Cryptographic Foundations for Future-proof Internet Security
Cryptographic Foundations for Future-proof Internet Security
Disciplines
Computer Sciences (100%)
Keywords
-
Subversion Resilience,
Future-proof Security,
Public-Key Cryptography,
Internet Applications,
Cryptography,
Post-quantum Cryptography
Today, the world is more connected than ever before. In 2018, already over half of the world`s population is online, which amounts to more than 4 billion people. The modern Internet includes computing paradigms such as cloud computing or the Internet of Things (IoT) which entirely changed the way we communicate and process data and which types of data are communicated over public networks. Huge amounts of potentially sensitive data now leave classical security perimeters and are processed and accessed by multiple different (untrusted) entities potentially in an ad-hoc fashion. The devices found on the Internet range from classical servers, desktops and laptops to (small) physical devices, home appliances or other items embedded with electronics, software, sensors, or actuators. These developments can bring additional comfort and increased quality of living to individuals and help to make many of our daily tasks much less complicated. However, the Internet is also a place where users are prone to become victims of criminal actions like data and identity theft and the Internet is also increasingly intertwined with a geopolitical environment making users prone to being surveilled or even controlled. To achieve strong security and privacy guarantees, cryptography is the foundational technology. Today, much of our personal freedom and the power to guarantee and maintain a free society depends on cryptographic primitives incorporated in the security protocols used within the Internet. While regulations like the upcoming EU General Data Protection Regulation (GDPR) promote the usage of cryptography to protect sensitive data, revelations about activities of governmental agencies have revealed worrying information. Governmental agencies have subverted cryptographic software products, certification authorities, backdoored cryptographic schemes or influenced and weakened cryptographic standardization processes. Besides providing governmental institutions means to spy on citizens, such practices are highly vulnerable to also be exploited by non- governmental adversaries. Many of the cryptographic schemes used to secure today`s Internet were not designed with the functionality and the security requirements in mind that come along with tomorrow`s envisioned use-cases on the Internet. This requires novel and typically more sophisticated cryptographic schemes that consider aspects that were not known or of interest in the early days of the Internet. Cryptography, which is capable to secure a future-proof Internet, needs to consider all these issues, but additionally needs to be flexible enough to work on both ends of the spectrum, i.e., resource constrained IoT devices as well as cloud-powered services. In addition, one needs to consider more recent aspects such as security in the presence of powerful quantum computers. Within PROFET we aim at designing cryptography that is subversion resilient by design and secure in the presence of powerful quantum computers and thus capable to securing tomorrow`s Internet.
Cryptographic mechanisms underlying today's Internet were not designed with the functionality and the security requirements in mind that come along with envisioned and in part already widely deployed use-cases. Those cover many popular application domains (implicitly) used by many people. Examples are cloud computing, e.g., outsourcing storage and services to large providers, the Internet of things (IoT), e.g., smart homes or connected vehicles, as well as the so called Web3, i.e., decentralized applications built upon blockchain technology. Importantly, due to the prevalent use of the Internet, much of our personal freedom and the power to maintain a free society depends on cryptographic primitives (e.g., signatures and encryption) incorporated in today's security protocols. While regulations like the EU General Data Protection Regulation (GDPR) prescribe the usage of cryptography to protect sensitive data, revelations about activities of governmental agencies have revealed worrying information. Examples include subverting cryptographic software products, subverting certification authorities, backdooring cryptographic schemes or influencing and weakening cryptographic standardization processes. Besides providing institutions means to spy on citizens, such practices are highly vulnerable to also be exploited by non-governmental adversaries. The focus of this project was on the cryptography required to secure the Internet of tomorrow. We have focused on two important aspects: First, designing cryptography that is resilient to subversion or disincentivizes such approaches by design. Here our particular focus was on the subversion of parameters used by cryptographic schemes and a property called forward secrecy. Latter means that even in case a decryption key leaks, the "damage" is very local in that the key cannot be used anymore to decrypt old but only very recent ciphertexts. Second, our focus was on designing cryptographic schemes that remain secure in the presence of powerful quantum computers, i.e., provide post-quantum security. In both aspects, among various interesting theoretical results, we have significantly contributed to the practical understanding. When it comes to parameter subversion, we have significantly contributed to the practical usability of so called non-interactive zero-knowledge (NIZK) proofs. In particular, the development of such proof systems that remain secure and provide the strongest security guarantees even if the setup is subverted. This is a very active field and with the growing popularity of cryptocurrencies and blockchains we have seen a "Cambrian explosion" in their research and practical deployment. In context of forward security, we have contributed to the design of secure communication protocols that have an important property called zero round-trip time (0-RTT), i.e., where encrypted data can already be sent in the first message of the sender in the protocol. Finally, in several domains studied in the project we have proposed the first post-quantum constructions, most notable for succinct NIZK proofs (so called zk-SNARKs).
