PhD Studentship: Security Proofs of Practical Cryptosystems

October 11, 2024

University of Birmingham

The security of a modern cryptographic construction is proved via a reduction from the hardness of solving some well-studied mathematical problems. There is, however, a substantial gap between security proved in theory and security achieved in practice.

In general theoretical analysis, the integrity of algorithms and the secrecy of the keys are always assumed to hold. In fact, guarantees of semantic security of many popular and widely deployed cryptosystems may break down if the adversary sees encryptions of the secret key.

In practice, on the other hand, the algorithms may be tampered with to modify a few bits of the keys, commonly known as the related-key attacks, or to leak encryptions of (some function of) the secret key, commonly known as the key-dependent message attacks. The adversary may even tamper with the algorithms in such a way that a small fraction of outputs is subverted, a generalisation of the kleptographic attacks. A line of work has considered the security of cryptosystems in the presence of such key-dependent messages or subverted algorithms. However, practical and deployable cryptographic solutions against such active attacks are still missing for many fundamental problems.

The objective of the project is to analyse the security of deployed cryptosystems along with designing new ones that can withstand key-correlated attacks and general kleptographic attacks. In particular, we wish to address the following.

  • Efficient and secure authentication mechanisms against key-correlated and misuse-resistant attacks. The project will analyse deployed and standardised MAC (message authentication code) algorithms and authenticated encryptions in the light of simultaneous related-key and key-dependent message attacks.
  • Design principles of key encapsulation mechanisms resisting kleptographic attack. Recent kleptographic attacks against the key encapsulation mechanisms have shown a significant vulnerability of the hybrid encryption protocols. We shall explore whether the widely deployed Fujisaki-Okamoto transformation could be salvaged to achieve security against such kleptographic attacks.
  • Secure modes of operation of hash functions and block ciphers resisting kleptographic attack. Security of modes of operations of hash functions and block ciphers often require the underlying primitive to behave like a random function or a random permutation. We shall analyse the security of these modes when the underlying primitives are modified via a kleptographic attack.

    • Eligibility: First or Upper Second Class Honours undergraduate degree and/or postgraduate degree with Distinction (or an international equivalent). We also consider applicants from diverse backgrounds that have provided them with equally rich relevant experience and knowledge. Full-time and part-time study modes are available.

    The candidate is expected to have a postgraduate degree or equivalent, and strong background in Theoretical Computer Science and Mathematics. Experience in Cryptography is beneficial.

    The position offered is for three and a half years full-time study. The current (2022-23) value of the award is stipend; £17,668 pa; tuition fee: £4,596 pa. Awards are usually incremented on 1 October each following year.

    View or Apply
    To help us track our recruitment effort, please indicate in your cover/motivation letter where (jobs-near-me.eu) you saw this job posting.</strong

    Share this post:   Facebook Whatsapp Telegram Twitter Email