File | Description | Size | Format | |
---|---|---|---|---|
43.59 MB | Adobe PDF | |
Download(s) 10.
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.
Lattice-based cryptography began with the seminal work of Ajtai (Ajtai '96) who showed that it is possible to build families of cryptographic functions in which breaking a randomly chosen element of the family is as hard as solving worst-case instances of lattice problems. This work generated great interest and resulted in constructions of many other cryptographic protocols with security based on worst-case lattice problems. An additional advantage of lattice-based primitives is that, unlike their counterparts based on factoring and discrete log, they are conjectured to be secure in the advent of quantum computing. The main disadvantage of lattice-based constructions is that they generally involve operations on, and storage of, large n x n matrices. This resulted in the schemes being rather inefficient and unsuitable for practical use. To cope with this inherent inefficiency, Micciancio proposed to build lattice-based primitives based on the worst-case hardness of lattices that have some additional structure. In (Micciancio '02), he showed how to build one-way functions, computable in almost linear time, with security based on worst-case problems on such lattices. While interesting from a theoretical perspective, one-way functions are not very useful in practice. Our goal in this thesis is to present constructions of practical and efficient cryptographic protocols whose security is based on worst-case hardness of lattice problems. We first show how to build collision- resistant hash functions whose security is based on the hardness of lattice problems in all lattices with a special structure. The special structure that the lattices possess is that they are ideals of certain polynomial rings. The hash functions that we build have almost linear running time, and in practice turn out to be essentially as efficient as ad-hoc constructions that have no provable security. We also give constructions of provably-secure identification and signature schemes whose asymptotic running times are almost linear (up to poly-logarithmic factors), and so these schemes are much more efficient than comparable primitives with security based on factoring and discrete log. Thus our work implies that by considering ideal lattices, it is possible to have the best of both worlds: security based on worst-case problems and optimal efficiency
Enter the password to open this PDF file:
The PhD thesis is a complete write-up of my fully homomorphic encryption system. A preliminary version of these results appeared at STOC 2009:
Craig Gentry, Fully homomorphic encryption using ideal lattices, Symposium on the Theory of Computing (STOC), 2009, pp. 169-178.
@phdthesis{homenc, author = {Craig Gentry}, title = {A fully homomorphic encryption scheme}, school = {Stanford University}, year = 2009, note = {\url{crypto.stanford.edu/craig}} }
A high level description of the construction also appeared in the Communications of the ACM : [ PDF ]
Supported by the NSF, a Stanford Graduate Fellowship, and an IBM PhD fellowship.
This week: the arXiv Accessibility Forum
Help | Advanced Search
Title: quantum security of cryptographic primitives.
Abstract: We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure, such as quantum key distribution). In this work, we propose the first systematic classification of quantum security scenarios, and for each of them we recall the main tools and results, as well as presenting new ones. We achieve this goal by identifying four distinct quantum security classes, or domains, each of them encompassing the security notions and constructions related to a particular scenario. We start with the class QS0, which is `classical cryptography' (meaning that no quantum scenario is considered). Regarding post-quantum cryptography, we introduce the class QS1, where we discuss in detail the problems arising when designing a classical cryptographic object meant to be resistant against adversaries with local quantum computing power, and we provide a classification of the possible quantum security reductions in this scenario when considering provable security. In respect to hybrid classical-quantum models, in the security class QS2 we discuss in detail the possible scenarios where these scenarios arise, and what a correct formalization should be in terms of quantum oracle access. Finally, in the class QS3 we consider all those cryptographic constructions designed to run natively on quantum hardware. We believe that the framework we introduce in this work will be a valuable tool for the scientific community in addressing the challenges arising when formalizing sound constructions and notions of security in the quantum world.
Comments: | PhD Thesis. This document is an electronic version with minor modifications of the original, published through the E-Publishing-Service of the TU Darmstadt |
Subjects: | Cryptography and Security (cs.CR); Computational Complexity (cs.CC); Quantum Physics (quant-ph) |
Cite as: | [cs.CR] |
(or [cs.CR] for this version) | |
Focus to learn more arXiv-issued DOI via DataCite |
Access paper:.
Bibtex formatted citation.
Code, data and media associated with this article, recommenders and search tools.
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs .
Master's theses, available projects.
Students interested in a thesis with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography, to the contact noted under Student Projects .
Note: Students looking to start their thesis in a given semester are encouraged to reach out to us before the end of the previous semester (especially if starting in spring).
Last updated: 13.08.2024
Censorship circumvention tools enable clients to access endpoints in a network despite the presence of a censor. Censors use a variety of techniques to identify content they wish to block, including filtering traffic patterns that are characteristic of proxy or circumvention protocols and actively probing potential proxy servers. In response, circumvention practitioners have developed fully encrypted protocols (FEPs), intended to have traffic that appears indistinguishable from random [FJ23]. Beyond censorship circumvention, FEPs are also broadly useful for protecting a greater amount of information leakage about which protocols a user might be employing [SP22]. A FEP is typically composed of a key exchange protocol to establish shared secret keys, and then a secure channel protocol to encrypt application data; both must avoid revealing to observers that an obfuscated protocol is in use. We call the key exchange protocol used in such a FEP an obfuscated key exchange [GSV24]. Current key exchange protocols in FEPs are all based on classical cryptography, and consequently are not quantum-safe. Motivated by the transition to quantum-safe cryptography, there has been a recent push towards developing hybrid key exchange protocols [SFG23,BB18,XW24]. In such protocols, a combination of classical and quantum-safe constructions are used such that security is guaranteed even if all but one of the components is broken. In this project, we will construct a hybrid obfuscated key exchange protocol and prove its security. In particular, we would like to develop a key exchange protocol in the style of that of obfs4 [OB4] that uses a combination of traditional (Diffie-Hellman-based) and post-quantum key exchange algorithms. The project involves constructing such a protocol and proving its security (in addition to some properties that are relevant to the censorship circumvention setting).