- Matteo Maffei, Technische Universität Wien , associated research partner
- Dominique Schröder, Friedrich-Alexander-Universität Erlangen-Nürnberg - Germany
- Tibor Jager, Universität Paderborn - Germany
- Melissa Chase, Microsoft Research - USA
- Aniket Kate, Purdue University - USA
Research Output
- 682 Citations
- 73 Publications
- 3 Scientific Awards
-
0
DOI 10.1145/3548606 Type Other -
0
DOI 10.1145/3372297 Type Other -
2023
Title Chrisimos: A useful Proof-of-Work for finding Minimal Dominating Set of a graph DOI 10.1109/trustcom60117.2023.00182 Type Conference Proceeding Abstract Author Chatterjee D Pages 1332-1339 Link Publication -
2021
Title Updatable Trapdoor SPHFs: Modular Construction of Updatable Zero-Knowledge Arguments and More DOI 10.1007/978-3-030-90567-5_3 Type Book Chapter Author Abdolmaleki B Publisher Springer Nature Pages 46-67 -
2021
Title With a Little Help from My Friends DOI 10.1145/3460120.3484582 Type Conference Proceeding Abstract Author Hanzlik L Pages 2004-2023 -
2021
Title Privacy-Preserving Authenticated Key Exchange: Stronger Privacy and Generic Constructions DOI 10.1007/978-3-030-88428-4_33 Type Book Chapter Author Ramacher S Publisher Springer Nature Pages 676-696 -
2021
Title Versatile and Sustainable Timed-Release Encryption and Sequential Time-Lock Puzzles (Extended Abstract) DOI 10.1007/978-3-030-88428-4_4 Type Book Chapter Author Chvojka P Publisher Springer Nature Pages 64-85 -
2021
Title Cross-Layer Deanonymization Methods in the Lightning Protocol DOI 10.1007/978-3-662-64322-8_9 Type Book Chapter Author Romiti M Publisher Springer Nature Pages 187-204 -
2021
Title Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments DOI 10.1007/978-3-662-64331-0_7 Type Book Chapter Author Tairi E Publisher Springer Nature Pages 131-150 -
2021
Title Fine-Grained Forward Secrecy: Allow-List/Deny-List Encryption and Applications DOI 10.1007/978-3-662-64331-0_26 Type Book Chapter Author Derler D Publisher Springer Nature Pages 499-519 -
2021
Title Subversion-Resistant Quasi-adaptive NIZK and Applications to Modular Zk-SNARKs DOI 10.1007/978-3-030-92548-2_26 Type Book Chapter Author Abdolmaleki B Publisher Springer Nature Pages 492-512 -
2021
Title Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures DOI 10.1007/978-3-030-92075-3_22 Type Book Chapter Author Aumayr L Publisher Springer Nature Pages 635-664 -
2020
Title Cross-Layer Deanonymization Methods in the Lightning Protocol DOI 10.48550/arxiv.2007.00764 Type Preprint Author Romiti M Link Publication -
2020
Title Language-Based Web Session Integrity DOI 10.48550/arxiv.2001.10405 Type Preprint Author Calzavara S Link Publication -
2020
Title eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts DOI 10.48550/arxiv.2005.06227 Type Preprint Author Grishchenko I Link Publication -
2020
Title Fully Collision-Resistant Chameleon-Hashes from Simpler and Post-quantum Assumptions DOI 10.1007/978-3-030-57990-6_21 Type Book Chapter Author Derler D Publisher Springer Nature Pages 427-447 -
2020
Title Language-Based Web Session Integrity DOI 10.1109/csf49147.2020.00016 Type Conference Proceeding Abstract Author Calzavara S Pages 107-122 Link Publication -
2020
Title Bringing Order to Chaos: The Case of Collision-Resistant Chameleon-Hashes DOI 10.1007/978-3-030-45374-9_16 Type Book Chapter Author Derler D Publisher Springer Nature Pages 462-492 -
2019
