Centre for Information Security and Cryptography
In cryptography, security systems are defined in terms of their required security properties (e.g. anonymity of voters in an electronic voting system) and what the adversary can do in the system (e.g. voting authorities colluding to find out the vote of an individual). In systems with provable security it is shown that a successful attack is not possible. In computationally secure systems this means that a successful attacker in the system can also break another system that is known (i.e. proved in its own right) to be secure, or solve a mathematical problem that is widely believed, though unproved, to be hard (e.g., factorize a large number or extract a discrete logarithm).
Proofs in computationally secure framework are asymptotic and, though sufficient for feasibility results, have to be further refined into an exact or concrete security approach. This refinement allows the key sizes to be quantified in terms of adversary's power.
Some of our recent work include, design of signature and authentication systems with special properties, privacy protecting credential systems, cryptographic support for group and collabotative work, cryptographic support for secure content distribution.
At CISaC, we analyze the mathematical and computational hardness of number theoretic problems that provide computational security for public key cryptography, and develop algorithms for solving these problems. We use CISaC's Advanced Cryptography Laboratory’s Beowulf cluster to model a potential adversary’s computational power, conducting very large-scale numerical experiments. The data thus acquired lead to a better understanding of the computational hardness of a given problem and aid in accurately determining parameter sizes that are sufficiently large to ensure safe use of discrete logarithm based cryptographic schemes.