References:
[FJ23] Ellis Fenske and Aaron Johnson. "Security Notions for Fully Encrypted Protocols." Free and Open Communications on the Internet (2023). Issue 1, pages 24-29. [SP22] B. Schwartz and C. Patton. "The Pseudorandom Extension for cTLS." IETF Internet Draft external page https://www.ietf.org/archive/id/draft-cpbs-pseudorandom-ctls-01.html . (2022). [GSV24] Felix Günther, Douglas Stebila, and Shannon Veitch. "Obfuscated Key Exchange." [SFG23] Douglas Stebila, Scott Fluhrer, and Shay Gueron. "Hybrid key exchange in TLS 1.3." IETF draft (2022). external page https://www.ietf.org/archive/id/draft-ietf-tls-hybrid-design-05.html [BB19] Nina Bindel, Jacqueline Brendel, Marc Fischlin, Brian Goncalves, Douglas Stebila, "Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange", In 10th International Workshop on Post-Quantum Cryptography (PQCrypto 2019), pp. 206-226 (2019). [XW24] Manuel Barbosa, Deirdre Connolly, João Diogo Duarte, Aaron Kaiser, Peter Schwabe, Karolin Varner, and Bas Westerbaan. X-Wing: The Hybrid KEM You’ve Been Looking For. IACR Communications in Cryptology, Vol. 1, No. 1, 22 pages. [OB4] The Tor Project. obfs4 (The Obsfourscator) spec. external page https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird/-/blob/HEAD/doc/obfs4-spec.txt
Bitwarden [Bit] is an open source password manager and authenticator application. They claim to use strong end-to-end encryption (E2EE) as well as "zero knowledge encryption" to protect users passwords, while supporting features like secure password sharing between users. Recently, Bitwarden also launched a new product called "secrets manager" [BitSM] which is aimed at organizations and developers that need to handle cryptographic secrets. Just like the password manager, secrets manager is open source, E2EE and uses "zero knowledge encryption". Additionally, the selling point of secrets manager is access management, which allows for integration in businesses and organizations. Last but not least, Bitwarden also offers enterprise support for passkeys, through a product they call "passwordless.dev" [BitPWL]. Passkeys [Pass] are the credentials (also called FIDO credentials) of WebAuthn, a web standard for authentication published by the W3C as part of the FIDO2 Project. The idea of passkeys is to use public-key cryptography to enable passwordless authentication, upgrading the security from password-based multi-factor authentication (specified in the predecessor project FIDO U2F) to completely address the many issues that stem from the use of passwords as the root of security for cryptography. Bitwarden also support passkeys as a means of authentication to the password manager, and in their security whitepaper [BitWhite] they write: "In addition to the master password, users can choose to unlock their vaults with a passkey. This process leverages a leading-edge standard and extension for WebAuthn called the pseudo-random function or PRF, which sources key material from an authenticator. With PRF, derived keys are used in the encryption and decryption of data stored in Bitwarden Password Manager vault and Bitwarden Secrets Manager, maintaining end-to-end, zero knowledge encryption." In this project, we will do a deep-dive into the cryptography of Bitwarden. In particular, we will try to find out what "zero knowledge encryption" really means, and unravel the mystery of the public-key PRF used for their passkeys implementation. The project can then take a multitude of different directions. Perhaps it turns out that the cryptography of Bitwarden does not live up to their strong claims. If so, we will try to cryptanalyze their system and find attacks in the vein of [Mega]. But hopefully, the question marks from the documentation are simple misunderstandings, and their crypto is actually good. If so, this project will take a more theoretical turn. We will try to view the password manager through the lens of E2EE cloud storage, and see if we can capture Bitwarden in the framework of [C:BDGHP24]. This will entail reading the codebase and creating a pseudocode model of the system, which we can cast in the syntax of [C:BDGHP24]. If this works out, this model can form the basis for a proof of security of the Bitwarden password manager. However, it might also turn out that the functionality offered by Bitwarden differs enough from that of cloud storage that the framework is not a good fit. If so, we will look at these distinguishing features and how they can be formalized and potentially incorporated into the cloud storage framework.
[Bit] external page https://bitwarden.com/ [BitSM] external page https://bitwarden.com/products/secrets-manager/ [BitPWL] external page https://bitwarden.com/products/passwordless/ [Pass] external page https://fidoalliance.org/passkeys/ [BitWhite] external page https://bitwarden.com/help/bitwarden-security-white-paper/ [Mega] external page https://mega-awry.io/ "MEGA: Malleable Encryption Goes Awry". Matilda Backendal, Miro Haller, Kenneth G. Paterson. S&P 2023. [C:BDGHP24] "A Formal Treatment of End-to-End Encrypted Cloud Storage". Matilda Backendal, Hannah Davis, Felix Günther, Miro Haller and Kenneth G. Paterson. To appear in CRYPTO 2024.
In 1979, Shamir [Sha79] introduced the concept of “secret sharing”, a method allowing a user to divide data into n pieces and reconstruct it if a threshold of k < n pieces is available. This concept has proved to be greatly useful, finding applications in secret management systems (e.g. HashiCorp’s vault), cryptocurrency wallets (e.g. in the form of threshold cryptosystems) and more. The protocol only involves sampling a random polynomial and evaluating n points on that polynomial, making it a deceptively simple primitive. However, many potential implementation mistakes appear in real-world software products [Tra21] due to mathematical subtleties in the protocol. As more applications incorporate secret sharing, it becomes crucial to examine whether these implementations are secure and understand the impact of any discovered vulnerabilities. The objective of this thesis is to investigate the extent to which these vulnerabilities exist in the wild. This investigation will initially involve a large number of open-source repositories, which will be analysed with a combination of manual analysis, black-box testing, or analysis engines such as CodeQL [Git21]. The investigation can then focus on a few selected products for which these vulnerabilities would have a high impact.
[Git21] Inc. Github. Codeql, 2021 ( external page https://codeql.github.com/ ) [Sha79] Adi Shamir. How to Share a Secret. Commun. ACM, 22(11):612–613, 1979. ( external page https://dl.acm.org/doi/10.1145/359168.359176 ) [Tra21] Trail of Bits. Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs, 2021. ( external page https://blog.trailofbits.com/2021/12/21/disclosing-shamirs-secret-sharing-vulnerabilities-and-announcing-zkdocs/ )
Single Sign On (SSO) allows users to log in into multiple services or software systems using a single authentication provider. A widely known and deployed SSO standard is the relatively modern OpenID [1], but the SSO space contains a wide range of competing implementations, different products, and legacy systems, resulting in high complexity. In this project, we take a look at OpenID itself, but also Kerberos [2] and Kerberos-based systems such as Active Directory [3], OAuth and OpenID Connect [4], and potentially other targets. We formalize the security goals that these schemes try to achieve, and check that they can withstand cryptanalytic scrutiny.
