Center for Cryptography and Cybersecurity
Indian Institute of Technology Hyderabad
Indian Institute of Technology Hyderabad
The main areas of focus of research of the center are in the fields of
The advent of IoT and V2X infrastructure means that a lot of private and sensitive data have been collected with and without user consent. To avail a service over the internet, the user needs to prove she is a valid user by authenticating herself, which may not be anonymous because of the overhead involved. ... Increasingly, more users are demanding anonymity and privacy from service providers and governments such as the European Union are bringing in new privacy and security regulations. We aim to look at various anonymous authentication protocols and their underlying primitives such as blind signatures, zero-knowledge proofs, and anonymous credentials in both the pairings-based (classical) and lattice-based (post-quantum) settings. We will specifically study the challenges in making pairings-based schemes practical for resource-constrained devices and how to improve and deploy the new lattice-based zero-knowledge proofs and anonymous credentials.
Symmetric key cryptography is one of the most widely used and efficient cryptographic systems in real-world and strategic applications. We look at block ciphers and MACs in detail and study how to improve their security. We also study the different attacks on them. ... An interesting direction that the center will focus on is the impact of machine learning models and high-performance computing tools in security, particularly their impact on symmetric key cryptographic primitives.
PQC is the area of public key cryptography that looks at how to build secure cryptographic primitives for a world where large-scale quantum computers are a reality. The current cryptographic primitives rely on the hardness of the integer factorization problem, ... the discrete logarithm problem, or the elliptic-curve discrete logarithm problem, all of which can be solved efficiently by a sufficiently powerful quantum computer. The center will focus primarily on lattice-based cryptography, one of the most promising primitives in post-quantum cryptography. Apart from the conjectured security against quantum computer attacks, lattice-based cryptography comes with strong worst-case/average-case security guarantees and is computationally lightweight. It has also allowed for the only possible constructions of fully homomorphic encryption, which is now a very important line of research because of its several applications including learning from encrypted data. The goals of the center are to focus on building privacy-preserving mechanisms such as efficient zero-knowledge proofs, anonymous credentials, etc using lattices and also on how to optimize computer systems/hardware for fully homomorphic encryption.
Zero-knowledge proofs allow users to have privacy even while working on blockchains, which are public ledgers. ZKPs protect user data while still allowing the user to prove properties of her attributes and support complex computation including secure multi-party computations. ... We will look at two types of zero-knowledge-based blockchain technologies: elliptic curve–based zkSNARKs, which are not quantum-resistant and hash-based zkSNARKs, which are post-quantum secure. The focus will primarily be on how to leverage blockchain technology to strengthen anonymity guarantees for various primitives, such as blind signatures, threshold signatures, anonymous credentials, etc.
Mobile Network is the primary mode of getting people connected to the Internet, including all end user applications including banking, trading, online purchase, personal communication. This increase in use of mobile network for personal applications leads to more attempts to attack the security of the mobile network. From the 4G network (LTE), the network is moved to all the IP network. ... In the era of 5G, the mobile network is designed with disaggregation from radio network to the mobile core network and deployed in the cloud infrastructure for getting more flexible deployment in order to reduce the CAPEX and OPEX to the mobile network operator. This makes the mobile network more vulnerable to security attacks and this needs to be addressed as more and more new vulnerabilities are being reported. It is critical that we keep understanding the security vulnerabilities in the mobile network with the incorporation of new technologies such as network slicing, edge computing, and open radio access networks. These new technologies add additional attack surface that needs to be addressed in the design, development, and deployment phases.