Master students. Directly related to the course ELEC2760 (see below), several topics are
proposed for master theses. Proposals are open to master students in electrical engineering,
electromechanical engineering, computer science engineering and mathematical engineering.
Depending on the students, topics can be adapated with a more or
less theoretical flavour, with or without a programming part. Some of them can also be combined
with an industrial internship.
Interested students can contact me by
e-mail to obtain more
information. Foreign students should first register at UCL before contacting me.
PhD students. Open positions at the Crypto Group are listed on the group's webpage.
ECTS: 5 credits, Lectures: 30h, Exercises: 30h.
Goal. This course covers the different issues that are raised by the design of cryptographic algorithms and their implementation (in hardware and software). It is part of the option in "Cryptography and Information Security", as a complementary to courses in cryptography (MAT2450) and computer system security (INGI2347). More specifically:
- Cryptography assumes the existence of certain basic primitives acting as perfect black boxes in order to prove the security of advanced functionalities (identification, signature, voting, ...). For example, the block cipher in Figure 1 is ideally assumed to act as a family of random permutations. But in practice, this random permutation has to be emulated by a particular algorithm that can run efficiently on different devices. And this emulation of an idealized abstraction with a practical instance may have mathematical weaknesses (e.g. deviations from a random behavior). Understanding these deviations is the goal of cryptanalysis and is essential in order to ensure the reliability of secure systems.
- On the other hand, the more general field of information security exploits cryptographic protocols and their implementations in order to secure computer-based (or other) applications such as e-mails, Internet, payment systems, ... And these applications also imply different constraints on the "efficiency" of the cryptographic implementations (e.g. in terms of code size, circuit size, throughput, power consumption, cost, ...). So, designing algorithms and implementations able to fulfill these constraints is also critical.
Figure 1. From black box assumptions to cryptographic implementations.
The goal of this course is to analyze the design of cryptographic algrotihms as a tradeoff between security and performances. Taking the example of Figure 1 again, a 128-bit random permutation could be seen as a large table with 2^128 possible inputs. But no computer would be able to store such a large table. Hence, while large random tables could be the best solution from a security point of view, practical implementations require algorithms that can be represented with simpler operations such as the ones available in the instruction sets of standard computing devices. Following, the course discusses how practical algorithms can fulfill the properties required by cryptographic protocols (as defined in MAT2450) while in the same time allowing sufficient performances for being used in real applications (as studied in INGI2347). Additionally, it pays a particular attention to the security against so-called physical attacks, in which an adversary not only exploits the regular inputs and outputs of his target device, but also alternative information channels. It finally studies how physical phenomenons can be exploited constructively in a secure system (e.g. in order to generate random numbers, or using biometrics). Such problems are essential for the deployment of small embedded devices such as smart cards, RFIDs, ...
The course material includes the following topics:
Prerequisites & evaluation. This course is open to any student following a master in electrical engineering, electromechanical engineering, computer science engineering and mathematical engineering. The only prerequisites are basic courses from the bachelor in engineering (mathemathics, statistics, programming, ...). In particular, no background in circuit design is assumed and all discussions of implementation issues are carried out at higher abstraction levels. The evaluation combines project works and a written and/or oral examination.