Geovandro Pereira
Senior Research Associate at UWaterloo | Senior Software Engineer at evolutionQ
e-mail: geovandro dot pereira at uwaterloo dot ca
Current Positions
[Feb'19-current] Senior Software Engineer/Researcher at evolutionQ, Canada. Working on the design and implementation of quantum-resistant Information Technology systems.
[Jul'22-current] Senior Research Associate at IQC / University of Waterloo, Canada. Working on the design and efficient implementation of post-quantum cryptography.
Peer reviews
[2024] I'm in the program committee of SBSeg2024. It will be hosted at ITA in Sao Jose dos Campos.
[2021] I'm in the program committee of LATINCRYPT conference.
Have reviewed papers for:
IEEE Transactions on Computers | Designs, Codes and Cryptography | Journal of Cryptographic Engineering | Eurocrypt | Asiacrypt | IEEE Security & Privacy | Journal of Grid Computing
Awards
[2008] Best undergrad work on Information Security by the computer engineering department at Poli-USP [press-release (in portuguese)]. "SMSCrypto: a cryptographic framework for secure transmission of SMS messages".
[2003] 4th place (5 awarded) at the 11th Regional Mathematical Olympiad by Unesp Bauru (ORMUB), Brazil. I was mentored by Adevaldo Colonize.
Contribution to Cryptographic Standards
[IETF] I have written an IETF informational draft for standardizing new Object Identifiers (OIDs) for post-quantum signature schemes in order to be used with X.509 digital certificates. [IETF draft].
[NIST] I'm a collaborator of the SIKE Key Encapsulation Mechanism, which was submitted and selected for Round 3 of the NIST standardization process of post-quantum algorithms. [SIKE, NIST].
[ISO/IEC] Revised the standard draft for post-quantum cryptography (WG2 SD8).
Research Interests
My research has been directed to improve cryptographic primitives towards deployment on constrained devices.
Briefly speaking, my interests include:
Post-quantum cryptography including isogeny-based crypto, hash-based and multivariate signatures.
Elliptic curve cryptography (ECC) and pairing-based cryprography (PBC).
Security for constrained embedded/IoT devices.
Software defined networking (SDN) and Wireless Sensor Networks.
Internet protocols: TLS, IPSec, IKEv2, VPN.
Research Highlights
SIKE / SIDH is a Key Encapsulation candidate based on supersingular isogenies of elliptic curves. It exhibits one of the smallest key sizes in that realm. SIKE was considered for standardization in the NIST post-quantum standardization process (2016-2024), which is currently at Round 4. My contributions include faster techniques for compressing keys and ciphertexts, which can get as small as ~200 bytes. Moreover, J. Doliskani, D. Jao and I introduced a technique (JCEN'2020) that allows for the compressed SIKE decapsulation to run almost as efficiently as the uncompressed SIKE.
Press release by University of Waterloo on SIKE moving to the third round of NIST post-quantum standardization process. Remark: during the fourth Round of NIST, SIKE parameters were broken by a polynomial-time attack discovered by Wouter Castryck and Thomas Decru.
In 2014, the work A family of implementation-friendly BN elliptic curves ranked 5th among the top 25 most cited papers of the Journal of Systems and Software published in 2011. <pdf exported from Scopus database on June 6, 2014>.
In 2013, in response to Edward Snowden leaks of a broad US surveillance program possibly undermining today's elliptic-curve standards, trending initiatives for preventing surveillance started. Brazilian co-authors and I discovered a set of anti-spying safe elliptic-curves and disclosed them through the manuscript "A note on high-security general-purpose elliptic curves". The work was mentioned at the "Verify, then trust" article by the SCIENCE AND TECHNOLOGY column of The Economist.
In 2018, ICP Brasil (the Brazilian PKI) adopted one of the curves we proposed, called E-521, in the national root CA certificate [1,2]. Related Cryptoid press cover.
[1] Federal Register publication ("publicação do Diário Oficial da União")
[2] Root CA certificate with an E-521 public key
Brazilian root CA E-521 public key:9b 6a fd 5a 19 35 f1 95 72 8d d2 f2 e2 8d 15 bd 7c 00 61 0f 78 43 02 35 b0 0f 12 8e af 77 f0 7e b1 ce ba 7c e0 90 4c c4 e5 f8 90 40 1d c7 b2 23 15 ed 83 c1 28 f6 39 86 dc 18 84 ac ee c0 b0 e0 2c 01
Previous Positions
[Jul'21-Jul'22] Research Associate at IQC / University of Waterloo, Canada.
[Jan'16-Jul'21] Postdoctoral fellow at IQC / University of Waterloo, Canada. Working on the design and efficient implementation of post-quantum cryptography. Special focus on isogeny-based systems such as SIDH / SIKE and post-quantum hashing. Supervisors: profs. David Jao and Michele Mosca.
[Sep-Dec'15] Postdoctoral fellow at University of Sao Paulo having worked on the design of a security framework for Software Defined Networking (SDN) over heterogeneous IoT devices. Supervisor: prof. Cíntia B. Margi
[2011-2015] PhD degree in Computer Engineering at USP. Improvements of both post-quantum multivariate quadratic and hash-based digital signatures towards deployment on a very constrained AVR microcontroller. [PhD thesis] [Source code]
[2009-2011] MSc degree in Computer Engineering at University of Sao Paulo. A new implementation-friendly family of BN elliptic curves was discovered. The new results set up speed records for the optimal ate pairing. Algorithms were made open-source via the BNPairings library. [MSc. thesis]
[2004-2008] Computer Engineering BSc at the Escola Politécnica, USP. The final project of a crypto framework for secure transmission of SMS messages was awarded the best undergrad work in Information Security. [Press Release, Monograph: Sistema de SMS Seguro]. My BSc, MSc and PhD were supervised by prof. Paulo S. L. M. Barreto.