[1] external page https://openid.net/developers/specs/ [2] external page https://web.mit.edu/kerberos/ [3] external page https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview [4] external page https://oauth.net/articles/authentication/
(We recommend students currently doing a project in our group to use this Download LaTeX template for writing their thesis.)
(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Laura Hetz)
Oblivious Message Retrieval (OMR) aims to solve the problem of anonymous message delivery. In this problem, senders write messages to receivers and post them to a public database, called bulletin board. Receivers want to retrieve their pertinent messages privately and efficiently. Metadata and access patterns of these messages thus need to be protected, as these might leak information about client relations. Naively, a receiver could download the entire board to check locally which messages are intended for them. This approach would reveal no information about their pertinent message to the server holding the bulletin board. This level of privacy comes at a significant overhead in communication and computational cost, which is linear in the size of the bulletin board. Protocols based on differential privacy or Private Information Retrieval (PIR) can reduce these costs, but require additional coordination between clients, causing additional overhead [CGBM15, BLMG21]. Protocols for OMR aim to solve this problem by outsourcing the detection of pertinent messages to one or multiple servers. These detection servers should reduce the receivers’ overhead in detecting pertinent messages while staying oblivious to these messages. First works [BLMG21, MSS+22, JLM23] considered only the detection step of this problem and required an additional (private) retrieval step in addition to their proposed solution. Recent work [LT22, WLYL23, JMK24, LSTW24, LTW24b, LTW24a] aims to provide efficient solutions for oblivious detection and retrieval combined, and with different properties such as DoS-resistance and group communication. While recent work has made significant progress, the practicality of OMR schemes is still limited, and privacy guarantees might not be sufficient in practice [SPB22]. This project aims to provide an extensive overview and comparison of the existing literature on OMR in the context of real-world use cases and related notions in cryptography, potentially improving upon the proposed schemes. First, we survey the related work and identify requirements, limitations and properties of existing schemes. These are then evaluated based on the requirements of use cases for OMR, including anonymous messaging [SG24, Tea], analytics, and payment systems [Pen]. The identified open problems and gaps are then addressed to provide a better understanding of the requirements in practice and potentially improve the current state-of-the-art. References: [BLMG21] Gabrielle Beck, Julia Len, Ian Miers, and Matthew Green. Fuzzy message detection. In CCS, pages 1507–1528. ACM, 2021. [CGBM15] Henry Corrigan-Gibbs, Dan Boneh, and David Mazières. Riposte: An Anonymous Messaging System Handling Millions of Users. In 2015 IEEE Symposium on Security and Privacy, pages 321–338. [JLM23] Sashidhar Jakkamsetti, Zeyu Liu, and Varun Madathil. Scalable private signaling. IACR Cryptol. ePrint Arch., page 572, 2023. [JMK24] Yanxue Jia, Varun Madathil, and Aniket Kate. Homerun: High-efficiency oblivious message retrieval, unrestricted. IACR Cryptol. ePrint Arch., page 188, 2024. [LSTW24] Zeyu Liu, Katerina Sotiraki, Eran Tromer, and Yunhao Wang. Dos-resistant oblivious mes- sage retrieval from snake-eye resistant PKE. IACR Cryptol. ePrint Arch., page 510, 2024. [LT22] Zeyu Liu and Eran Tromer. Oblivious message retrieval. In CRYPTO (1), volume 13507 of Lecture Notes in Computer Science, pages 753–783. Springer, 2022. [LTW24a] Zeyu Liu, Eran Tromer, and Yunhao Wang. Group oblivious message retrieval. IEEE S&P, page 534, 2024. [LTW24b] Zeyu Liu, Eran Tromer, and Yunhao Wang. Perfomr: Oblivious message retrieval with reduced communication and computation. In USENIX Security Symposium. USENIX As- sociation, 2024. [MSS+22] Varun Madathil, Alessandra Scafuro, István András Seres, Omer Shlomovits, and Denis Varlakov. Private signaling. In USENIX Security Symposium, pages 3309–3326. USENIX Association, 2022. [Pen] Penumbra. Fuzzy Message Detection - The Penumbra Protocol. external page https://protocol.penumbra.zone/main/crypto/fmd.html . [SG24] Sajin Sasy and Ian Goldberg. Sok: Metadata-protecting communication systems. Proc. Priv. Enhancing Technol., 2024(1):509–524, 2024. [SPB22] István András Seres, Balázs Pejó, and Péter Burcsi. The effect of false positives: Why fuzzy message detection leads to fuzzy privacy guarantees? In Financial Cryptography, volume 13411 of Lecture Notes in Computer Science, pages 123–148. Springer, 2022. [Tea] Open Privacy Cwtch Team. Cwtch: Decentralized, Surveillance Resistant Infrastructure. external page https://cwtch.im/ . [WLYL23] Zhiwei Wang, Feng Liu, Siu-Ming Yiu, and Longwen Lan. Online/offline and history indexing identity-based fuzzy message detection. IEEE Trans. Inf. Forensics Secur., 18:5553– 5566, 2023.
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Matilda Backendal, Matteo Scarlata)
End-to-end encryption (E2EE) is now the norm for Internet browsing (via TLS) and increasingly also for messaging (with apps such as WhatsApp and Signal being end-to-end encrypted by default). Somewhat surprisingly, services that offer outsourced data storage, such as cloud storage and collaborative file editing platforms, still lag behind. One of the explanations might be the complexity that arises due to the persistence of data, which makes it difficult to use ephemeral key material to achieve strong security guarantees such as forward secrecy (FS) and post-compromise security (PCS). Another is the lack of a formal security models for even basic E2E security of outsourced data storage supporting functionality such as file sharing between users. In particular, the number of potential end-points arising from file sharing increases the complexity of E2EE cloud storage compared to single client settings. This complexity also exists in messaging, as showcased by the fact that protocols for secure two-party messaging (such as e.g. the Signal protocol) have been around for quite some time, but a protocol for E2EE group chats was only very recently standardized [rfc9420]. The newly standardized group messaging protocol is called "messaging layer security" (MLS). One of the main motivations for MLS was to make E2E security for messaging in groups of size n more efficient than through the naïve construction of n^2 two-party channels, while still retaining the same high-security guarantees—including forward secrecy and post-compromise security—that we expect from modern secure messaging protocols. In this project, we will explore the possibilities for more advanced security guarantees for file sharing systems in the E2EE setting. In particular, we will aim to tackle the conflict between the required functionality (including persistent data access, and flexible group and access management) and strong security guarantees such as FS and PCS. Our initial attempt at a solution, which we call the "secure shared folder" (SSF) scheme, combines the recent advancements of group messaging from the MLS standard with a form of key ratcheting known as key regression [NDSS:FuKamKoh06]. The aim of this project is to test the practicality of the SSF scheme by implementing a proof of concept file sharing system based on this cryptographic design.
