Description of research


Cryptology includes both cryptography and cryptanalysis. Cryptographic functions and protocols comprise the most important set of mechanisms for achieving security in information and communication technology. A few of many information security goals are privacy, confidentiality, authenticity, integrity, anonymity, non-­‐repudiation, certification, verifiability. The theoretical foundations for modern cryptology are information theory, computational complexity, algebra and number theory. One grand challenge of this field is the fundamental but unproven assumption of computational one-­‐way functions. For instance, computational hardness of the discrete log problem of various groups is still unclear. Another grand challenge is the necessary and sufficient composition of cryptographic protocols that must be integrated to achieve secure communications. The researchers will cover several technical approaches to the field, including design and verification of cryptographic protocols, and integrating these into network protocols. Technology for implementing cryptographic hardware and software. Construction and analysis of cryptographic functions, algebra and number theory, formal proof techniques.


The important ICT standardization bodies ETSI, IEEE, and NIST are showing a vibrant interest for developing cryptographic standards, including primitives resistant to future quantum computing.

Cloud security

Migration of IT services into distributed, remote, and often outsourced environments has had a profound effect on storage and processing of information for individuals, governments and industry. The consequent new security challenges have led to numerous cryptographic developments, most famously as a motivation for fully homomorphic encryption. There remain many research challenges, particularly suitable key management processes and efficient mechanisms for multi-­‐party computation.


While huge progress has been made in developing models and analysis techniques for authentication protocols, real world protocols continue to exhibit vulnerabilities. Indeed many real world protocols, including prominent internet protocols such as SSL/TLS, cannot be proven secure in the common models. In the last few years new approaches to analysis of authentication protocols have been developed and applied to internet protocols. We are interested in pushing these developments further by capturing more precisely the real world protocols in use and, more generally, understanding what are the most appropriate security properties to model.