Projects - search

Filter by:

Limit to posts tagged with one or more of:
Select All

With the fast development of quantum computers, NIST has issued the National Security Memorandum for the timely and equitable transition of cryptographic systems to quantum-resistant cryptography by 2035. This movement has urged that any new digital systems should directly implement post-quantum cryptographic (PQC) algorithms for all layers’ protection mechanisms.

The goal of this project is to investigate efficiency and implementations of zero-knowlodge /multiparty computation in the head (MCPitH) based digital signatures in NIST Additional Digital Signature Schemes Round 1 candidates for the PQC Standardization Process, announced on 17 July 2023. Examples include Preon which  uses AES block ciphers as the circuits and Aurora zero- knowledge succinct noninteractive argument of knowledge (zkSNARK) as the zero-knowledge proof system. This is  the design of quantum resistant cryptographic primitives without based on any computational hard problems.

Although the fast development of quantum computers poses no immediate threat to currently deployed cryptography, NIST has started the post-quantum cryptography (PQC) standardization project in December 2016.

Blockchains, a decentralized peer-to-peer (P2P) ledger system, can provide trusted consen- sus, computation, and immutable data between untrusted entities. The goal of blockchain privacy is to protect sender privacy, receiver privacy, and/or provide confidential transac- tions. Since Bitcoin, there are a number of research articles for blockchain privacy. Notable approaches are to use ring signatures [RST01] to achieve sender privacy and stealth addresses for receiver privacy (e.g., the Monero cryptocurrency).

Introduction

As the easiest and cheapest way of authenticating an end user, password-based authentication methods have been consistently employed by organizations and businesses as the default mechanism of restricting and monitoring access. The increased adoption of cloud applications and third-party services within an enterprise generally requires employees to keep track of a number of user names and passwords on a daily basis. The fact that employees need to remember multiple login credentials has incurred significant costs for an enterprise due to the increasing number of help desk calls for pass- word reset. Moreover, the current practice of using multiple user names and passwords in enterprises is also exposing the business to more opportunities for security breaches, as demonstrated by recent password leaks in big brands such as Apple, Adobe, and LinkedIn.