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Matteo Scarlata, Matilda Backendal)
With more and more data stored online or distributed across multiple devices, an increasing number of security-sensitive applications face the challenge of combining availability with user-friendly key management. The traditional solution is passwords, for both authentication and key derivation. Passwords often have low entropy, come from a small and predictable "dictionary'' and may be highly correlated. Consequently, the usage of password-only authentication to web services is being phased out. Instead, users are offered a two step verification process, where they need to provide a second "factor'' in addition to their password, providing a second layer of protection against attacks in the case of weak passwords. This is known as Two-Factor Authentication (2FA), or more generally, Multi-Factor Authentication (MFA). In contrast, passwords are still commonly used as the sole authentication method to derive keys for encryption using Password-Based Key Derivation Functions (PBKDFs). Examples of this include full disk encryption, client-side encryption of backups and cloud storage, password managers and cryptocurrency wallets. In this project, we harden password-based key derivation exploiting the user's possession of multiple devices, in a similar fashion to MFA. We take inspiration from the tradition of "PRF services", such as Pythia (Everspaugh, Chatterjee, Scott, Juels, Ristenpart 2015), but port them to the setting where the PRF service is operated by the users themselves, and can be lost or fall into adversarial hands. We design a cryptographic notion to capture the security of key derivation in this setting. We then aim to show that our system achieves the proposed security notion, while other state-of-the-art systems are actually too weak and fail to deliver on their security claims.
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Shannon Veitch, Dr. Lenka Mareková)
VPNs provide increased privacy to users, and are therefore commonly used to circumvent censorship. In response, certain censoring bodies have begun using more advanced traffic analysis to block VPN access. There are two main strategies for VPN blocking: blocking by address (IP addresses of a VPN service), and blocking by behaviour (identifiable characteristics of the VPN traffic). VPN fingerprinting is the process of identifying a particular VPN protocol based on its protocol features. As is common in the cat-and-mouse game of defences and attacks, circumvention developers have created new protocols intended to protect against such fingerprinting. Several VPN protocols have implemented advanced protocols for the sake of circumventing this style of fingerprinting. This project aims to determine the efficacy of these circumvention techniques, by evaluating two advanced deployments of VPN protocols for censorship circumvention: Outline VPN [Out20,RM23] and LEAP VPN [Lea22]. Both Outline and LEAP offer client and server-side tools to enable individuals as well as organisations to act as service providers. These tools utilise and build on a number of existing technologies, from OpenVPN and Shadowsocks to Tor and Snowflake, which have previously been studied only in isolation [FWW20]. The project involves providing accurate and holistic abstractions of the systems and protocols and then applying a combination of fingerprinting [XKHE23, XRJ22], cryptanalysis, and machine learning techniques to determine if the protocols have identifiable features. We focus on exploring the capabilities of VPN fingerprinting for the sake of developing stronger censorship-resistant protocols in the future. References: [XKHE23] external page https://www.usenix.org/conference/usenixsecurity24/presentation/xue [XRJ22] external page https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen [Lea22] external page https://leap.se/ [Out20] external page https://getoutline.org/ [RM23] external page https://www.technologyreview.com/2023/09/13/1079381/google-jigsaw-outline-vpn-internet-censorship/ [FWW20] external page https://www.ndss-symposium.org/ndss-paper/detecting-probe-resistant-proxies/
(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Kien Tuong Truong) Cloud storage providers such as Dropbox, Google Drive and Microsoft OneDrive allow users to offload their digital storage requirements to a remote server, managed by the provider. This is convenient and can create cost savings for both individuals and organizations. All of these providers consider security against attacks from outsider threats. However, few providers address security when the server itself is compromised, and some of those that do have been shown to have devastating cryptographic vulnerabilities, as evidenced by the attacks on Mega [BHP23] and Nextcloud [CPAB23]. Even if there were existing solutions that provably provided confidentiality and integrity of files, metadata is still often leaked. As an example, some providers leak file names. As another example, the server is always aware of the access patterns of the users. All these leakages can combine to create attacks which can compromise the privacy of users. A significant problem is that, even though a multitude of end-to-end encrypted (E2EE) cloud storage solutions exist on the market, there is a lack of foundational work on the cryptographic design for such systems. In order to guide such work, we look at the current ecosystem of E2EE cloud storage solutions, analyzing their protocols, and discussing their requirements. A new cloud storage solution that promises to protect the security and privacy of users is PrivateStorage [Aut] by Least Authority [lea]. Much like MEGA and Nextcloud, they claim to provide end-to-end encryption. However, they also implement unique features like accountless authorization, which they implement with a bespoke variation of Privacy Pass [Dav18]. This mechanism allows users to access the service without the need for a traditional account, decoupling service usage from identifiable information (e.g. payment information), and thus enhancing user privacy. This should ensure protection against surveillance, invasive data analysis and profiling, even if the adversary is a nation-state actor. PrivateStorage’s model offers a promising solution that could set new standards for the industry. However, new designs and the new cryptographic and privacy related protocols always raise concerns about potential vulnerabilities. This thesis seeks to analyze the protocol in order to find possible issues or, if none are found, to prove (a selection of) the claims given by PrivateStorage. References: [Aut] Least Authority. Privatestorage. external page https://private.storage/ . Accessed on 2024-02-11. [Aut21] Least Authority. Zkaps whitepaper. 2021. [BHP23] Matilda Backendal, Miro Haller, and Kenneth G. Paterson. Mega: Malleable encryption goes awry. In 2023 IEEE Symposium on Security and Privacy (SP), pages 146–163, 2023. [CPAB23] Daniele Coppola, Kenneth G. Paterson, Martin Albrecht, and Matilda Backendal. Breaking cryptography in the wild: Nextcloud. 2023. [Dav18] Alexander Davidson. Privacy pass: Bypassing internet challenges anonymously. Proceedings on Privacy Enhancing Technologies, 2018(3):164–180, 2018. [lea] Least authority, privacy matters. external page https://leastauthority.com/ . Accessed on 2024-02-11
Yuanming Song. Refined Techniques for Compression Side-Channel Attacks [ Download pdf (PDF, 910 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Lenka Mareková.
