Researchers from Florida Atlantic University’s College of Engineering and Computer Sciencehave received a $450,000 grant from the National Science Foundation for a four-year project titled, “SaTC: CORE: Medium: Collaborative: Countermeasures against Side-Channels Attacks Targeting Hardware and Embedded System Implementations of Post-Quantum Cryptographic Algorithms.”
The FAU project is part of a $1.2 million collaborative initiative with researchers from George Mason Universityand the University of South Florida. Researchers from FAU will focus on efficient hardware and software implementations as well as side-channel investigations of quantum-safe candidates.
Quantum computers are thought to have the potential to perform specialized calculations beyond the reach of any supercomputers in existence and will be able to break current public key cryptosystems used today. The National Institute of Standards and Technology (NIST) is looking to substitute candidates with strong security against attacks on quantum computers. The goal of the FAU project is to provide solutions and directions for the secure implementation of five leading candidates of quantum-safe solutions that will be submitted to the NIST.
“If successful, our candidate will be widely adopted to secure the Internet as well as the entire connected world,” said Reza Azarderakhsh, Ph.D., principal investigator, an assistant professor in FAU’s Department of Computer and Electrical Engineering and Computer Science, and a fellow of FAU’s Institute for Sensing and Embedded Network Systems Engineering (I-SENSE), one of the University’s four research pillars. “As part of our research and development, we will continuously provide recommendations to public and standardization organizations like the National Institute of Standards and Technology, the Internet Engineering Task Force, and the European Telecommunications Standards Institute, which will assist them with their final decisions.”
Azarderakhsh and his recent Ph.D. student Amir Jalali, Ph.D. are part of NIST’s competition for standardization of post-quantum cryptography. Their submission has been moved to the second round of evaluation as indicated by NIST earlier this year.
This project will investigate at least one candidate from each of the five major post-quantum cryptographic families. The selected algorithms also will represent three major categories of public key applications: encryption, digital signature, and key encapsulation mechanism. The goal is to determine the cost of effective countermeasures in terms of the commonly accepted software and hardware performance metrics.
The FAU researchers will actively disseminate the results of their findings by making all of their code, documentation and results publicly available and easy to reproduce. They will integrate the knowledge and experiences gained through research into novel curricula of cryptographic engineering courses and provide independent research opportunities for undergraduate and graduate students. They also will actively promote outreach programs and encourage the participation of high-school students, minority and low-income students, women (through Women in Engineering programs), and students with disabilities.
Mehrdad Nojoumian, Ph.D., is the co-PI and an assistant professor in FAU’s Department of Computer and Electrical Engineering and Computer Science.
“Side-channel attacks are real threats to the practical implementation of cryptography and could significantly hinder the successful transition to post-quantum cryptographic algorithms,” said Stella Batalama, Ph.D., dean of FAU’s College of Engineering and Computer Science. “The project spearheaded by professors Azarderakhsh and Nojoumian paves the way to the systematic long-term study of these attack countermeasures. Their cutting-edge work will help to ensure a secure transition for the National Institute of Standards and Technology as well as a positive impact on the millions of Internet users worldwide.”
As of June 2018, 55.1 percent of the world’s population has internet access. In 2015, the International Telecommunication Union estimated that about 3.2 billion people, or almost half of the world’s population, would be online by the end of the year. Data breaches and cyberattacks affect millions of businesses and households each year, hindering the integrity of critical systems, leaking private information and paralyzing Internet infrastructures.