Scientific Foundations

Side-channel attack (SCA) has shown to be a serious implementation attack to many cryptosystems. Practical countermeasures only mitigate the vulnerability to some extent. Considerable research efforts on leakage-resilient cryptography have so far not led to practical leakage-resilient implementations. One hindering reason is the lack of commonly accepted and sound metrics, standards, and evaluation procedures to measure and evaluate the vulnerability/resilience of cryptosystems to various side-channel attacks.

The Internet has become one of the most effective and common means of conveying expression that is likely to be controversial or suppressed. This freedom of expression is threatened by the now widespread practice of Internet censorship by both private and state interests.

Many challenging real world problems, e.g., voting and blind auction, require computation over sensitive data supplied by multiple mutually-distrustful entities. Elegant cryptographic theories have been developed to solve these problems without relying on a mutually-trusted third party. Practitioners also built prototypes capable of securely computing set intersection, AES encryption, Hamming distance, etc. However, many other applications, such as data mining and running universal machines, are far more complex than what can be supported by the state-of-the-art techniques.

This project develops a comprehensive proof construction and verification framework for a well-defined class of cryptographic protocols: attribute-based cryptosystems. In particular, existing automated proof construction and verification frameworks, such as EasyCrypt and CryptoVerif, are extended to provide support for attribute-based cryptography. The extensions consist of libraries of simple transformations, algebraic manipulations, commonly used abstractions and constructs, and proof strategies, which will help in generation and verification of proofs in attribute-based cryptography.

Increasingly medical devices are dependent on software and the wireless channel for their operations, which also pose new vulnerabilities to their safe, dependable, and trustworthy operations. Medical devices such as implantable insulin pumps, which are in wide use today, continuously monitor and manage a patient's diabetes without the need for frequent daily patient interventions. These devices, not originally designed against cyber security threats, must now mitigate these threats.