# Cryptography, Cybersecurity, Distributed Trust, Post-Quantum Cryptography, Byzantine Fault Tolerance, Secure Distributed Computing, Secure Cloud Computing.

## IRIS Webinar

The importance of designing methods to protect data in the modern world cannot be overstated. The urgency of this need is reflected in mainstream media - newspapers and websites are full of news about critical user information, be it credit card numbers, medical data, or social security information, being compromised and used illegitimately. Juxtaposed with the need of securing digital information, is the equally urgent need of enabling and assisting the Big Data'' revolution. We have already begun to glimpse the sheer power of massive-scale data analysis, with applications ranging from cloud computing to advertising to social science studies to smart meters and smart cities and so on.

• Can the divide between utility and security be bridged? Through our centre, we aim to construct systems which achieve strong mathematical security that users can trust, while supporting advanced functionalities that enable and assist cloud computing.

• The authors of this proposal, together with their collaborators, have a strong track record of making high impact, globally visible contributions in designing such systems via novel scientific methods that synthesize ideas from cryptography, distributed systems, algorithms and cybersecurity at large.

# Shweta Agrawal

### Computer Science and Engineering

shweta.a@cse.iitm.ac.in

# C. Pandu Rangan

### Computer Science and Engineering

prangan55@yahoo.com

# John Augustine

augustine@cse

## Project

Via our proposed centre, we aim to build a solid platform that

i) provides us visibility as a group with a common unified vision, which is of global relevance,

ii) provides a strong platform for us to extend our existing collaborations as well as initiate new ones,

iii) provide a strong motive statement using which we may attract exceptional members to join us,

iv) address fundamental problems, both in theory and practice, that are globally acknowledged as central to the fields of cryptography, cybersecurity and distributed trust.

Our primary focus areas are

• Post quantum cryptography
• Secure cloud computing
• Blockchains and distributed trust
• Byzantine fault tolerance.

### Post quantum cryptography

• Current crypto based on factorization and discrete log
• Breakdown under quantum computers
• Our goal is to investigate one of the most promising approaches, namely, lattice based cryptography.

### Cryptography for Cloud Computing

• Security is the biggest hindrance in fully utilizing the power of cloud computing
• Fully Homomorphic Encryption and Functional Encryption are promising.
• Our goal is to design algorithms and construct systems with provable security for secure cloud computing.

### Blockchains & Distributed Trust

• Blockchain: distributed public ledger maintained by peer-to-peer network.
• Basis for crypto-currencies, smart contracts, and other distributed trust apps.
• Our goal is to design protocols for peer-to-peer networks to make them resilient to heavy churn and Byzantine (i.e., malicious) participants.

### Byzantine Fault Tolerance

• Inspired by distributed trust applications, we are also investigating protocols resilient to Byzantine agents.
• Classical work focusses primarily on Byzantine agreement.
• Our goal is to design Byzantine resilient protocols for a wider set of problems.

### Post Quantum Cryptography

Cryptography is the science of building secure systems based on the hardness of solving certain mathematical problems. Two of the most popular mathematical problems underlying most current day cryptographic systems are the “integer factorization” problem and the “discrete logarithm” problem. These problems are believed to be very hard to solve using classical computers but break down completely against quantum computers thanks to the breakthrough result by Shor in the 90’s.

The construction of quantum computers have seen huge strides in recent times, and while we are still a distance from practical quantum computers, it is widely conjectured that the next few decades will see the birth of practical quantum computers. It is therefore necessary to base cryptography of the future on problems that remain intractable against quantum computers.

To address the urgent need of developing post quantum cryptography, the “National Institute of Standards and Technology (NIST), a unit of the U.S. commerce department, initiated a process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms''. In the global community, there is significant effort to standardize post quantum cryptosystems for simple primitives such as encryption and signatures, as well as to develop new cryptography based on post quantum assumptions.Through our centre, we intend to conduct a deep study on one of the most promising approaches for post quantum cryptography, namely, lattice based cryptography.

We already have a strong track record of designing cryptosystems that are (conjectured) post-quantum secure. Our work has appeared at the topmost global venues for cryptography, such as Crypto, Eurocrypt, Theory of Cryptography Conference (TCC) and such others and has been widely cited by peers. Via the centre, we aim to extend our work and make additional, high impact contributions in this field.

### Secure Cloud Computing

Cloud computing is an exciting new economic and computing model in which users outsource their data storage and computing needs to a third party server, such as Google, Dropbox, Amazon etc. The benefits provided by such an infrastructure are immense – users can access their data on the go" from anywhere, and do not have to worry about backing up their data, or setting up infrastructure to perform the functions they want.

The biggest hindrance in making cloud computing a practical reality is the issue of security, as discussed above. However, there has been tremendous progress already in the general area of computing on encrypted data: the boom in Fully Homomorphic Encryption and recent leaps in the area of Functional Encryption. We propose to design algorithms and construct systems with provable security to enable secure cloud computing.