Jonas Hofmann. Breaking Cryptography in the Wild: Cloud Storage . Supervisor: Prof. Kenny Paterson, Co-supervisor: Kien Tuong Truong.
Noah Schmid. Breaking Cryptography in the Wild: Rocket.Chat. Supervisor: Prof. Kenny Paterson, Co-supervisor: Jan Gilcher.
Aurel Feer. Privacy Preserving String Search using Homomorphic Encryption [ Download pdf (PDF, 1.1 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Zichen Gui.
Léa Micheloud. Securing Cloud Storage with OpenPGP: An Analysis of Proton Drive [ Download pdf (PDF, 2.1 MB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisors: Matilda Backendal, Daniel Huigens (Proton AG, Zurich).
Daniel Pöllmann. Differential Obliviousness and its Limitations . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Tianxin Tang.
Andreas Tsouloupas. Breaking Cryptography in the Wild: Double-Ratchet Mutations [ Download pdf (PDF, 966 KB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Matteo Scarlata, Kien Tuong Truong.
Thore Göbel. Security Analysis of Proton Key Transparency [ Download pdf (PDF, 1 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Daniel Huigens (Proton AG, Zurich), Felix Linker.
Sina Schaeffler. Algorithms for Quaternion Algebras in SQIsign [ Download pdf (PDF, 664 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Luca De Feo (IBM Research, Zurich).
Lucas Dodgson. Post-Quantum building blocks for secure computation - the Legendre OPRF [ Download pdf (PDF, 862 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich).
Mirco Stäuble. Mitigating Impersonation Attacks on Single Sign-On with Secure Hardware [ Download pdf (PDF, 2.1 MB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich).
Younis Khalil. Implementing a Forward-Secure Cloud Storage System [ Download pdf (PDF, 5.6 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Matilda Backendal.
Andrei Herasimau. Formal Verification of the "Crypto Refresh" Update to the OpenPGP Standard [ Download pdf (PDF, 695 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Daniel Huigens (Proton Mail).
Benjamin Fischer. Privacy-Preserving Federated Learning for Cyber Threat Intelligence Sharing [ Download pdf (PDF, 3.3 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Juan R. Troncoso-Pastoriza (Tune Insight SA).
Pascal Schärli. Security Assessment of the Sharekey Collaboration App [ Download pdf (PDF, 2.9 MB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Bernhard Tellenbach (Armasuisse).
Lena Csomor. Bridging the Gap between Privacy Incidents and PETs [ Download pdf (PDF, 1.3 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Anwar Hithnawi, Alexander Viand, Shannon Veitch.
Ran Liao. Linear-Time Zero-Knowledge Arguments in Practice . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Jonathan Bootle (IBM Research, Zurich). Christian Knabenhans. Practical Integrity Protection for Private Computations [ Download pdf (PDF, 873 KB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Anwar Hithnawi, Alexander Viand.
Ella Kummer. Counting filters in adversarial settings [ Download pdf (PDF, 943 KB) ] . Supervisor. Prof. Kenny Paterson, Co-supervisors: Dr. Anupama Unnikrishnan, Mia Filić.
Massimiliano Taverna. Breaking Cryptography in the Wild: Web3 [ Download pdf (PDF, 1.4 MB) ] . Supervisor: Prof. Kenny Paterson.
Giacomo Fenzi. Klondike: Finding Gold in SIKE [ Download pdf (PDF, 7.6 MB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Fernando Virdia.
Kien Tuong Truong. Breaking Cryptography in the Wild: Threema [ Download pdf (PDF, 824 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Matteo Scarlata.
Jonas Meier. Diophantine Satisfiability Arguments for Private Blockchains [ Download pdf (PDF, 2.1 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Patrick Towa.
Marc Ilunga. Analysis of the EDHOC Lightweight Authenticated Key Exchange Protocol [ Download pdf (PDF, 1.2 MB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.
Robertas Maleckas. Cryptography in the Wild: Analyzing Jitsi Meet [ Download pdf (PDF, 996 KB) ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.
Miro Haller. Cloud Storage Systems: From Bad Practice to Practical Attacks [ Download pdf ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Matilda Backendal.
Lorenzo Laneve . Quantum Random Walks [ Download pdf ]. Joint supervisor: Prof. Kenny Paterson.
Florian Moser . Swiss Internet Voting [ Download pdf ]. Supervisor: Prof. Kenny Paterson.
Moritz Winger . Automated Hybrid Parameter Selection & Circuit Analysis for FHE [ Download pdf ]. Joint supervisor: Prof. Kenny Paterson, Co-supervisor: Alexander Viand.
Tijana Klimovic . Modular Design of the Messaging Layer Security (MLS) Protocol [ Download pdf (PDF, 1.3 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Igors Stepanovs.
Radwa Abdelbar . Post-Quantum KEM-based TLS with Pre-Shared Keys [ Download pdf (PDF, 972 KB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Dr. Patrick Towa.
Raphael Eikenberg . Breaking Bridgefy, Again [ Download pdf ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.
Andreas Pfefferle . Security Analysis of the Swiss Post’s E-Voting Implementation . Supervisor: Prof. Kenny Paterson.
Mihael Liskij . Survey of TLS 1.3 0-RTT Usage [ Download pdf (PDF, 803 KB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.
Nicolas Klose . Characterizing Notions for Secure Cryptographic Channels [ Download pdf (PDF, 1.4 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.
Alexandre Poirrier . Continuous Authentication in Secure Messaging [ Download pdf ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Benjamin Dowling, Dr. Felix Günther.
Luca Di Bartolomeo . ArmWrestling: efficient binary rewriting for ARM [ Download pdf (PDF, 661 KB) ]. Joint Supervisor: Prof. Kenny Paterson.
Matteo Scarlata . Post-Compromise Security and TLS 1.3 Session Resumption [ Download pdf (PDF, 1.5 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Benjamin Dowling.
Anselme Goetschmann . Design and Analysis of Graph Encryption Schemes [ Download pdf (PDF, 2.9 MB) ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Sikhar Patranabis.
