Research
Post Quantum Cryptography
Recent times have seen significant advances in the design and construction of quantum computers – computers which harness quantum mechanical phenomena to solve mathematical problems that are difficult for conventional classical computers. If a cyber-attacker has access to a quantum computer, are known cryptosystems safe? Most current day cryptography succumbs to quantum attacks, rendering all digital information insecure. Post-quantum cryptography aims to redesign cryptography so that it is resilient to quantum attacks. Our research focuses on one of the most promising approaches for post quantum cryptography, namely, lattice based cryptography. Lattice based cryptography relies on the hardness of solving certain mathematical problems in high dimensional lattices, and these problems are not known to offer any speedups by quantum computers. Besides, lattice based cryptography offers a flexibility and expressiveness that enables multiple promising new cryptographic constructions.
Blockchains and Fault Tolerance
Blockchain is a distributed public ledger technology which is the basis of many crypto-currencies including bitcoin. At a high level, a blockchain is a dynamically growing, ordered set of records containing user transactions or other data, which are secured using cryptography. The decentralized nature of blockchains enables users to invest in the security and integrity of their data directly, while usage of cryptography prevents malicious users from modifying records to their advantage. Underpinned by a peer to peer network, blockchains enable users to transact in a secure, tamper free, decentralised way, paving the way for a new era of transparent, auditable socio-economic infrastructures, in which user information can be stored in shared databases that are efficiently verifiable, transparent and secure. We study blockchains from a variety of perspectives, ranging from byzantine fault tolerance, to development of cryptographic tools to designing applications for socially relevant issues.
Evaluating Secure Critical Embedded Systems
We develop tools that would help evaluate critical embedded system so as to achieve the required levels of security. The tools either work on the manufactured product or provide aids during its design. The design phase tools would help pinpoint vulnerable regions, facilitating targeted countermeasures early in the design, thereby reducing overheads and time-to-market. The tools would help answer questions like “Is a system secure against a specific attack?” or “Is System A more secure than System B?” Our work, for instance, can pinpoint locations in an embdedded system that are vulnerable to fault attacks, side-channel attacks, and timing attacks.
Provable Security of Symmetric and Asymmetric Key Cryptography
We study cryptographic schemes from the perspective of provable security. Public (Asymmetric) key cryptography is widely studied due to its superior key management and many business applications. Symmetric key cryptography is very attractive for its efficiency and relevance to real world applications – for instance, these are widely used to protect data transmission in many secure communication protocols like TLS. We study fundamental primitives in both asymmetric and symmetric key cryptography – such as digital signatures, block ciphers and authenticated encryption. To understand security of cryptographic schemes used in practice, we devise theoretical models that can better illustrate the security provided by current cryptographic schemes and then provide provable security guarantees under reasonable assumptions for existing cryptographic tools and protocols.
Computing on Encrypted Data
Today, perhaps the great challenge before cryptography is: how to benefit from the technology enabled by “big data” while safeguarding privacy? The concerns of people in the context of privacy have never been higher. On the other hand, we have already begun to glimpse the sheer power of massive-scale data analysis, with applications ranging from cloud computing to advertising to social science studies to smart meters and smart cities and so on. Can disclosure to data be controlled, so that data can participate in authorized computation but leak nothing beyond what its owner permits? We endeavor to provide solutions for the modeling as well as construction of cryptographic primitives for computing on encrypted data. Examples of cutting edge primitives that enable encrypted computation are fully homomorphic encryption, functional encryption, broadcast encryption and such others.
Secure Systems Engineering
We adopt a clean slate approach to designing computer systems, where security is considered early during the design phase, along with other design parameters such as performance, energy, and size. The challenge is to achieve security keeping overheads in other design parameters within tolerable margins. We approach this problem by first enforcing security in the hardware and then moving up the computing stack, to Programming Languages, Operating Systems, and applications.
Distributed Computing
We live in a highly interconnected world where applications are built to operate seamlessly over a large number of computing devices. Distributed computing deals with formal study of such distributed systems wherein the devices must communicate typically by passing messages to each other. Distributed computing ideas find application in a wide range of contexts including traditional computer networks, the Internet, peer-to-peer networks, swarm robotics. Our research emphasizes the study of robust networks that are resilient to churn, topology dynamics, and Byzantine faults.
DLT and Hedera: A New Era of Trustless Transactions
DLT, or Distributed Ledger Technology, is a shared database maintained and updated by multiple participants. It allows secure, transparent, and efficient recording and verification of transactions without relying on intermediaries. Unlike traditional systems, DLT ensures data integrity and prevents tampering as each participant holds a copy of the ledger, Hedera Hashgraph is a prominent DLT platform that employs a unique consensus algorithm called speeds, lower fees, and enhanced security. Hedera’s architecture is designed for enterprise-grade applications, providing a scalable and reliable foundation for various industries to build decentralized solutions.
Open Malware Research
A comprehensive platform for safe malware research, offering tools like Malware Behavior-as-a-Service for real-time execution analysis, Labeled Data as a Service for detailed behavioral insights, and advanced detection frameworks like SUNDEW. These services foster a multi-dimensional approach to cybersecurity research, enabling continuous study of evolving threats and empowering researchers to develop innovative solutions for combating diverse malware challenges.