We have already made significant advances in this direction. We have designed multiple expressive encryption schemes, such as identity based encryption \cite{ABB10a,ABB10b}, predicate encryption \cite{AFV11}, functional encryption \cite{ALS16,AS17,Agr17} and such others. We propose to design new and efficient constructions for other variants of {\it expressive} cryptography, such as novels forms of pseudorandom functions, signatures, commitment schemes and such others.

### Blockchains for Dist. Trust

Blockchain is a distributed public ledger technology which is the basis of many crypto-currencies including bitcoin. At a high level, a blockchain is a dynamically growing, ordered set of records containing user transactions or other data, which are secured using cryptography. The decentralized nature of blockchains enables users to invest in the security and integrity of their data directly, while usage of cryptography prevents malicious users from modifying records to their advantage. Moreover, the sequential nature of a blockchain maintains the timeline in which transactions occurred; an indispensable asset in chronicling events. Underpinned by a peer-to-peer (P2P) network, blockchains enable users to transact in a secure, tamper free, decentralised way, paving the way for a new era of transparent, auditable socio-economic infrastructures, in which user information can be stored in shared databases that are efficiently verifiable, transparent and secure.

The stupendous success of blockchains has created a flurry of activity in the field of cryptography, security, and distributed computing. In particular, the inherently decentralised nature of blockchains has created multiple new considerations in cryptographic design – for instance, the necessity of securing distributed bitcoin wallets leads to the following question: can we distribute the signing key of a digital signature scheme so that a signature is created only if {\it all} the key holders participate? This would ensure that even if the blockchain is somehow hacked, a user’s wallet will remain secure. This and other such questions are of central importance in cryptography today and being studied by leading groups all over the world. Via our centre, we propose to provide new cryptographic constructions that are blockchain friendly and can interface seamlessly with the many new applications of blockchains to distributed trust.

Blockchains are maintained by peer-to-peer networks that are highly dynamic and vulnerable to attacks by malicious Byzantine participants. A lot of effort has gone into the study of maintaining blockchains as long as the Byzantine participants possess less than 50% of the compute power. However, the sparse nature of P2P networks implies that a much smaller number of Byzantine nodes can wreak havoc on the underlying P2P network. Intuitively, such behaviour is achieved by either cutting off a portion of the network or causing delays by corrupting key relay points within the network. Mitigating such malicious behaviour is an active area of research pursued by several leading groups.

Our particular strength lies in theoretical understanding of dynamic P2P networks with Byzantine faults, dynamic churn and other related issues with publication in prominent venues such as PODC, DISC, FOCS, and IPDPS. As P2P networks are the infrastructure on which blockchains and distributed trust applications of the future are going to be built, we believe that this area is of paramount importance, and it is a top priority for us as a centre.

### Byzantine Fault Tolerance

We have already alluded to the importance of robust protocols resilient to Byzantine nodes in the context of P2P networks. Such Byzantine fault tolerance traces its roots to the works by Turing award winner Leslie Lamport and his collaboraters Pease and Shostak~\cite{pease80,lamport82}. Their work was on Byzantine agreement where the nodes in a network must agree on a bit value despite the presence of (less than a third) Byzantine nodes. This work has proved to be foundational to may systems today – the most prominent example being bitcoin and other cryptocurrencies.

With the larger field of distributed trust taking shape, we will see a much wider range of applications and a wider range of requirements on the Byzantine fault tolerance front. While the theory of Byzantine agreement serves well for targeted applications, we believe that a broader theoretical base for a wider set of problems is required. With this broad requirement in mind, we have initiated research into Byzantine fault tolerant property testing where we wish to build tools to test properties of an underlying network graph despite the presence of Byzantine failures.

We note that our definition of Byzantine failures is of the strongest form in literature wherein Byzantine nodes have unbounded computational power and can collude with each other. Thus, for modeling purposes, we can assume the presence of a Byzantine adversary that simultaneously controls all the Byzantine nodes and knows everything that the Byzantine nodes have individually learned. Due to the highly challenging nature of designing algorithms that are resilient to Byzantine faults, some of the strongest groups in distributed computing will seek to tackle problems of this nature. Our goal is to make CCD a leading centre in this space.

## Expected deliverables of the research

• Strong publications aimed at impact in the long term at prestigious venues of international repute

• Build a large group with multiple PhD students, postdoctoral researchers and Young International Faculty (YIF).

## Current status

• Papers in the pipeline
• 5 papers in Cryptography
• 2 papers on Byzantine fault tolerance
• 1 paper on designing peer-to-peer networks that are resilient to churn and Byzantine peers.

## Collaborations

### International Collaborations

• Damien Stehle link
• Shafi Goldwasser link
• Junichi Tomida link
• Yuval Ishai link
• Eyal Kushilevitz link
• Alon Rosen link
• Gopal Pandurangan link
• David Peleg link
• Christian Scheideler link
• Marc Fischlin link

### Industrial collaborations

• Microsoft Research, Bengaluru

## Societal impact

### Societal impact

The field of cryptography, cybersecurity and distributed trust is vitally important for society as most transactions as well as crime have moved online.