My research interests can be roughly stated as "Useful Cryptography, Now and in the Future". More divided into the following areas: Effective Cryptographic Implementations; Cryptology (including Post-Quantum Cryptosystems and Algebraic Cryptanalysis). I also study other topics that are Combinatorial in nature, including Analysis of Algorithms. My work cover both theory and applied cryptography.
1. Effective Cryptographic Implementations
- We have implemented many cryptographic protocols, particularly post-quantum protocols.
- We have cooperated with the formal methods group in High Assurance Cryptographic Software. Together we completed the first formal verification for a hand-crafted assembly program with more than 100,000 instructions, which is the central part of the Curve25519 routines in intel x86 assembly.
- Recent work in this area include semi-automated formal verification of other crypto routines such as the PKCs in OpenSSL.
2. Cryptology: In this area, we concentrate in the following areas:
- Post-Quantum Cryptography: The current real meaning of this term is the study of cryptography that resists the advent of Quantum Computers, which are rumored to arrive within two decades. Our research in MPKCs (Multivariate Public-Key Cryptosystems) which depends on the difficulty of instances in EIP (Extended Isomorphism of Polynomials) and Multivariate Quadratic problems, are world-leading and has advanced the understanding of the field in both theoretical and practical viewpoints. MPKCs operate on a vector of variables over a small field as opposed to an element in a huge algebraic structure (as in RSA or ECC). This key characteristic makes MPKCs faster at comparable design security. This is useful for low-resource environments, such as embedded systems and smart cards. Recently we have proposed several analysis and improvements in the design of such primitives. We also have worked in other post-quantum cryptography, such as lattice-based.
- Cryptanalysis: We have made theoretical and practical advances to equation-solving and algebraic cryptanalysis, especially those including Gröbner Bases and the related XL (eXtended Linearization) method and its variants. We have proved that the F4/F5 methods are not the best for most random systems. We have also made strides in terms of cryptanalysis of lattice-based cryptography, which sometimes is used with blithe abandon with no regard to their pragmatic security or utility.
3. Other Combinatorial Studies I work on many other combinatorial problems especially those dealing with enumeration and analysis of algorithms that deals with iterative or recursive structures that can be handled by standard combinatorial methods. |