Sedat Akleylek
The projects are suitable for all degrees (BSc, MSc, PhD)
A Comparison of Post-Quantum Symmetric-based Signature Schemes
The task is to understand the symmetric-based signature schemes submitted to NIST Post-Quantum Cryptography Standardization Project. The signature schemes are Picnic, AIMer, Ascon-Sign, FAEST, SPHINCS, SPHINCS-Alpha [1,2]. At least 3 signature schemes are selected for both theoretical and practical comparison. The comparison includes performance analysis (running time, etc.) and the structural similarities/differences. [1] https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions [2] https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures
A Report on the Shortest Linear Program and Its Variants
Symmetric key cryptosystems have diffusion and confusion layers. The Shortest Linear Program (SLP) problem, which is to the number of linear operations necessary to compute a set of linear forms. In this project, the task is to understand and implement the circuit minimization algorithms for linear/permutation layers of symmetric key cryptosystems. [1,2] are the code examples for the Boyar-Peralta algorithm. [3] explains the Boyar-Peralta algorithm. In the report, basic work-flow of the circuit minimization algorithms, their comparison, implementation results on the linear layers and discussion on them are given. [1] https://bitbucket.org/anubhab001/boyar-peralta-xor3/src/master/ [2] https://github.com/thomaspeyrin/XORreduce [3] https://doi.org/10.1007/s00145-012-9124-7
Experimental Results on OpenFHE
The task is to run open-source fully homomorphic encryption (FHE) libraries which has the implementations of several FHE schemes and provide a detailed comparison. The focus will be given to CKKS scheme. [1] https://eprint.iacr.org/2022/915 [2] https://github.com/snucrypto/HEAAN [3] https://github.com/homenc/HElib Implementation of ring signature scheme based on multivariate quadratic polynomials The task is to read about their approach from https://eprint.iacr.org/2020/286, to write a summary and to implement the scheme.
Implementation of group signature scheme over lattices
In this project, the aim is to implement one of the group signature scheme and to write a summary of the following survey. https://www.mdpi.com/2410-387X/6/1/3#B25-cryptography-06-00003
Quantum one-time programs
The task is to read about their approach from https://arxiv.org/pdf/1211.1080.pdf, to write a summary. Polynomial Multiplication methods for Lattice-based Cryptographic Schemes In this project, the aim is to present a survey on the state-of-the-art for polynomial multiplication methods in lattice-based cryptography.
Graph-based vulnerability and risk assessment models
IoT devices and systems are vulnerable to attacks due to their characteristics. There are various attack and vulnerability assessment studies in the literature to bring persistent and applicable solutions for security concerns in IoT. These studies provide different approaches in terms of network representation and solution techniques. The graph model is one of these representations and technical approaches. An attack graph model shows all possible attack path sequences from the source to the target. Therefore, graph-based models can offer systematic, formal, and strong directions to determine vulnerable points, and they can help to design defense mechanisms. In this seminar, the main goal is to give a literature review with comparison of available models.
Cybersecurity in Aviation
Over the past few years, information on hundreds of millions of aviation customers has been stolen in cyber-attacks. In addition to data breaches, airports and aviation applications have also been targeted in ransomware attacks where information and services are made unavailable until a ransom is paid. Aviation experts have expressed concern over potential vulnerabilities in aviation technologies that communicate information between aircraft and with air traffic control and ground services without any authentication or encryption. This could allow the injection of false messages and ghost aircraft. In this seminar, the main goal is to give a literature review with comparison of available models. https://erau.edu/degrees/master/aviation-cybersecurity
Bora Buğra Sezer
The performance comparison of smart contracts in decentralized systems
The task is to understand the blockchain technology system and analyze smart contract performance. Also, to contribute to the security-performance challenge in decentralized systems. Integrated cryptographic protocols for security affect the contract gas cost, which in turn affects the communication cost and, therefore, the blockchain overhead. Benchmarking includes On-Off-chain integrated smart contract performance analysis (storage-event-based) using the Elliptic Curve Digital signature scheme. [1] Rao, I. S., Kiah, M. L., Hameed, M. M., & Memon, Z. A. (2024). Scalability of blockchain: a comprehensive review and future research direction. Cluster Computing, 1-24. [2] Zheng, X., Zhu, Y., & Si, X. (2019). A survey on challenges and progress in blockchain technologies: A performance and security perspective. Applied Sciences, 9(22), 4731.
