximate Matching Algorithms
      • Malware, a software designed to access a computer system without the owner’s informed consent, is a growing problem for government and commercial organizations. In order to determine a malicious file, as of today, an investigator has to deal with several terabytes of raw data. It is like looking for a needle in a haystack. "Similarity metrics" are used to determine whether a suspected malicious file bears any resemblance to already verified malicious files. These metrics allows investigators to potentially save time, by identifying opportunities to leverage previous analysis. The technique of constructing similarity matrices is known as Approximate Matching.  

        Current lines of enquiry:
        • * Study current existing algorithms e.g., minhash, ssdeep etc.
        • * Provide formal security proofs of the existing schemes from cryptographic point of view
        • * Develop and design a more secure and robust approximate matching algorithm