Our research team focuses on developing cryptographic schemes to protect data, systems and network communications against the threat of quantum computers. Public-key cryptography based on RSA or ECC will be insecure once a sufficiently powerful quantum computer is built and is able to run Shor’s and Grover’s algorithms. For this reason, post-quantum cryptography (PQC) has emerged as a practical solution to make communications and systems quantum-resistant.

Our work is open and conducted in collaboration with academic partners, with the goal of designing and implementing robust and tested post-quantum cryptosystems in both software and hardware environments.

Our research domains include:

• Code-based post-quantum cryptography
• Hash-based post-quantum cryptography
• Lattice-based post-quantum cryptography 
• Quantum key distribution protocols

Embedded systems including, Internet of Things (IoT) and cyber-physical systems (CPS), are proliferating across multiple domains, including mission-critical systems, such as nuclear power plants, smart cities and smart healthcare. However, vulnerabilities in the design and implementation of IoT and CPS devices are coupled with an absence of standard cryptographic primitives and network protocols.

As a consequence, lightweight cryptography has become a pivotal area, and focuses on designing and securely implementing cryptographic primitives suitable for all sorts of IoT and CPS scenarios.

At CRC, collaborative work is ongoing to design and implement robust and tested lightweight cryptosystems in software as well as hardware.

Our research domains include:

• Lightweight symmetric cryptographic primitives 
• Quantum-resistant schemes for resource-constrained devices

Cloud computing has undergone significant growth in the last decade, offering myriad applications, some of which generate privacy and confidentiality challenges, even when the connection between users and cloud providers is secure.

However, the traditional use of cryptography is not the ideal solution for confidential computing and security preservation within the cloud environment.

At TII, we are working to design and implement robust and tested cloud encryption schemes. Our work on multi-party computation (MPC) and fully homomorphic encryption (FHE) solutions offer advanced security guarantees in the cloud environment. MPC and FHE are next-generation algorithms for cloud data encryption that enable decentralization and fragmentation of key storage, and smart computations on encrypted data, respectively.

Our research domains include:

• Verifiable Computation
• Privacy Preserving Authentication
• Privacy Preserving Machine Learning

The TII team focuses on multiple areas, from foundational primitives to the design, analysis, implementation and testing, and developing security proofs for cryptographic protocols.

Cryptographic protocols have evolved significantly, adapting to the needs of recently developed applications. These provide several security properties at once, and end up as complex compositions of cryptographic primitives and schemes. The detailed study of these protocols is of the utmost importance, given that some of them are deployed on a large scale.

In addition, some of today’s commonly used protocols are not quantum-resistant. As a consequence, hybrid protocols (combining PQC schemes and traditional RSA or ECC) have emerged as a practical solution.

Our research domains include:

• Cryptographic protocols
• Hybrid key establishment protocols
• Hybrid digital signature protocols

In cryptography, it is important not only to design secure systems, but also to implement them so they can be integrated and deployed in a secure and modular way. A secure implementation of cryptographic libraries in both software and hardware is pivotal, as they need to comply with performance requirements without jeopardizing security properties.

More recently, software-hardware co-designs have come into play and offer valuable trade-offs for engineers. All these constructions need to be thoroughly tested in multiple scenarios, including a wide variety of side-channel attacks and fault injections.

Our research domains include: 

• Secure implementations optimized for different architectures and platforms 
• Side-channel analysis and countermeasures implementation
• Cryptographic Agility

Cryptanalysis focuses on analyzing cryptographic constructions to identify weaknesses in their design and implementation, which are then exploited in order to derive keys or plaintexts. 

Cryptanalysis has also paved the way for the development of criteria for the security evaluation of cryptographic primitives.

Our goal is to design and implement new and modular cryptanalytic frameworks in both software and hardware implementations. In addition, we are also building a comprehensive cryptanalysis library aimed at gathering different cryptanalysis techniques and tools under a common framework.

Our research domains include:

• Theoretical cryptanalysis of symmetric primitives and post-quantum cryptography schemes 
• Cryptanalytic attacks against cryptographic implementations
• Leveraging machine learning to design new cryptanalytic techniques

Custom Hardware implementations of cryptographic algorithms offer the agility to move across different technologies while allowing multiple flavors of customized design and, at the same time, protecting against side-channel and fault-injection based attacks. As cryptographic solutions in hardware implementations become increasingly widespread and accessible across various technologies and devices, the need for tailored solutions to address specific requirements becomes essential.

Our research and development focuses on the following main areas:

• Secure hardware implementations of sovereign cryptographic solutions on FPGAs and ASICs
• Secure hardware implementations offering post quantum hardware cryptographic IP cores for FPGAs and ASICs
• Evaluation and test of cryptographic devices and cores using side-channel and fault-injection analysis
• Hardware Penetration testing, Reverse engineering and Malware analysis
• Practical Cryptanalysis of cryptographic implementations
• Design and implementation of secure ASIC solutions

TII is responsible for the design and implementation of National and Sovereign Cryptographic solutions and their integration into products for the UAE, covering all targets ranging from vehicles to protocols and everything in between.

Our research includes:

• Implementation of state-of-the-art protocols such as TLS1.3
• Implementation of cryptographic libraries in memory-safe languages