Lara Bruseghini . Analysis of the OpenPGP Specifications and Usage . Joint Supervisor: Prof. Kenny Paterson.
Semira Einsele . Average Case Error Estimates of the Strong Lucas Probable Prime Test [ Download pdf (PDF, 893 KB) ]. Joint Supervisor: Prof. Kenny Paterson.
Jan Gilcher . Constant-Time Implementation of NTS-KEM [ Download pdf (PDF, 3.2 MB) ]. Supervisor: Prof. Kenny Paterson.
Is it made out of tin foil .
Open positions in cryptology.
Submit a job IACR provides a listing of open positions with a focus on cryptology. To advertise a job opportunity, please use the button to the right.
Submissions should include the organization, title, description, a URL for further information, contact information, and a closing date (which may be "continuous"). The job will be posted for six months or until the closing date. Submissions in other formats than text will not be posted. There can be no attachments.
This is intended to be a free service from an IACR member to the IACR membership. The content of the job posting is the responsibility of the person requesting the posting and not the IACR. Commercial enterprises who want to advertise their openings should identify at least one of their employees who is a member of IACR.
Tallinn university of technology.
Project Description
University of york, uk, lecturer/senior lecturer, monash university, faculty of information technology; clayton campus, tenure track faculty, rochester institute of technology, department of cybersecurity, rochester, new york, usa.
The Department of Cybersecurity in the Golisano College of Computing and Information Sciences at RIT invites applications for a full-time tenure-track assistant professor position in the field of cybersecurity, beginning August 2025, with special interest in candidates whose research intersects with artificial intelligence, or which makes use of AI techniques .
Read more about the Department of Cybersecurity and the ESL Global Cybersecurity Institute at RIT here: https://csec.rit.edu/ and https://www.rit.edu/cybersecurity/
Please find more details regarding the position by following the Apply link below.
Apply: Use Keyword Search 9160BR here: https://careers.rit.edu/faculty
Priority Deadline: Dec. 4
University of yaoundé 1, department of mathematics; yaoundé, cameroon, ms and phd positions in applied cryptography and ml/ai security, national sun yat-sen university, department of computer science and engineering; kaohsiung, taiwan, phd in post-quantum cryptography, university of surrey, uk.
A position for a PhD student is available for the Cryptography and Cyber Security Research Group in the Computer Science Research Centre at University of Surrey, UK. The research topic of the PhD program is Post-Quantum Cryptography.
The successful candidate will primarily be working on the following topics (but not limited to): classical and quantum cryptanalysis, cryptographic constructions based on lattice and other hard problems, and efficient algorithms for both attacks and secure implementations. The exact topics could be tailored to the candidate’s background and interests.
This position is based at the internationally renowned Surrey Cyber Security Centre, which regularly publishes in top security venues, and consists of an international, diverse, and inclusive team with expertise in various aspects of security, privacy, and their applications.
Hong kong university of science and technology.
HKUST offers guaranteed funding for the PhD duration with competitive stipends. Our CSE department consistently ranks very high in global Computer Science and Engineering rankings. Our graduates typically produce research output of the highest quality and consistently staff world-class institutions. The lab offers a creative work environment that is ideal for excellent research.
The university of sheffield, assistant professor (tenure-track) and professor (tenured) positions in computer science, the institute of science and technology austria (ista).
The Institute of Science and Technology Austria (ISTA) invites for faculty applications in all areas of computer science including security, cryptography and privacy, candidates working in systems and more applied topics are especially encouraged to apply.
Interdisciplinary applications bridging between areas are particularly encouraged to apply.
Assistant professors start with independent group leader positions for six years, progressing to tenured positions after a positive evaluation by international peers.
Tenured positions welcome distinguished scientists with proven leadership in research.
At ISTA, we promote a diverse and inclusive working environment and are committed to the principle of equal employment opportunities for all applicants, free of discrimination. We strongly encourage individuals from underrepresented groups to apply.
ISTA is an interdisciplinary research institution that combines basic science research with graduate education in theoretical and experimental research in Mathematical and Physical Sciences, Life Sciences, and Information and System Sciences.
• Impactful research in a vibrant, international, and interdisciplinary research environment.
• Advanced facilities and comprehensive scientific support.
• Attractive salaries and generous resources.
• Guaranteed annual funding, including support for PhD students and postdocs.
• Graduate school with highly selective admissions.
• Professional development opportunities and employee support services.
• On-campus childcare facilities.
• Inclusive working environment.
Tsinghua university, china and nanyang technological university, singapore.
Nanyang technological university, singapore, assistant professor in digital security: hardware for cryptography, radboud university, assistant professor (lecturer) in cyber security, lancaster university leipzig.
Lancaster University invites applications for one post of Assistant Professor (Lecturer) in Computer Science to join at its exciting new campus in Leipzig, Germany. Located in one of Germany’s most vibrant, livable, and attractive cities, the Leipzig campus offers the same high academic quality and fully rounded student experience as in the UK, with a strong strategic vision of excellence in teaching, research, and engagement.
The position is to support the upcoming MSc programme in Cyber Security, and to complement the department’s current research strengths. You are expected to have solid research foundations and a strong commitment in teaching Cyber Security topics such as Cybercrime, Information System Risk Management, or Information System Security Management.
You should have a completed PhD degree and demonstrated capabilities in teaching, research, and engagement in the areas of Cyber Security. You should be able to deliver excellent teaching at graduate and undergraduate level, pursue your own independent research, and develop publications in high quality academic journals or conferences. You are expected to have a suitable research track record of targeting high quality journals or a record of equivalent high-quality research outputs.
Colleagues joining LU Leipzig’s computer science department will benefit from a very active research team, but will also have access to the research environment at the School of Computing and Communications in the UK. We offer a collegial and multidisciplinary environment with enormous potential for collaboration and work on challenging real-world problems especially.
German language skills are not a prerequisite for the role, though we are seeking applicants with an interest in making a long-term commitment to Lancaster University in Leipzig.
Eindhoven university of technology, coding & crypto group, the netherlands, tenure track professor of security & privacy (m/f/d), graz university of technology, austria.
University of luxembourg, faculty positions at qusoft, qusoft amsterdam, post-doc position, design and deployment of quantum-secure protocols, sorbonne university.
