I enjoy collaborating, learning from other people’s experiences and finding new challenging problems to solve.

My research interests are focused on homomorphic cryptographic primitives, user privacy and data authentication.

My plan for the future

In the coming years I plan to work mainly in the following three areas:

  • Homomorphic Cryptographic Primitives. In the last decade, cryptographic primitives achieving homomorphic properties have become increasingly popular. Such primitives allow untrusted parties to compute on cryptographic data while achieving either privacy of the data (homomorphic encryption) or integrity of the computation (homomorphic signatures). This is particularly interesting when we want to outsource complex computations on large datasets in the cloud. I would like to investigate how we can achieve fully homomorphic encryption (FHE) without relying on noisy ciphertexts. In particular, I will study building FHE from algebraic-only assumptions.

  • Cryptography for Secure Communications. Cryptographic primitives are the building blocks for creating secure environments, but they must be implemented and used correctly. Communication protocols enable different parties to communicate through an insecure channel where a third party may be listening and potentially tampering with the information transmitted. In the light of Snowden revelations, cryptographers should aim to design secure communication protocols with minimal trust. To this end, I initiated to study the security of widely deployed Asynchronous Message Protocols (like Signal and Telegram).

  • Post-Quantum Cryptographic Primitives. Quantum computers are different from classical computers in that they handle quantum-bits (qbits) that encode both 0 and 1 at the same time. When large-scale, quantum processors become a reality, cryptographic problems believed to be intractable on classical computers become efficiently solvable. IBM, Google, Microsoft, and several military services have already developed quantum computers on few qbits, therefore the need for new security assumptions and cryptographic schemes that guarantee the confidentiality and integrity of digital communications in the quantum era.

Topics on which I have worked so far:

Multi-Key Homomorphic Signatures In a nutshell, multi-key homomorphic signatures extend the existing notion homomorphic signatures in such a way that the holder of public evaluation keys can homomorphically compute a program over data authenticated using different secret keys. See [✰] for further details.

Server-Aided Verification of Signatures The core concept of ubiquitous computing is to allow users to process information at any time and place via a robust network that connects resource-constrained devices to more powerful ones. In such a setting, Server-Aided Verification of Signatures guarantees security and reliability of the outcome of a signature verification when part of the computations is offloaded from the verifier (e.g., the auctioneer) to a powerful and untrusted server.

Biometric Authentication systems (also privacy-preserving one).
Authentication systems based on biometrics (fingerprint, iris scan) are becoming increasingly popular: biometric traits look like complicated and unique passwords that everybody carries along without any effort. However, these systems are a very hell for the privacy of enrolled people. Main results: reference-template-recovery attack to biometric authentication system that employ leaking distances (e.g. Hamming or Euclidean Distance) [✰].

Distance Bounding (DB) authentication protocols. These are challenge-response-based protocols that were first introduced to prevent Man-in-the-Middle attacks and especially relay attacks. DB protocols are usually designed to run on RFID tags (e.g. smart cards, electronic passports) and enable to authenticate a possibly untrusted entity (prover) to a trusted party (verifier). The result of the authentication protocol also depends on the round-trip-time of the challenge-response pairs.

Homomorphic Authentication Codes for linear network coding.
These are codes, that produce authenticating tags for messages. The homomorphic property is required in order to suit the behaviour of the netwrok (in which each node forwards a - possibly random - linear combination of its incoming messages). The main tools: linear algebra and rank distance codes.