Arnis Paršovs
Applied cyber security topics
Applied cyber security group offers research seminar supervision on various cyber security-related topics for students who are interested in more applied research that may involve hands-on activities as well. Various hardware can be provided to students for experiments. Students who are doing applied research must still describe the research they have performed in a seminar report and convince the supervisor that the work done is worth 3 ECTS (~78 hours of work). Students are welcome to contact Arnis Paršovs (arnis.parsovs@ UT) with their seminar topic ideas.
Recommended prerequisites: Applied Cryptography (MTAT.07.017) / Wireless Technologies and Security (LTAT.04.009)
Level:BSc, MSc or PhD
Helger Lipmaa
Hash-based zk-SNARKs [taken]
ZK-SNARKs (zero-knowledge succinct non-interactive arguments of knowledge) is a new technology that allows verifiable/delegatable computation. Here, a computationally limited verifier (who also lacks access to all necessary data) delegates its computation to a more powerful prover, who performs the computation and returns a short proof that it was done correctly. The area of ZK-SNARKs went through recent revolutionary change, making a largely theoretical concept to a highly practical one, with many companies implementing ZK-SNARKs for applications ranging from blockchain to machine learning. One of the most interesting approaches to the construction of ZK-SNARKs is based on the use of hash-functions (guaranteeing security on minimal assumptions) and error-correcting codes. The student is supposed to write a survey on most prevalent hash-based solutions like FRI and Brakedown; independent research is highly encouraged.
Domain-Specific Languages (DSL) for Zero-Knowledge
(Suitable for a MSc or PhD student with background on cryptography and programming)
Related to the previous topic and Zk-SNARKs but different angle. There exist several new DSLs for ZK that allow one to specify formally what is the goal that the prover needs to prove and the verifier to verify. Such DSLs typically compile a program from a high-level language to an intermediate representation (for example, circuit), suitable for some concrete cryptographic backend. The goal of the student is (1) to survey some existing DSLs like Noir, Cairo, Circom, Nexus zkVM, Halo2, and possibly more, (2) write a comparison of when is some DSL better than other (including all limitations but all how optimized the results are), (3) write actual code (corresponding a large-scale computation) that exemplifies the strengths and weaknesses of each DSL. The code should be publicly available.
Materials: MOOC https://zk-learning.org/ (lecture of 1/31, but previous lectures are also a must) Various existing surveys on the internet like https://zkv.xyz/a-survey-of-zk-languages/ , https://medium.com/@scalingx/zk-programming-languages-a-comprehensive-overview-a3046ea5e859 or
Toomas Krips
Soft-spoken Oblivious Transfer.
Lately, various generalizations of Oblivious Transfer have been fashionable. One particular area of interest has been silent OT extension where OT extension can be done without any communication. One paper published in recent years is the SoftSpoken OT (https://eprint.iacr.org/2022/192.pdf), which takes a compromise approach, where a small amount of communication is allowed to allow for overall faster result. From some personal communication, I have been told by some people involved in more applied MPC that they prefer to use the SoftSpoken approach to the Silent approach because it is in practice faster. Thus the task of the student is to read the paper and write a short report on it, focusing on the key results and intuitions.
Vitaly Skachek
Encryption from Random Quasi-Cyclic Codes
We will study a framework for constructing efficient code-based encryption schemes that do not hide any structure in their public matrix. There are two cryptosystems instantiated within this framework: the Hamming QuasiCyclic cryptosystem (HQC), based on the Hamming metric, and the Rank Quasi-Cyclic cryptosystem (RQC), based on the rank metric. In the project we will study and analyze those schemes.
Based on the paper: Aguilar, C., Blazy, O., Deneuville, J. C., Gaborit, P., & Zémor, G. (2016). Efficient encryption from random quasi-cyclic codes. arXiv preprint arXiv:1612.05572.
Suitable for MSc and PhD level students.
A Circuit Approach to Constructing Blockchains on Blockchains
Since the creation of Bitcoin 15 years ago, there has been an explosion in the number of permissionless blockchains. Each of these blockchains provides an open ledger that anyone can read from and write to. In this multi-chain world, an important question emerges: how can we build a more secure overlay blockchain by reading from and writing to a given set of blockchains? Drawing an analogy with switching circuits, we approach the problem by defining two basic compositional operations between blockchains, serial and triangular compositions, and use these operations as building blocks to construct general overlay blockchains. In this project, we will study and analyze this approach.
Based on the paper: Tas, E. N., Tse, D., & Wang, Y. (2024). A Circuit Approach to Constructing Blockchains on Blockchains. arXiv preprint arXiv:2402.00220.
Suitable for MSc and PhD level students.