The post-doc will conduct research at the intersection of theoretical cryptography and practical experiments on a quantum optical testbed to demonstrate a practical quantum advantage in terms of security and/or efficiency for advanced quantum cryptographic protocols.
The post-doc will be jointly supervised by Alex B. Grilo (CNRS, Sorbonne University), Eleni Diamanti (CNRS, Sorbonne University), and Ludovic Perret (EPITA & Sorbonne University). The ideal candidate will hold a PhD in quantum cryptography or cryptography with a strong motivation to work at the intersection of these two domains. Programming skills are a plus.
The position is for 12 months, renewable for up to 24 months, with a flexible start date. It is offered in the framework of the QSNP project, a European Quantum Flagship project aiming to develop quantum cryptography technology.
The PolSys team has strong expertise in post-quantum-cryptography whilst the QI team is an interdisciplinary research group covering computer science, theoretical physics and experimental quantum optics. We are based in LIP6, Sorbonne Université, in central Paris, and are founding members of interdisciplinary centers the Quantum Information Centre Sorbonne and the Paris Centre for Quantum Technologies. We strive to promote equality, diversity, inclusion and tolerance.
Applicants should send their CV, and a cover letter and arrange for at least two references to be sent to the contact person given below. The deadline for applications is 30/09/2024.
Input-output global.
As a Cryptographic Engineer in Applied Cryptography, you will play a vital role in developing and implementing cryptographic solutions. You'll work alongside a team of talented individuals, contributing to various projects ranging from prototyping new cryptographic products to optimizing existing ones. You will collaborate closely with software architects, product managers, and other team members to successfully deliver high-quality cryptographic solutions that meet market demands.
You will need to have a strong foundation in engineering principles and a keen interest in cryptography. This role offers an exciting opportunity to work on cutting-edge technologies while continuously learning and growing in applied cryptography.
As a Cryptographic Engineer, you'll play a pivotal role in implementing Zero-Knowledge (ZK) circuits tailored for integration within the Midnight chain. Your focus will involve leveraging recursive proof technologies, particularly those based on Halo2, to create proofs regarding the Midnight state. These proofs are designed to interface with other ecosystems, such as Cardano, providing a secure and efficient means to interact and exchange information across platforms. Your duties will include:
Nxp semiconductors austria gmbh & co kg, phd scholarship in computer security and data privacy, rovira i virgili university, tarragona, spain.
University of south florida, the department of computer science and engineering, tampa, fl, usa..
System developer, cima.science, researchers in cryptography (post- or pre-doc), universität der bundeswehr munich, germany.
Darmstadt university of applied sciences.
The research group Applied Cyber Security Darmstadt (ACSD) at Darmstadt University of Applied Sciences (h_da) is currently seeking Ph.D. students for various exciting research opportunities. We are looking for motivated individuals interested in Automotive Security, Smart Energy Network Security, Offensive Security, Post-Quantum Cryptography (PQC), and Cryptographic Protocol Design. Our group is engaged in several ongoing and upcoming projects funded by prominent agencies such as the DFG (German Research Foundation), BMBF (Federal Ministry of Education and Research), and the state of Hesse. Among the positions are two PhD positions for a BMBF-funded project commencing in September, focused on cryptoagility and the integration of PQC in modern vehicles. This project addresses critical challenges in future-proofing automotive security against emerging quantum threats. If you are passionate about cutting-edge cyber security research and wish to contribute to the advancement of secure automotive technologies, we encourage you to apply.
Two ph.d. student positions, univeristiy of sydney, school of computer science, sydney, australia.
The University of Sydney is one of the world's leading universities, known for its outstanding research and teaching excellence ( ranked 18 in the world - QS rankings 2025 ). Our vibrant campus is located in the heart of Sydney (one of the top livable cities of the world), offering an exceptional environment for both academic and personal growth and the perfect work-life balance. The School of Computer Science is among the top ranked in the world ( ranked 22 in the world for CS - US news and world report 2024-25 ) constantly expanding year-on-year with strong faculty and students.
We’re creating a general-purpose private smart contract layer for Ethereum, affectionately dubbed ‘Aztec 3’.
We utilise bleeding-edge cryptography in our tech stack to realise private transactions on a public blockchain network, particularly in the realm of zero-knowledge cryptography.
As a result we possess a world-class R&D team that has co-authored the Plonk, Plookup and Zeromorph protocols. Plonk in particular is rapidly becoming an industry standard ZK-SNARK technology.
We are looking for experienced cryptographers to expand our R&D team and allow us to further enhance the state-of-the-art when it comes to generating proofs of private computation.
=nilfoundation, phd position in cybersecurity, university of south-eastern norway; kongsberg, norway.
We are seeking a highly motivated candidate for a PhD in Cybersecurity at the University of South-Eastern Norway (USN). The research focuses on enhancing the security and privacy of healthcare systems through the development of innovative, scalable solutions. The candidate will work on developing decentralized, secure, and privacy-preserving methods for health data sharing, protecting sensitive healthcare information from emerging cyber threats, and ensuring secure data sharing while safeguarding patient privacy.
Starting date: January 1, 2025 (or as earlier as possible)
Application deadline: October 7, 2024.
How to Apply: For more information and to apply, please visit the official job posting at: https://www.jobbnorge.no/en/available-jobs/job/266271/phd-research-fellow-in-cybersecurity.
Phd studentship in privacy-enhancing technologies (cryptography and federated learning), newcastle university.
The primary research theme for the call is in the foundations and cryptanalysis of post-quantum cryptosystems. The exact projects could be tailored to match the candidate's background and interests.
University at albany, suny, department of electrical and computer engineering; albany, new york, postdoctoral researcher, sapienza university of rome, italy, multiple academic teaching positions, xiamen university malaysia, sepang, malaysia.
Xiamen University Malaysia is now seeking highly motivated, committed and qualified individuals for academic teaching positions in computer science and cyber security.
Candidates in computer science and cyber security are welcome to apply. The ideal candidate is expected to be able to support general computing subjects, as well as cyber security specialization subjects. Applicants must possess a PhD degree in a related discipline.
HOW TO APPLY Applicants are invited to submit a digital application packet to: [email protected] and [email protected]
University of new brunswick, computer science; fredericton, canada, applied cyptographer, fully-funded phd position in lattice-based privacy enhancing technologies, monash university; melbourne, australia.
