This project aims to evaluate the security of cryptographic algorithms intended to provide security for information transmitted over insecure networks. The cryptographic algorithms enable secure and resilient communications in security critical applications where the communicating devices are resource constrained.
The standard algorithms used may require more resources (memory, power, etc) than the devices can provide, hence the need for new lightweight algorithms. However, an efficient implementation of an algorithm is not useful if there are security weaknesses. For example, some authenticated encryption proposals may be vulnerable to attacks that breach confidentiality, or enable forged messages to be sent without detecting the violation of authenticity.
This project involves security analysis of current lightweight encryption algorithms to determine the degree of resistance to a range of cryptanalytic attacks.
The research program involves:·
- Understanding the operation of the cryptographic algorithms, including the operation of subcomponents of the design and their interaction with each other.
- Writing software to implement selected cryptographic algorithms or subcomponents of algorithms in a parameterized or modular fashion to enable investigation of modified versions: a variable number of rounds, a smaller word size, etc.
- Understanding the various forms of cryptographic attack that may be applied: algebraic attacks, statistical weaknesses, correlation attacks, differential attacks, slide attacks and various side channel attacks.
- Writing software to simulate the application of selected attacks on the cryptographic algorithms, and determining the probability of success or level of resistance to that form of attack, and the relationship between resistance and structural features of the algorithm.
- Investigating security-efficiency tradeoffs that may occur in certain applications: for example, if fewer rounds are performed to enable faster throughput in time-critical network applications, is the security significantly reduced such that the communications are easily exposed by an attacker?
The expected outcome of the research project is a report on the level of security provided by selected lightweight cryptographic algorithms against a variety of cryptographic attacks; attacks against either the algorithm itself (based on mathematics or statistical analysis) or attacks against the implementation of the algorithm (side channel attacks exploiting additional information leakage).
Skills and experience
To take this project you should have a good understanding of basic cryptography (have completed CAB340 or IFN642 or equivalent, earning a grade of 6 or 7), and have the capacity to write programs to implement both the algorithms and proposed investigations. Cryptographic algorithms are frequently implemented in C but proficiency in other languages is acceptable.
Contact the supervisor for more information.