CNTM

This project concerns the design of cryptographic schemes that are secure even if implemented on not-secure devices. The motivation for this work comes from an observation that most of the real-life attacks on cryptographic devices do not break their mathematical foundations, but exploit vulnerabilities of their implementations. This concerns both the cryptographic software executed on PCs (that can be attacked by viruses), and the implementations on hardware (that can be subject to the side-channel attacks). Typically, fixing this problem was left to the practitioners, since it was a common belief that theory cannot be of any help here. However, new exciting results in cryptography suggest that this view was too pessimistic: there exist methods to design cryptographic protocols in such a way that they are secure even if the hardware on which they are executed cannot be fully trusted. The goal of this project is to investigate these methods further, unify them in a solid mathematical theory (many of them were developed independently), and propose new ideas in this area. The project will be mostly theoretical (although some practical experiments may be performed). Our main interest lies within the theory of private circuits, bounded-retrieval model, physically-observable cryptography, and human-assisted cryptography. We view these theories just as the point of departure, since the field is largely unexplored and we expect to witness completely new ideas soon.