Justifying security of real-world cryptographic systems is often challenging because those legacy systems were not originally designed with a provable-security goal in mind, and consequently theoretical explanations may be unsatisfactory, failing to capture the real strength of the systems. In some other cases, provably secure designs are too expensive for performance-hungry applications, and practitioners therefore have to resort to heuristic solutions. This project takes a critical step towards this long-term goal by developing new proof techniques for symmetric cryptography to understand the exact security of real-world schemes, and bridge the performance gap between provable-security designs and heuristic ones.
The project studies how to build practical and provably secure Format-Preserving Encryption schemes, a tool that is widely used for encrypting credit-card numbers. The project revisits the security analyses of several widely used Random Number Generators, strengthening them with new analytic methods to obtain tight bounds. The project investigates how to give tight time-memory trade-offs for symmetric encryption schemes. The investigator develops an original problem-solving course in which students experience the full discovery process with trial-and-error, guessing, forming attack plans, and validating them. This class targets senior undergraduate students and first-year graduate students, preparing them with a proper background for doing research in theoretical computer science. Some of this material is used in the Young Scholars Program, a summer science and math program for high-school seniors in Florida.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