Title A Framework for UC-Secure Commitments from Publicly Computable Smooth Projective Hashing DOI 10.1007/978-3-030-35199-1_1 Type Book Chapter Author Abdolmaleki B Publisher Springer Nature Pages 1-21 -
2020
Title CCA-Secure (Puncturable) KEMs from Encryption with Non-Negligible Decryption Errors DOI 10.1007/978-3-030-64837-4_6 Type Book Chapter Author Cini V Publisher Springer Nature Pages 159-190 -
2020
Title Lift-and-Shift DOI 10.1145/3372297.3417228 Type Conference Proceeding Abstract Author Abdolmaleki B Pages 1987-2005 -
2020
Title eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts DOI 10.1145/3372297.3417250 Type Conference Proceeding Abstract Author Schneidewind C Pages 621-640 Link Publication -
2020
Title The Good, The Bad and The Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts DOI 10.1007/978-3-030-61467-6_14 Type Book Chapter Author Schneidewind C Publisher Springer Nature Pages 212-231 Link Publication -
2020
Title A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network DOI 10.1109/eurospw51379.2020.00059 Type Conference Proceeding Abstract Author Tikhomirov S Pages 387-396 Link Publication -
2019
Title Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks DOI 10.1145/3319535.3345666 Type Conference Proceeding Abstract Author Egger C Pages 801-815 -
2019
Title Structure-Preserving Signatures on Equivalence Classes from Standard Assumptions DOI 10.1007/978-3-030-34618-8_3 Type Book Chapter Author Khalili M Publisher Springer Nature Pages 63-93 -
2019
Title Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability DOI 10.14722/ndss.2019.23330 Type Conference Proceeding Abstract Author Malavolta G Link Publication -
2019
Title Verifying Relational Properties using Trace Logic DOI 10.23919/fmcad.2019.8894277 Type Conference Proceeding Abstract Author Barthe G Pages 170-178 Link Publication -
2021
Title Privacy preserving authenticated Kkey exchange : Modelling, constructions, proofs and formal verification Type Other Author Andreas Johann Weninger Link Publication -
2021
Title Blitz: Secure multi-hop payments without two-phase commits Type Other Author Aumayr L. Pages 4043-4060 -
2023
Title Threshold Delegatable Anonymous Credentials With Controlled and Fine-Grained Delegation DOI 10.1109/tdsc.2023.3303834 Type Journal Article Author Mir O Journal IEEE Transactions on Dependable and Secure Computing Pages 2312-2326 -
2023
Title Lattice-Based Succinct Arguments from Vanishing Polynomials DOI 10.1007/978-3-031-38545-2_3 Type Book Chapter Author Cini V Publisher Springer Nature Pages 72-105 -
2023
Title ABE for Circuits with poly (?) -sized Keys from LWE DOI 10.1109/focs57990.2023.00032 Type Conference Proceeding Abstract Author Cini V Pages 435-446 -
2023
Title Threshold Structure-Preserving Signatures DOI 10.1007/978-981-99-8724-5_11 Type Book Chapter Author Crites E Publisher Springer Nature Pages 348-382 Link Publication -
2023
Title (Inner-Product) Functional Encryption with Updatable Ciphertexts DOI 10.1007/s00145-023-09486-y Type Journal Article Author Cini V Journal Journal of Cryptology Pages 8 Link Publication -
2023
Title Revisiting Updatable Encryption: Controlled Forward Security, Constructions and a Puncturable Perspective DOI 10.1007/978-3-031-48618-0_8 Type Book Chapter Author Slamanig D Publisher Springer Nature Pages 220-250 -
2023
Title Aggregate Signatures with Versatile Randomization and Issuer-Hiding Multi-Authority Anonymous Credentials DOI 10.1145/3576915.3623203 Type Conference Proceeding Abstract Author Mir O Pages 30-44 Link Publication -
