Research project P6/26 (Research action P6)
With the rise of the Internet as a global information infrastructure and the increasing adoption of connected devices, information that used to take a considerable effort to retrieve is now readily available. This information infrastructure will keep expanding and will become more pervasive: we will evolve from a few devices per user to thousands of devices, large and small (up to the nano-scale) that are integrated into the environment and into our bodies and that interact in many complex ways. In addition our dependence on this infrastructure will grow, hence it becomes increasingly important to understand and manage the risks coming with this new infrastructure. This includes unauthorized access to services and information, privacy violations, denial of service attacks, and various kind of malware. With legal protection proving too slow and cumbersome to act as an effective deterrent in the fast-moving world of information technology, prevention of attacks by technological means has become more important than ever.
This project intends to perform fundamental research into a number of selected disciplines that intend to address the information security challenges we are facing. Cryptology is the science that studies techniques from discrete mathematics in order to provide secrecy, authenticity and related properties for digital information; cryptology is a fundamental enabler for information security, privacy and dependability. Watermarking allows embedding hidden information into the digital media, such that the watermark is imperceptible, robust and difficult to remove. Perceptual hashes are based on a combination of watermarking and cryptographic techniques; they can be used as perceptually relevant signatures, as tool for content dependent key generation, for persistent identification and for content retrieval. Cryptology and watermarking techniques can be found at the core of computer and network security, of digital identification and digital signatures, digital rights management systems, content retrieval, tamper detection, etc. In the last decade, the insight has grown that developing secure software and hardware implementations is much more challenging than originally anticipated: the discipline of information security engineering has as goal to bridge the gap between the world of mathematics and modelling and that of building secure systems.
The project will address the following fundamental research challenges:
• Discrete mathematics: the study of Boolean functions and their cryptographic properties, the study of power functions, the connections between coding theory and distributed cryptography and the study of hardness assumptions for public key cryptography.
• Cryptographic algorithms and protocols: developing a new generation of hash functions and stream ciphers that offer improved trade-offs between security, performance and cost; protocols for privacy-preserving online interactions, and provable security in symmetric and asymmetric cryptology;
• Watermarking: Watermarking and visual hash for 3-D shapes and secure hardware platforms embedding dynamic video watermarks;
• Secure Software: Composition Technologies and the Development process for Secure Software, countermeasure technologies for software vulnerabilities, and design methodologies and policies for privacy-preserving and anonymous services;
• Secure Hardware: advanced modeling techniques for countermeasures against side channel attacks, ultra low power compact security, and design methods for secure hardware.
In order to focus the fundamental research and to integrate the work of the teams, three application areas have been selected:
• secure documents: how to deal with the connection of bits and atoms and more in particular how we can transfer our current concepts and documents related to identity (ID card, passports), payment, and media to an on-line world;
• ultra low power crypto for sensor networks, ambient intelligence and RFID: how to integrate security technologies into ever shrinking ubiquitous devices; this brings the need for new cryptographic algorithms and protocols that take into account constraints of power, size and speed and into secure hardware and software for these systems;
• mobile terminals, DRM and trusted computing: each user will have a mobile terminal on which content and services will be accessed; specific concerns are how one can increase the trust in the software and hardware on this platform and how one can manage the rights related to the information that is being processed (media, personal information).
An important cross-cutting concern for these three areas is how privacy can be provided in these new contexts; there is a clear need to develop advanced solutions that can counterbalance the natural technological evolution of storing and processing an increasing amount of personal data which clearly brings long term risks to society. It should be stressed that the goal of these areas is not to perform applied research on these topics, but rather to identify long-term challenges to guide the fundamental research in the project.
This project brings together five Belgian research groups: COSIC and DISTRINET (K.U.Leuven), DICE and TELE (UCL), and the Incidence Geometry group (Univ. Ghent) with two EU partners: TUHH (D) and IAIK, T.U.Graz (AT). The partners in this project proposal have a very strong background and experience in the key areas of this proposal: discrete mathematics, cryptology (algorithms and protocols), watermarking, secure software and secure hardware. We just mention two examples: the selection in 2000 of the Rijndael block cipher, developed at COSIC, as the US Advanced Encryption Standard (AES) which is now a worldwide de facto standard used by hundreds of millions of users in thousands of products, and the development of advanced cryptographic hardware in DICE, COSIC and IAIK.
