Cryptography, Cybersecurity and Distributed trust

hello 

The research focus of our group is understanding foundational aspects of cyber-security. We research fundamentals and applications of cyber security, ranging from cryptography to blockchains to secure systems to critical embedded systems to broad considerations of distributed trust and privacy.

We are now a Centre of Excellence under the IITM Institute of Eminence initiative!

We are hiring!

We are actively looking to expand our group by hiring new faculty under the regular faculty as well as the brand new Young International Faculty program, meant as a two-three year position for young researchers who have recently finished their Ph.D. and hold a non-Indian passport.

We also have a number of exciting options for visiting faculty. Please see our VHAR Visiting Chair program and the VAJRA faculty scheme.

We are also looking for strong, highly motivated graduate students to join our group. Please apply here. Information about the selection process is here and tips on how to prepare for the interview are here. Shortlisting criteria are here.

For postdoctoral opportunities, please see the IITM institute postdoctoral fellowship. For internship opportunities, please see the IITM internship program.

Core Values

We are committed to an environment of equality and respect. We value every individual equally, regardless of seniority, gender, nationality, religion, skin colour or anything else. We are committed to following the highest ethics in science and fostering openness, freedom and a sense of service. We are committed to an environment which enables every member to reach their fullest potential.

Research

Post Quantum Cryptography

Recent times have seen significant advances in the design and construction of quantum computers – computers which harness quantum mechanical phenomena to solve mathematical problems that are difficult for conventional classical computers. If a cyber-attacker has access to a quantum computer, are known cryptosystems safe? Most current day cryptography succumbs to quantum attacks, rendering all digital information insecure. Post-quantum cryptography aims to redesign cryptography so that it is resilient to quantum attacks. Our research focusses on one of the most promising approaches for post quantum cryptography, namely, lattice based cryptography. Lattice based cryptography relies on the hardness of solving certain mathematical problems in high dimensional lattices, and these problems are not known to offer any speedups by quantum computers. Besides, lattice based cryptography offers a flexibility and expressiveness that enables multiple promising new cryptographic constructions.

Blockchains and Fault Tolerance

Blockchain is a distributed public ledger technology which is the basis of many crypto-currencies including bitcoin. At a high level, a blockchain is a dynamically growing, ordered set of records containing user transactions or other data, which are secured using cryptography. The decentralized nature of blockchains enables users to invest in the security and integrity of their data directly, while usage of cryptography prevents malicious users from modifying records to their advantage. Underpinned by a peer to peer network, blockchains enable users to transact in a secure, tamper free, decentralised way, paving the way for a new era of transparent, auditable socio-economic infrastructures, in which user information can be stored in shared databases that are efficiently verifiable, transparent and secure. We study blockchains from a variety of perspectives, ranging from byzantine fault tolerance, to development of cryptographic tools to designing applications for socially relevant issues.

Evaluating Secure Critical Embedded Systems

We develop tools that would help evaluate critical embedded system so as to achieve the required levels of security. The tools either work on the manufactured product or provide aids during its design. The design phase tools would help pinpoint vulnerable regions, facilitating targeted countermeasures early in the design, thereby reducing overheads and time-to-market. The tools would help answer questions like “Is a system secure against a specific attack?” or “Is System A more secure than System B?” Our work, for instance, can pinpoint locations in an embdedded system that are vulnerable to fault attacks, side-channel attacks, and timing attacks.

Provable Security of Symmetric and Asymmetric Key Cryptography

We study cryptographic schemes from the perspective of provable security. Public (Asymmetric) key cryptography is widely studied due to its superior key management and many business applications. Symmetric key cryptography is very attractive for its efficiency and relevance to real world applications – for instance, these are widely used to protect data transmission in many secure communication protocols like TLS. We study fundamental primitives in both asymmetric and symmetric key cryptography – such as digital signatures, block ciphers and authenticated encryption. To understand security of cryptographic schemes used in practice, we devise theoretical models that can better illustrate the security provided by current cryptographic schemes and then provide provable security guarantees under reasonable assumptions for existing cryptographic tools and protocols.

Computing on Encrypted Data

Today, perhaps the great challenge before cryptography is: how to benefit from the technology enabled by “big data” while safeguarding privacy? The concerns of people in the context of privacy have never been higher. On the other hand, we have already begun to glimpse the sheer power of massive-scale data analysis, with applications ranging from cloud computing to advertising to social science studies to smart meters and smart cities and so on. Can disclosure to data be controlled, so that data can participate in authorized computation but leak nothing beyond what its owner permits? We endeavor to provide solutions for the modeling as well as construction of cryptographic primitives for computing on encrypted data. Examples of cutting edge primitives that enable encrypted computation are fully homomorphic encryption, functional encryption, broadcast encryption and such others.

Secure Systems Engineering

We adopt a clean slate approach to designing computer systems, where security is considered early during the design phase, along with other design parameters such as performance, energy, and size. The challenge is to achieve security keeping overheads in other design parameters within tolerable margins. We approach this problem by first enforcing security in the hardware and then moving up the computing stack, to Programming Languages, Operating Systems, and applications.

Distributed Computing

We live in a highly interconnected world where applications are built to operate seamlessly over a large number of computing devices. Distributed computing deals with formal study of such distributed systems wherein the devices must communicate typically by passing messages to each other. Distributed computing ideas find application in a wide range of contexts including traditional computer networks, the Internet, peer-to-peer networks, swarm robotics. Our research emphasizes the study of robust networks that are resilient to churn, topology dynamics, and Byzantine faults.