Requirements. A strong mathematical and cryptography background is required. Some knowledge/experience in coding (for example, Python, C/C++, SageMath) is a plus. Candidates must have completed (or be about to complete within the next 8 months) a significant research component either as part of their undergraduate (honours) degree or masters degree. They should have excellent English verbal and written communication skills.
How to apply. please first refer to mfesgin.github.io/supervision/ for more information. Then, please fill out the following form (also clickable from the advertisement title): https://docs.google.com/forms/d/e/1FAIpQLScOvp0w397TQMTjTa6T7TKqri703Z-c3en0aS654w6nl4_EFg/viewform
Nokia bell labs; antwerp, belgium.
Monash university, melbourne, australia.
At the Department of Software Systems and Cybersecurity (SSC) at Monash, we have several openings for PhD positions. The topics of interest are post-quantum cryptography (based on lattices and/or hash), their applications, and their secure and efficient software and hardware implementations.
The positions will be filled as soon as suitable candidates are found.
IMAGES
VIDEO
COMMENTS
A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES ... in cryptography. Such a scheme allows one to compute arbitrary functions over encrypted ... a Stanford Graduate Fellowship and an IBM PhD fellowship. v. Contents Abstract iv Acknowledgments v
1.1The beginnings of cryptography Cryptography is the science, at the crossroads of mathematics, physics, and computer science, that tends to design protocols to prevent malicious third-party from reading private messages. Even if the development of computers during the 20th century made the research in cryptography explode,
A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS ... Pairing-based cryptography has become a highly active research area. We define bilinear maps, or pairings, and show how they give rise to cryptosystems with new functionality
On the Theory and Design of Post-Quantum Authenticated Key-Exchange, Encryption and Signatures. Author: Delpech De Saint Guilhem, C. P. R., 21 Mar 2021. Supervisor: Smart, N. P. (Supervisor) & Warinschi, B. (Supervisor) Student thesis: Doctoral Thesis › Doctor of Philosophy (PhD) File.
cryptography was thus concerned with message confidentiality and integrity. Modern cryptography cover a much wider range of subjects including the area of secure multiparty computation, which will be the main topic of this dissertation. Our first contribution is a new protocol for secure comparison, presented in Chapter 2.
Wang, Wen, "Hardware Architectures for Post-Quantum Cryptography" (2021). Yale Graduate School of Arts and Sciences Dissertations. 242. The rapid development of quantum computers poses severe threats to many commonly-used cryptographic algorithms that are embedded in different hardware devices to ensure the security and privacy of data and ...
Attacking post-quantum cryptography. [Phd Thesis 1 (Research TU/e / Graduation TU/e), Mathematics and Computer Science]. Technische Universiteit Eindhoven. Document status and date: Published: 17/12/2019 ... This thesis, that is the final product of the four years of my PhD life, would not have been possible without the guidance, support and ...
In this chapter, we introduce some fundamental principles of quantum cryptography that provide a general background for my Ph. D. research. The content of this chapter is largely based on [1], which I co-authored. 1.1 Quantum Cryptography: Motivation In this section, we give a brief overview of quantum cryptography. 1.1.1 Cryptography
thesis, are brought together to realize four high-speed implementations on x86-64 processors at the 128-bit security level. Presented ... cryptography and its efficient implementation, and our joint effort to develop the pairing implementation presented in Chapter 6. My thanks go to Tom St Denis, Diego F. Aranha and Dr. Colin Walter for ...
My dissertation, "On the Implementation of Pairing-Based Cryptography" is available here in PostScript and PDF formats: My thesis contains an overview of elliptic curves, pairings, and the algorithms used to implement them, many of which are used by the PBC library. Unfortunately, due to time pressure it is not as comprehensive as I'd like ...
This thesis would not have been possible without a large, but finite set of people, whom I would like to thank here. It is possible however that the trials and labor of a PhD have affected my memory. If I forgot anyone, complaints can be submitted in three-fold to the complaints office on floor 2 of the Metaforum building.
1 - Cryptography: samples of publications PHD THESES W. Beullens, The Design and Cryptanalysis of Post-Quantum Digital Signature Algorithms , PhD thesis, KU Leuven, 2021 C. Bootland, Efficiency and security aspects of lattice-based cryptography , PhD thesis, KU Leuven, 2021 C. Li, New Methods for Symmetric Cryptography , PhD thesis, KU Leuven, 2020 R. Zhang, Analyzing and Improving Proof-of ...
Page view (s) 50 607 Updated on Apr 26, 2024 Download (s) 20 315 Updated on Apr 26, 2024
Our goal in this thesis is to present constructions of practical and efficient cryptographic protocols whose security is based on worst-case hardness of lattice problems.
Search problems in cryptography: from fingerprinting to lattice sieving Citation for published version (APA): Laarhoven, T. (2016). Search problems in cryptography: from fingerprinting to lattice sieving. [Phd Thesis 1 (Research TU/e / Graduation TU/e), Mathematics and Computer Science]. Technische Universiteit Eindhoven. Document status and date:
The Ph.D. thesis ofKearns [21] is one of the first major works toexplore the rela-tionship between cryptography and machine learning, andisalso an excellent introduction to many ofthe key concepts and results.
PhD Thesis, ETH Zurich, 1998, Reprint as vol. 2 of ETH Series in Information Security and Cryptography, ISBN 3-89649-286-1, Hartung-Gorre Verlag, Konstanz, 1998.
The PhD thesis is a complete write-up of my fully homomorphic encryption system. A preliminary version of these results appeared at STOC 2009: Craig Gentry, Fully homomorphic encryption using ideal lattices, Symposium on the Theory of Computing (STOC), 2009, pp. 169-178.
A STUDY OF LIGHTWEIGHT CRYPTOGRAPHY A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF APPLIED MATHEMATICS OF MIDDLE EAST TECHNICAL UNIVERSITY BY ZEL˙IHA ÇAMUR IN PARTIAL ...
We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure ...
This thesis studies the topic of white-box cryptography (WBC), which focusses on software implementations of cryptographic primitives (such as encryption schemes). Traditionally, cryptographic primitives are designed to protect data and keys against black-box attacks. In such a context, an adversary has knowl-
Available Projects Students interested in a thesis with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography, to the contact noted under Student Projects.
University of Surrey, UK A position for a PhD student is available for the Cryptography and Cyber Security Research Group in the Computer Science Research Centre at University of Surrey, UK. The research topic of the PhD program is Post-Quantum Cryptography.