Science and Engineering

Information security

Overview

Research

We are Australia's leading academic research group in information security.

Our research addresses a range of interdisciplinary topics in:

  • information security
  • cryptography
  • network security
  • digital forensics
  • information security management.

Research expertise

Research in cryptography at QUT has a history of more than 25 years, with significant contributions to most areas in the field, including:

  • design and analysis of cryptographic algorithms and protocols
  • cryptanalysis of schemes
  • efficient implementation
  • error-correcting codes.

We have a strong focus on the security of modern networks. We also run a laboratory for practical network security, including a dedicated SCADA Security Laboratory that houses a series of control system simulators used for SCADA vulnerability and mitigation analysis.

Projects

The Category 1 funded research projects we are currently leading are:

Creating a simple and strong cryptography for humans to take the front seat in real security protocols

Project leader
Associate Professor Xavier Boyen
Dates
2014-2018
Project summary

Cryptography offers wonderful tools for unbreakable data security, but only between computer nodes, leaving their human owners helpless. Encrypted tunnels terminate not at humans but at mobile phones and personal computers, exposing users' secrets to spyware from search-engine keyloggers to full-bore malware planted by crooks, hackers, and foreign spy agencies.

This project aims to create a simple and strong cryptography, so that humans can, for the first time, take front seat in real security protocols. The technical challenge is to build public-key ciphers, operable manually from a mental key in seconds, and from there remake human-powered versions of many useful information security protocols.

Recreate and expand the power of functional encryption (FE) from post-quantum (PQ) mathematical principles, immune to quantum attacks, building on recent discoveries of limited forms of PQ-FE from rock-solid cryptography principles

Project leader
Associate Professor Xavier Boyen
Dates
2014-2016
Project summary

Modern cryptography has the power to revolutionise virtually every aspect of our online lives. Large-scale secure data sharing could become a breeze, with tools such as functional encryption (FE) to give us fine control over access rights by means of expressive languages, and there will be no more juggling of crypto keys. Finally, the known foundations of FE will crumble when even small-sized quantum computers become reality, perhaps next decade.

This project aims to recreate and expand the power of FE from post-quantum (PQ) mathematical principles, immune to quantum attacks, building on recent discoveries of limited forms of PQ-FE from rock-solid crypto principles. It begs exploring, for the truly spectacular outcomes likely to ensue.

Interdisciplinary and inter-institution projects

Some of the projects we are contributing to with other disciplines and institutions are:

  • Legacy2Service: a novel, model-driven technique for re-engineering on-demand software services out of legacy applications, 2014-2016.

Student topics

Are you looking to further your career by pursuing study at a higher and more detailed level? We are currently looking for students to research a number of topics within a range of broad themes.

There are topics relevant to students who would like to pursue:

  • PhD study
  • Masters by research
  • Research project (part of masters by coursework or undergraduate project unit).

Cryptology

Cryptology investigates theoretical frameworks and practices for secure communication, processing and storage of data in the presence of adversaries. It provides a set of basic security goals: confidentiality, authentication, integrity and non-repudiation.

This includes:

  • mathematics of cryptology (algebraic structures, lattices, number theory, combinatorics)
  • cryptographic protocols (key agreement, secret sharing, secure SSL/TLS, IPSec, DN security)
  • private-key cryptography (block ciphers, stream ciphers, authenticated encryption, cryptographic hashing)
  • public-key cryptography (fully homomorphic encryption, functional encryption, elliptic-curve cryptography, pseudo randomness)
  • digital signatures (proxy, designated verifier, fail stop, batch, etc.)
  • multiparty computations
  • quantum cryptography.

Find a supervisor in this research theme:

Information security

Information security encompasses theory and practice of protecting information against unauthorised access in computer systems and networks.

This includes:

  • formal modelling and analysis of information security
  • high-integrity software engineering
  • safety-critical and security-critical information systems
  • identification and authorisation methods to control access to information resources
  • security of biomedical and e-health services
  • intrusion prevention and detection systems (misuse and anomaly detection)
  • copyright protection (fingerprints and watermarking)
  • e-Government services (e-payments, e-voting, e-actions, etc.)
  • location privacy (GPS spoofing).

Find a supervisor in this research theme:

Network security

Network security can be seen as a collection of tools, procedures and policies that is used to protect computer networks against adversarial activities (hackers, malware, natural disasters, etc.).

This includes:

  • simulation and formal verification of network security
  • critical infrastructure security (SCADA system security)
  • wireless network security (mobile phones, RFID security, vehicle-to-vehicle communication)
  • security of the Cloud
  • cyber security (malware, botnets, malware reverse engineering).

Find a supervisor in this research theme:

Contact

School of Electrical Engineering and Computer Science

  • Level 12, S Block, Room 1221
    Gardens Point

  • Postal address:
    School of Electrical Engineering and Computer Science
    GPO Box 2434
    Brisbane QLD 4001