Security is a Matter of Trust

Research on Cryptographic Algorithms that Fit the Systems

Crypto & Engineering

Nowadays, complex networks of computers are a ubiquitous part of our lives. We trust computers containing our private information and financial resources such as smartphones or home security systems. Moreover, we use computers in scenarios where our lives depend on them, e.g., in the context of our cars. The number of computing devices in our lives will likely increase and a malfunction of these devices will have a tremendous impact on our privacy, financial security, or even safety. One cornerstone that allows us to keep information confidential as well as electronically exchanged commands and messages authentic is cryptography.

The ubiquity of cryptography becomes a huge challenge in enabling and ensuring the secure and efficient working of cryptographic algorithms. On the security side, we have to deal more and more with an expanded threat model.

Threats and Attacks

In many scenarios, we cannot assume a computer to be physically locked away from an adversary, and the adversary can only communicate with the computers via network interfaces.This in particular holds for devices forming the Internet of Things, where an attacker can come physically close and mount so-called side-channel and fault attacks. On the efficiency side, we see the development of new exciting applications in the area of homomorphic encryption and multiparty computation that can experience a huge efficiency boost if cryptographic algorithms are designed considering their implementation needs.

In this project, we conduct research bridging the layers of Algorithms & Systems in the form of cryptographic algorithms and their implementations. Research in the systems layer gives us valuable insights into the efficiency of designs and on implementation attacks. On the Algorithm layer, we focus on the cryptanalysis of existing algorithms to understand and compare different design components with respect to their cryptographic properties. Finally, we use the gathered knowledge on the individual layers to design new secure cryptographic algorithms for efficiency while achieving protection against side-channel and fault attacks if needed. Throughout the project, the usability of cryptographic interfaces will be a point of focus in order to prevent incorrect usage and to ease secure deployment.