Raising the bar for what secure cryptography can achieve
From medical records to financial information and even industrial secrets, society regularly uses digital systems to process some extremely sensitive data. “We are now at a point where the question is no longer how to encrypt data, but how we can compute on it securely,” says Jean-Sébastien Coron, head of the Department of Computer Science at the University of Luxembourg. Helping to answer that question is the EU-funded CLOUDMAP project. The project, which received support from the European Research Council(opens in new window), aimed to strengthen the foundations and practicality of such advanced cryptographic technologies as homomorphic encryption, which allows users to compute directly on encrypted data without first needing to decrypt it.
Making advanced cryptography more robust
To achieve this goal, researchers sought a deeper mathematical understanding of emerging cryptographic primitives, including homomorphic encryption, multilinear maps and new lattice-based cryptosystems. “One of our most significant outcomes was new cryptanalytic results that revealed previously unknown weaknesses in prominent multilinear-map constructions that help to clarify the realistic security limits of obfuscation and related tools,” explains Coron, who served as the project coordinator. The project also looked to significantly improve efficiency, especially for demanding operations such as bootstrapping in homomorphic encryption and high-order protection against side-channel attacks. “For side-channel resistance, the project introduced asymptotically optimal countermeasures, as well as state-of-the-art high-order masking techniques for post-quantum schemes now being standardised – results that make advanced cryptography significantly more robust against physical attacks,” adds Coron.
Putting new cryptographic tools into practice
Another key aspect of the project’s work was an effort to bridge the gap between theory and practice, ensuring that cryptographic tools could actually be deployed on real hardware – including embedded and constrained platforms. “Beyond identifying limitations and vulnerabilities, we also explored how theoretical insights could inform more practical designs, leading to new algorithms, primitives and measurable efficiency improvements,” notes Coron. “This interplay contributes to making advanced cryptographic research more relevant for real-world applications.” As the project progressed, researchers adapted to major developments in the field. For example, when several proposed multilinear-map constructions were shown to be insecure and lattice-based and homomorphic techniques matured rapidly, researchers responded by exposing weaknesses in existing schemes and proposing more robust, efficient alternatives.
Supporting privacy-preserving technologies
The CLOUDMAP project successfully advanced our understanding of what is and is not secure – an understanding that could help prevent the deployment of fragile systems. Its work also supports privacy-preserving technologies that allow data to be analysed without being revealed. “By significantly raising the bar for what secure and efficient cryptography can achieve, we helped ensure that future digital systems can remain both powerful and trustworthy in a post-quantum world,” concludes Coron. With the project officially completed, researchers are now focused on refining its techniques and integrating them into broader cryptographic ecosystems, including secure artificial intelligence and privacy-preserving data analysis.