Cryptography, theory

Blockciphers are the basic building block of shared-key cryptography. However, for certain important cryptographic goals, like building encryption schemes, the interface presented by blockciphers is limiting. A more modern primitive, the tweakable blockcipher (TBC), is often a better fit. Like a blockcipher, a TBC takes as input a secret key, a block of data and the tweak which is an additional input which provides variability to the TBC's input-output behavior without having to change the secret key.

Cryptography is a fundamental part of cybersecurity, both in designing secure applications as well as understanding how truly secure they really are. Traditionally, the mathematical underpinnings of cryptosystems were based on difficult problems involving whole numbers (most famously, the apparent difficulty of factoring a product of two unknown primes back into those prime factors). More recently, several completely new types of cryptography have been proposed using the mathematical properties of lattices.

Individuals and organizations routinely trust third party providers to hold sensitive data, putting it at risk of exposure. While the data could be encrypted under a key that is kept secret from the provider, it rarely is, due to the inconvenience and increased cost of managing the cryptography. This project will develop technologies for working with encrypted data efficiently and conveniently. In particular, it will enable searching on encrypted data, which is prevented by currently deployed encryption, and running arbitrary programs efficiently on encrypted data.

Most cryptographic applications crucially rely on secret keys that are chosen randomly and are unknown to an attacker. Unfortunately, the process of deriving secret keys in practice is often difficult, error-prone and riddled with security vulnerabilities. Badly generated keys offer a prevalent source of attacks that render complex cryptographic applications completely insecure, despite their sophisticated design and rigorous mathematical analysis.

Cryptography is an essential and widespread tool for providing information security. Traditional cryptographic models assume only black-box, or input/output access to devices, thereby limiting the class of attacks. In practice, an attacker may obtain non-black-box access to a device and attack a particular algorithm or specific implementation such as through timing or fault injection attacks. Exploiting non-black-box access has been a remarkably effective technique for compromising cryptosystems.