2023
Title Optimizing 0-RTT Key Exchange with Full Forward Security DOI 10.1145/3605763.3625246 Type Conference Proceeding Abstract Author Göth C Pages 55-68 Link Publication -
2023
Title Breaking and Fixing Virtual Channels: Domino Attack and Donner DOI 10.14722/ndss.2023.24370 Type Conference Proceeding Abstract Author Aumayr L Link Publication -
2023
Title LightSwap: An Atomic Swap Does Not Require Timeouts at both Blockchains DOI 10.1007/978-3-031-25734-6_14 Type Book Chapter Author Hoenisch P Publisher Springer Nature Pages 219-235 -
2023
Title Practical Delegatable Anonymous Credentials From Equivalence Class Signatures DOI 10.56553/popets-2023-0093 Type Journal Article Author Mir O Journal Proceedings on Privacy Enhancing Technologies Pages 488-513 Link Publication -
2021
Title Bitcoin-Compatible Virtual Channels DOI 10.1109/sp40001.2021.00097 Type Conference Proceeding Abstract Author Aumayr L Pages 901-918 Link Publication -
2021
Title A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs DOI 10.1109/sp40001.2021.00111 Type Conference Proceeding Abstract Author Tairi E Pages 1834-1851 -
2021
Title Towards a Game-Theoretic Security Analysis of Off-Chain Protocols DOI 10.48550/arxiv.2109.07429 Type Preprint Author Rain S -
2021
Title The Good, the Bad and the Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts DOI 10.48550/arxiv.2101.05735 Type Preprint Author Schneidewind C -
2024
Title Identity-Based Encryption with (Almost) Tight Security in the Multi-instance, Multi-ciphertext Setting DOI 10.1007/s00145-024-09496-4 Type Journal Article Author Hofheinz D Journal Journal of Cryptology Pages 12 Link Publication -
2024
Title Identity-Based Encryption with (Almost) Tight Security in the Multi-instance, Multi-ciphertext Setting DOI 10.3929/ethz-b-000664631 Type Other Author Hofheinz Link Publication -
2024
Title Bringing Order to Chaos: The Case of Collision-Resistant Chameleon-Hashes DOI 10.1007/s00145-024-09510-9 Type Journal Article Author Derler D Journal Journal of Cryptology Pages 29 Link Publication -
2024
Title Lower Bounds for Lattice-Based Compact Functional Encryption DOI 10.1007/978-3-031-58723-8_9 Type Book Chapter Author Tairi E Publisher Springer Nature Pages 249-279 -
2024
Title Threshold Structure-Preserving Signatures: Strong and Adaptive Security Under Standard Assumptions DOI 10.1007/978-3-031-57718-5_6 Type Book Chapter Author Mitrokotsa A Publisher Springer Nature Pages 163-195 -
2022
Title Strategic Analysis of Griefing Attack in Lightning Network DOI 10.1109/tnsm.2022.3230768 Type Journal Article Author Mazumdar S Journal IEEE Transactions on Network and Service Management Pages 1790-1803 Link Publication -
2022
Title CRS-Updatable Asymmetric Quasi-Adaptive NIZK Arguments DOI 10.1007/978-3-031-22912-1_1 Type Book Chapter Author Abdolmaleki B Publisher Springer Nature Pages 3-25 -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.1109/tps-isa56441.2022.00043 Type Conference Proceeding Abstract Author Mazumdar S Pages 295-304 Link Publication -
2022
Title Sleepy Channels DOI 10.1145/3548606.3559370 Type Conference Proceeding Abstract Author Aumayr L Pages 179-192 Link Publication -
2022
Title Thora DOI 10.1145/3548606.3560556 Type Conference Proceeding Abstract Author Aumayr L Pages 165-178 Link Publication -
2022
