Alexander protects encryption
2023-04-18
Alexander Nilsson has studied different ways to secure encryption algorithms in the post-quantum cryptography era. He defends his PhD thesis “Decryption Failure Attacks on Post-Quantum Cryptography” on 11th of May, E:A, E-huset, 09:15.
What is your thesis about?
The evaluation of next generation of public-key encryption and digital signature algorithms are ongoing, with much at stake. The hope is that these algorithms will be secure for many, many years after their initial deployment. In fact they are expected to remain secure even in the face of fully developed and functional Quantum Computers (QCs). It is well known within the research community that QCs will break some of the most important and widespread algorithms that we otherwise use today. Replacements must be standardized well before QCs are realized. This field is called Post-Quantum Cryptography (PQC). The research included in this dissertation relates to cryptanalysis of several candidate PQC schemes. In one case a proposed alternative decoder is proposed for one of the schemes. Other results pertain to implementation issues of some of the new proposed schemes. Some attacks found in literature have been improved upon with new techniques. And some attacks are novel and affects the source code implementation of the schemes. We argue that our novel attacks are general and affect many different schemes and we show the applicability of the attacks by implementing them against some of them.
What made you want to pursue a PhD?
Being a scientist has always been something that just sounds right for me, even since I was little. Not to say I didn’t have other ideas when I was growing up as well, but the scholarly pursuit was always something that I came back to. The fact of the matter is that after my master, I applied for a few PhD positions which I didn’t get, most probably because I didn’t have any research idea available to sell to the hiring adviser. Instead, I got a job in the industry, which I was very happy about. I worked at this company for a year before the company was approached by Professor Thomas Johansson, asking if any employees would like to study for an industrial Ph.D. I said yes. We didn’t get the actual external funding for it until the third attempt two years later though.
Do you believe some results from your research will be applied in practice eventually? And if so, how / how?
My research has already had some level of impact on the effort of PQC standardization, mostly on the side of source code implementation but also in a lesser sense on the specification level, for some of the candidate PQC schemes. I expect that whenever the standards are being finalised our attacks will be considered and guarded against, which is a nice feeling.
What are your plans?
My current plans are to go back to my employer Advenica, who have so very generously lent me to the university. It will be nice to be able to work full time on a single project for a while. I expect and hope to continue working with cryptography for the foreseeable future.