Research



Keywords: Cryptography, Lightweight Cryptography (for IoT), Blockchain, Machine Learning, Cybersecurity Analytics, Post Quantum Cryptography



Prior Research Experience

I completed my PhD in Cryptography, and during my PhD studies, the focus of my research was to evaluate (analyse or cryptanalysis) lightweight encryption algorithms (also called cipher). Sometimes people think it is an attack and ask me why you are doing such destructive work but better word should be cryptanalysis. We try to find weakness in the encryption algorithms to make it more secure. This is like when you design software, later you give it to testing department to find issues. So this is constructive work not destructive. We focused on two applications: lightweight cryptography and authenticated encryption. Lightweight cryptography is about providing secure communication to IoT devices with constrained resources such as memory and computing power, while authenticated encryption tries to provide confidentiality and authenticity into a single, efficient algorithm. The security of an encryption algorithm depends on its hidden keys (similar to a password), and the goal of such analysis is to recover those hidden keys. Researchers design these encryption algorithms and leave it for the whole world (for a few years) to examine if the design is completely secure or not. 


Cryptanalysis of lightweight encryption algorithms is very tough. Performing cryptanalysis requires a lot of computational power and involves months of manual calculations. We used some Artificial Intelligence techniques to analyse these algorithms. To the best of our knowledge, this was the first work where AI was used for cryptanalysis. We propose an algorithm inspired by Nested Monte-Carlo Search for the cryptanalysis of these encryption designs. This method provides results within a simpler framework, and researchers can perform cryptanalysis within a very short time (a few minutes). At the same time, it also saves a lot of computational power. This AI method is also very important in networking and optimization problems.


Cryptography and information security have far-reaching possibilities of applications such as finance, healthcare, voting systems, and civil document management, to name just a few. During my postdoc, I worked on several fields of cryptography such as blockchain, design and analysis of cryptosystems for lightweight devices, privacy-preserving techniques, digital signatures etc. 


I worked on research theme Blockchain for the United Nations Sustainable Development Goals (UNSDGs). UNSDGs is a list of 17 global goals (e.g., quality education, good health and well-being, affordable and clean energy) set by the United Nations General Assembly in 2015 for the year 2030. Blockchain technology provides solutions that enhance trust, transparency and audibility. To find strong security and privacy solutions into blockchain technology, I am working on zero-knowledge proofs and their application in various areas such as healthcare finance audit systems and membership proof, voting system etc.  Zero-knowledge proofs are complex mathematical proofs used by one party called prover to convince another party called verifier without disclosing the original data. It is a highly useful yet complicated technique used for providing strong security and privacy to the data. 


Current Research 


Currently I am working on topics related to Quantum Key Distribution (QKD). QKD is a cryptographic technique that leverages the principles of quantum mechanics to establish a secure communication channel between two parties. The primary goal of QKD is to enable the secure exchange of encryption keys that can be used for subsequent secure communication using classical encryption methods. The security of QKD is based on the fundamental properties of quantum physics, specifically the principles of quantum entanglement and the no-cloning theorem.


I am also working on topics related to Post-Quantum Cryptography (PQC). Post-Quantum Cryptography refers to the development of cryptographic methods that are resistant to attacks from quantum computers. As quantum computers continue to advance, they pose a potential threat to classical cryptographic algorithms, many of which can be efficiently broken using quantum algorithms like Shor's algorithm. PQC aims to ensure the long-term security of digital communication and data storage in a world where quantum computers could break current encryption methods.


Another topic I am focussing on is Cybersecurity Analytics. Cybersecurity analytics refers to the practice of using data analysis techniques, machine learning, and other computational approaches to gain insights, detect patterns, and make informed decisions related to cybersecurity. It involves the analysis of large volumes of data generated by various sources within an organization's IT infrastructure to identify and mitigate security threats, vulnerabilities, and breaches.