Title Foundations of Coin Mixing Services DOI 10.1145/3548606.3560637 Type Conference Proceeding Abstract Author Glaeser N Pages 1259-1273 -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.48550/arxiv.2211.15804 Type Preprint Author Mazumdar S -
2022
Title Strategic Analysis of Griefing Attack in Lightning Network DOI 10.34726/3581 Type Other Author Banerjee P Link Publication -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.36227/techrxiv.20355183 Type Preprint Author Mazumdar S -
2022
Title LightSwap: An Atomic Swap Does Not Require Timeouts At Both Blockchains DOI 10.34726/3662 Type Other Author Hoenisch P Link Publication -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.36227/techrxiv.20355183.v3 Type Preprint Author Mazumdar S -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.36227/techrxiv.20355183.v2 Type Preprint Author Mazumdar S -
2022
Title Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps DOI 10.34726/3805 Type Other Author Mazumdar S Link Publication -
2022
Title Logarithmic-Size (Linkable) Threshold Ring Signatures in the Plain Model DOI 10.1007/978-3-030-97131-1_15 Type Book Chapter Author Haque A Publisher Springer Nature Pages 437-467 -
2022
Title Strategic Analysis of Griefing Attack in Lightning Network DOI 10.48550/arxiv.2203.10533 Type Preprint Author Mazumdar S -
2022
Title Lattice-Based SNARKs: Publicly Verifiable, Preprocessing, and Recursively Composable DOI 10.1007/978-3-031-15979-4_4 Type Book Chapter Author Albrecht M Publisher Springer Nature Pages 102-132 -
2023
Title Towards a Game-Theoretic Security Analysis of Off-Chain Protocols DOI 10.1109/csf57540.2023.00003 Type Conference Proceeding Abstract Author Rain S Pages 107-122 Link Publication -
2023
Title An Incremental PoSW for General Weight Distributions DOI 10.1007/978-3-031-30617-4_10 Type Book Chapter Author Abusalah H Publisher Springer Nature Pages 282-311 -
2023
Title Unique-Path Identity Based Encryption with Applications to Strongly Secure Messaging DOI 10.1007/978-3-031-30589-4_1 Type Book Chapter Author Rösler P Publisher Springer Nature Pages 3-34 -
2023
Title LedgerLocks: A Security Framework for Blockchain Protocols Based on Adaptor Signatures DOI 10.1145/3576915.3623149 Type Conference Proceeding Abstract Author Tairi E Pages 859-873 Link Publication -
2021
Title Updatable Signatures and Message Authentication Codes DOI 10.1007/978-3-030-75245-3_25 Type Book Chapter Author Cini V Publisher Springer Nature Pages 691-723 -
2021
Title Bloom Filter Encryption and Applications to Efficient Forward-Secret 0-RTT Key Exchange DOI 10.1007/s00145-021-09374-3 Type Journal Article Author Derler D Journal Journal of Cryptology Pages 13 Link Publication -
2021
Title The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches DOI 10.1109/spw53761.2021.00062 Type Conference Proceeding Abstract Author Squarcina M Pages 432-443
-
2023
Title Editorial Board member of IET Information Security Type Appointed as the editor/advisor to a journal or book series Level of Recognition Continental/International -
2021
Title Best Paper Award at the 20th International Conference on Cryptology and Network Security Type Poster/abstract prize Level of Recognition Continental/International -
2020
Title Editorial Board member of Security and Communication Networks Type Appointed as the editor/advisor to a journal or book series Level of Recognition Continental/International