iCORE Information Security Laboratory
The main operation in Hyperelliptic Curve Cryptography is scalar multiplication, (i.e.; [k]D = D + D + D + ... + D, k times where D is a divisor). We are looking at ways to improve on the computational complexity of this operation through:
1. Improvements to scalar multiplication algorithms, for example using multi-base representations (which means representing a number with powers of 2, 3 and/or 5, rather than just powers of 2.)
2. In order to make use of multi-base representation algorithms, we are creating more efficient arithmetic operations for addition (D + D'), doubling (2D), tripling (3D), and quintupling (5D).
In this project, we are building a cloud platform in order to provide cloud services in the following aspects:
1. Researchers test their theoretic work
2. Instructors run a lab for students to gain hand-on experience
3. Other customers
Ahmad Ahmadi Fatlaki
Raushan Ara Dilruba
In this project, we use human game-play in video games for two security purposes:
1. Randomness extraction
2. User authentication
In both cases, the user plays video games that are designed for each purpose and the claims are supported by theoretical analysis and empirical studies.
Gameplay for authentication is an example of activity-based behavioural authentication system.
Md Morshedul Islam
In this project, we define a new tampering model, which is motivated by physical layer adversary, and design non-malleable codes.
Non-malleable code is a very new member of the coding family that generalizes almost all previous codes and has interesting applications, for example, in tamper resilient cryptography and the application in communication setting that we proposed to study.
In in-region location verification, verifiers accept a prover’s location claim if the prover is located inside a region, such as a room, stadium, airport, or any physical area. We propose a location verification protocol that meets the criteria of optimal trade-off between security and completeness. To do that we provide an optimal algorithm that covers a region with minimum error. We then introduce the concept of Privacy Region, and show how it can be effectively used to reduce location leakage. Using these components we propose a privacy preserving secure location verification scheme. An important advantage of the proposed system is the small number of verifiers, and also the significant improvement of coverage accuracy compared to existing works.
We propose a post-quantum secure and reliable solution to securing the OpenFlow channel between SDN controller and the OpenFlow switch, using Shamir Secret Sharing. Our solution delivers (i) Post-Quantum security, (ii) Reliable Message Delivery, and has (iii) Low communication delay, under defined system and adversarial model.
Raushan Ara Dilruba
Consider two parties, each with their private inputs x and y. The parties want to compute a joint function of their inputs f(x,y) with the requirement that nothing is leaked about the inputs other than the output of the computation, without relying on a trusted third party. This project consider a malicious adversary (an adversary that may behave arbitrarily) with a polynomially bounded computational power.
This project investigates three different scenarios and proposes efficient solutions for each scenario
1- Minimizing the number of messages sent and received by the two parties to a single round of interaction
2- Providing efficient protocol for programs in RAM model
3- Improving efficiency of the protocols by breaking the function under computation into smaller sub-functions and combining the result of each sub-function in a secure way
In this project, I apply blockchain technology to construct an Internet of Thing where the safety and tracability are guaranteed by distributed, append-only, public ledger. A membership service is added to implement identity management and access control.
This topic focuses on features of post-quantum signature schemes. One of the important elements in these schemes is the utilized one-way function. The current project is an attempt to apply a specific one-way function and analyse the result in comparison with former schemes. The goal is providing better security while reducing the signature and key sizes.
We consider the sender and receiver are connected by an adversary partially controlled channel, which we define as adversarial wiretap channel. The adversary can eavesdrop the communication between sender and receiver, and disrupt the communication signal from sender to receiver as well. The goal of this project is to achieve secure and reliable communication and against the adversarial malicious attack. We use the recent results from the area of coding theory and information theoretic security to build secure transmission protocols to achieve secure transmission over adversarial wiretap channel.