Light bulb graphic design containing images of circuits and mechanical apparatus. There is a graphic of clouds overlayed on the lightbulb around the middle zone and in the background. The background is black and there is a spotlight illuminating the globe from below. The source of light is not coming from the lightbulb itself, ironically.

Source: AdobeStock

Cryptographic Group Actions and Their Applications (LP220100332)

Aim and background

Post-quantum cryptography (PQC) emerges from the need to design cryptosystems that can be implemented in classical infrastructures and provide long-term security against threads by quantum computers. Cryptography plays a critical role in our daily lives, from securing transactions, to safeguarding confidential data. 

In an effort to anticipate the vulnerability of public key cryptographic primitives against future quantum computer attacks, the National Institute of Standards and Technology (NIST) in the United States started an international competition six years ago to determine new standards for post-quantum cryptosystems. Three out of the four announced candidates for standardisation are based on lattice assumptions. 

This project addresses the problematic lack of diversity in post-quantum cryptosystems. By constructing quantum-safe advanced primitives from cryptographic group actions, this project anticipates advances in lattice cryptanalysis, in which the worst case scenario would be a quantum attack invalidating all lattice-based cryptographic structures. In answering NIST’s call for alternative candidates that are not based on structured lattices, this project will deliver necessary mechanisms and infrastructures to secure data in the upcoming quantum computing era. 

Isogeny-based cryptography

The PQC candidate developed in this project comes from cryptographic group actions (CGA). The advantages of group actions include the strong mathematical and algorithmic support for hardness assumptions and comparable efficiency with other PQC candidates in the NIST competition. In addition, many classical and post-quantum assumptions can be realised through group actions, leading to its gaining notable attention in recent years.

For example, in isogeny-based cryptography, cryptographic group actions endowed with some hardness properties imply some basic constructions, such as public-key encryption and non-interactive key exchange. Isogeny-based cryptography is a relatively new kind of elliptic-curve cryptography, whose security relies on the problem of finding an explicit isogeny between two given isogenous elliptic curves over a finite field Fq, that quantum computers do not seem to make the isogeny-finding problem substantially easier, which contradicts regular elliptic curve cryptography, that is based on the discrete logarithm problem in a group and therefore falls prey to a polynomial-time quantum algorithm designed by Shor in 1994.

However, this leaves open a number of questions about the cryptographic utility of general cryptographic group actions, i.e., whether we can construct all/most of the primitives that we can achieve from classical and lattice settings. The main aim of this project is to move one step ahead in this research direction by investigating the possibility of enabling advanced cryptographic primitives from group actions.

Even though isogeny-based cryptography is a very promising candidate for post-quantum cryptography, many advanced constructions from isogenies are still missing, especially expressive public key encryptions. It is required to understand the cryptographic capabilities of group actions given that they capture the algebraic structure underlying isogeny-based cryptography. In this project, we aim to work toward resolving this problem.

Establishing quantum-safe efficient protocols for cloud services from group actions

Cloud services have become the backbone of public and private institutions across Australia, with end-user spending on public cloud services in Australia set to $18.7 billion in 2022, up 31.8% from last year, which was $14.2 billion, according to Gartner's latest forecast. The possible applications of constructed primitives from group actions will be focused on the context of cloud computing and storage services.

The main concerns of users while using cloud services are the confidentiality, integrity, and privacy of their data. Addressing those three requirements simultaneously requires encryption and signature schemes with advanced functionality over the same computing platform. This project aims to enrich the primitive constructions from cryptographic group actions for applications in the cloud such as provable data possession, secure decentralised systems, and matching techniques for encrypted cloud data.

Providing innovative post-quantum security infrastructure for immediate implementation across industries and organisations is the end goal of this project, which will benefit not only the present but also the upcoming quantum computing era.

In summary, the project objectives are as follows:

  • Construct quantum-safe advanced primitives from cryptographic group actions. 
  • Enable quantum-safe efficient protocol for cloud services from group actions.
  • Develop cryptographic libraries for the proposed protocols, build a system architecture for applications, and make them available to the public.

Research project 

Our overarching goal is to deeply investigate the underlying mathematics of cryptographic group actions to enable advanced post-quantum cryptographic constructions and applications. We aim to investigate both commutative group actions (i.e., isogeny-based cryptography) and non-commutative group actions (i.e., general linear group actions) in this project. 

Task 1: Design efficient cryptographic primitives from group actions 

In this phase, our aim is to construct cryptographic primitives from group actions. We plan to investigate digital signatures, public-key encryptions and their variants in parallel, in both isogeny-based and general linear group action settings. 

Task 2: Applications in cloud services

In this task, our aim is to enhance the designs of cryptographic primitives in Task 1 to enable applications in cloud services. We plan to investigate applications for provable data possession, secure decentralised systems, and computation over encrypted cloud data.

Expected outcomes

Post-quantum cryptography is an emerging field in cryptographic research and is rapidly proving itself essential, gaining attention from governments and institutions in Australia and globally. As mentioned, NIST has urged the need to find alternative constructions to structured lattice-based cryptography due to the recent advance in lattice-based cryptanalysis. Cryptographic group action constructions gained traction in recent years, due to its advantages in strong mathematical support and providing efficient constructions, in both key sizes and implementations. 

By developing novel cryptographic primitives from group actions, the project will advance theoretical knowledge in the cryptographic research field. Beyond this, this project promises practical benefit by developing advanced techniques to enhance these constructions for application in cloud services.  

Ultimately, the realisation of advanced quantum-safe cryptographic primitives from group actions and their application towards post-quantum secure cloud services is the expected outcome of this project. 

Investigators 

Dates

Jan 2023 to Dec 2025.