Cryptography is essential to electronic financial transactions and private communication so it is imperative that our cryptographic systems be truly secure against a variety of attacks. Below are two ongoing projects to (dis)prove the security cryptographic systems.
The first project deals with side channel attacks on cryptosystems. Small computing devices, such as smart cards, leak information through voltage fluctuations, radiation and other channels other than the standard input and output channels. It turns out that in some cases this side channel information reveals keys and other types of information stored on the smart card. The group is currently looking at different attacks and measures to protect against them.
The second project deals with cryptographic protocol security. When you buy something over the internet or log onto a remote site, you use various protocols where encrypted and secured information is sent over an open channel. Are these protocols secure? We are looking at different models of security and investigating new ways to automate the process of proving a protocol secure.
Yet another set of challenges are posed by quantum information technologies: how can we ensure that classical cryptographic protocols are secure against quantum adversaries, and how can we make use of quantum information to achieve unconditional security? We have developed methods for generating and distributing random numbers securely against all-powerful quantum adversaries, and are exploring many frontiers in quantum cryptography and post-quantum classical cryptography.
CSE FacultyCompton, Kevin J.