Periodic Reporting for period 2 - ECRYPT-NET (European Integrated Research Training Network on Advanced Cryptographic Technologies for the Internet of Things and the Cloud)
Reporting period: 2017-03-01 to 2019-02-28
For cloud applications, the project has focused on two challenges. The first one has been the study of novel cryptographic primitives that will resist attacks on future quantum computers (so-called post-quantum cryptography). The second one has been to create novel techniques for several flavors of secure computation, including computing on encrypted data (fully homomorphic encryption), controlled decryption of data (functional encryption) and jointly computing on privately stored data without sharing this data (secure Multi-Party Computation). The results include the identification of flaws in proposed schemes and the creation of new proposals with increased performance or reduced communication overhead. Finally, applications have been studied of these techniques such as the evaluation of machine learning algorithms in the encrypted domain and the study of querying capabilities on encrypted data.
A third line of research focused on physical security, usability and deployment; to this end, it developed innovative implementations; these implementations offer improved security/performance tradeoffs and resist powerful side channel attacks that exploit physical properties of the implementations. The research has focused on building such countermeasures against such attacks; unlike in earlier work, these countermeasures are included during the design of the primitive (cf. supra) or integrated in the design flow rather than added afterwards. The most powerful of these attacks are white box attackers, who have full control of the execution of the cryptographic algorithm (which is the case for typical IoT software environments); for this setting novel attack models and attacks have been studied. Several secure implementations have been developed for lightweight ciphers (IoT setting) and for post-quantum algorithms (cloud setting).
The project has contributed to several open international competitions, including the Whibox competition (organized by CryptoExperts) and the postquantum and lightweight competition organized by NIST (National Institute of Standards and Technology, US). These competitions have given the research a high visibility and impact at an international level.
Regarding dissemination, the project used Twitter for fast communication of project activities. Almost 300 tweets were sent out towards more than 1150 followers. The project’s ECRYPT Blog has been used to disseminate longer stories. An important goal of the Blog was to make complicated cryptographic results easily accessible to a wider audience. The ESRs were encouraged to post regularly to the blog on papers they have read, conferences they have visited, or their own results. So far 110 blogposts have been written, those attracted 171.899 views.
The fellows held 74 public talks at different occasions; 6 rump session presentations, 25 paper presentations at conferences, 38 presentations at ECRYPT-NET schools and 7 during outreach activities. The conference venues included some top venues in the field including CRYPTO, EUROCRYPT, FSE, CHES, TCC, Asiacrypt, RWC, SAC and ACNS. In this way research results were disseminated towards more than 5000 people of the research community.
The ESR fellows organized outreach activities, targeting the general public. Some fellows gave interactive lectures to secondary school pupils, other created crypto puzzles or mathematical challenges for online crypto contests or math competitions. The outreach activities turned out to be an excellent way to reach a young audience. Eventually 55 publications were produced, of which 18 journal papers and 37 conference papers. The conference publications included some of the most competitive conferences in the field such as EUROCRYPT, CRYPTO, Fast Software Encryption (FSE), Theory of Cryptography (TCC), Selected Areas in Cryptography (SAC), ASIACRYPT, Cryptographic Hardware and Embedded Systems (CHES), ACM CCS, IEEE S&P, and Usenix Security. Together, the fellows published 18 papers at these top venues.
The societal relevance and timeliness of this research has been emphasized by the growing importance of the digital society and by the revelations made by Snowden, that provide clear evidence of mass surveillance by nation states and of serious weaknesses of our current infrastructure.
An essential component of a response to these revelations consists of a broad deployment of advanced and innovative cryptographic techniques.