cryptographic applications thesis

• Press Enter to activate screen reader mode.

Applied Cryptography Group

Master's theses, available projects.

Students interested in a thesis with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography , to the contact noted under Student Projects .

Note:  Students looking to start their thesis in a particular semester are encouraged to reach out to us before the end of the previous semester.

VPNs provide increased privacy to users, and are therefore commonly used to circumvent censorship. In response, certain censoring bodies have begun using more advanced traffic analysis to block VPN access. There are two main strategies for VPN blocking: blocking by address (IP addresses of a VPN service), and blocking by behaviour (identifiable characteristics of the VPN traffic). VPN fingerprinting is the process of identifying a particular VPN protocol based on its protocol features. As is common in the cat-and-mouse game of defences and attacks, circumvention developers have created new protocols intended to protect against such fingerprinting. Several VPN protocols have implemented advanced protocols for the sake of circumventing this style of fingerprinting. This project aims to determine the efficacy of these circumvention techniques, by evaluating two advanced deployments of VPN protocols for censorship circumvention: Outline VPN [Out20,RM23] and LEAP VPN [Lea22]. Both Outline and LEAP offer client and server-side tools to enable individuals as well as organisations to act as service providers. These tools utilise and build on a number of existing technologies, from OpenVPN and Shadowsocks to Tor and Snowflake, which have previously been studied only in isolation [FWW20]. The project involves providing accurate and holistic abstractions of the systems and protocols and then applying a combination of fingerprinting [XKHE23, XRJ22], cryptanalysis, and machine learning techniques to determine if the protocols have identifiable features. We focus on exploring the capabilities of VPN fingerprinting for the sake of developing stronger censorship-resistant protocols in the future. References: [XKHE23] external page https://www.usenix.org/conference/usenixsecurity24/presentation/xue call_made [XRJ22] external page https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen call_made [Lea22] external page https://leap.se/ call_made [Out20] external page https://getoutline.org/ call_made [RM23] external page https://www.technologyreview.com/2023/09/13/1079381/google-jigsaw-outline-vpn-internet-censorship/ call_made [FWW20] external page https://www.ndss-symposium.org/ndss-paper/detecting-probe-resistant-proxies/ call_made

Ongoing Projects

(We recommend students currently doing a project in our group to use this Download LaTeX template vertical_align_bottom for writing their thesis.)

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Kien Tuong Truong) Cloud storage providers such as Dropbox, Google Drive and Microsoft OneDrive allow users to offload their digital storage requirements to a remote server, managed by the provider. This is convenient and can create cost savings for both individuals and organizations. All of these providers consider security against attacks from outsider threats. However, few providers address security when the server itself is compromised, and some of those that do have been shown to have devastating cryptographic vulnerabilities, as evidenced by the attacks on Mega [BHP23] and Nextcloud [CPAB23]. Even if there were existing solutions that provably provided confidentiality and integrity of files, metadata is still often leaked. As an example, some providers leak file names. As another example, the server is always aware of the access patterns of the users. All these leakages can combine to create attacks which can compromise the privacy of users. A significant problem is that, even though a multitude of end-to-end encrypted (E2EE) cloud storage solutions exist on the market, there is a lack of foundational work on the cryptographic design for such systems. In order to guide such work, we look at the current ecosystem of E2EE cloud storage solutions, analyzing their protocols, and discussing their requirements. A new cloud storage solution that promises to protect the security and privacy of users is PrivateStorage [Aut] by Least Authority [lea]. Much like MEGA and Nextcloud, they claim to provide end-to-end encryption. However, they also implement unique features like accountless authorization, which they implement with a bespoke variation of Privacy Pass [Dav18]. This mechanism allows users to access the service without the need for a traditional account, decoupling service usage from identifiable information (e.g. payment information), and thus enhancing user privacy. This should ensure protection against surveillance, invasive data analysis and profiling, even if the adversary is a nation-state actor. PrivateStorage’s model offers a promising solution that could set new standards for the industry. However, new designs and the new cryptographic and privacy related protocols always raise concerns about potential vulnerabilities. This thesis seeks to analyze the protocol in order to find possible issues or, if none are found, to prove (a selection of) the claims given by PrivateStorage. References: [Aut] Least Authority. Privatestorage. external page https://private.storage/ call_made . Accessed on 2024-02-11. [Aut21] Least Authority. Zkaps whitepaper. 2021. [BHP23] Matilda Backendal, Miro Haller, and Kenneth G. Paterson. Mega: Malleable encryption goes awry. In 2023 IEEE Symposium on Security and Privacy (SP), pages 146–163, 2023. [CPAB23] Daniele Coppola, Kenneth G. Paterson, Martin Albrecht, and Matilda Backendal. Breaking cryptography in the wild: Nextcloud. 2023. [Dav18] Alexander Davidson. Privacy pass: Bypassing internet challenges anonymously. Proceedings on Privacy Enhancing Technologies, 2018(3):164–180, 2018. [lea] Least authority, privacy matters. external page https://leastauthority.com/ call_made . Accessed on 2024-02-11

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Dr. Lenka Mareková )

In light of the mass surveillance and censorship going on in many countries, there has been continued interest in providing tools that enable their users to communicate securely and privately. This is of particular importance to groups of higher-risk users (e.g., political activists). Decentralised messaging applications offer promising solutions for such users because they do not require a central server in the middle to forward messages or manage data, thus removing a potential single point of failure as well as making it harder for communications to be monitored. Despite the strong security claims made by the designers of decentralised messaging applications, many of them employ custom cryptographic protocols and justify their security claims using only informal arguments or by way of partial code audits that only check for common vulnerabilities. Hence, it is unclear what security guarantees are provided in reality. Researchers studying these protocols often find cryptographic vulnerabilities in them, even after supposed fixes and code audits, which is illustrated in the example of Bridgefy [ABJM21, AEP22, 7AS23] and Matrix [ACDJ23]. This shows the importance of performing formal security analyses of decentralised messaging applications. Two decentralised messaging applications in particular are of core interest because they both have generally positive track records from past security audits, but their custom cryptographic protocols have yet to receive any formal security analysis. external page Delta Chat call_made  is a messaging application that builds on the existing email infrastructure. There is no central server unless all users come from the same email provider. It offers end-to-end encryption using external page Autocrypt call_made and external page CounterMITM call_made protocols, which use a subset of the OpenPGP standard. external page Briar call_made is a messaging application designed for activists, journalists, and anyone else who needs a safe, easy and robust way to communicate. Briar users can synchronize messages directly between contacts via Bluetooth, WiFi, or Tor. Our semester project [Son23] argues informally that Briar's custom cryptographic protocols are overall secure. The main objective of the project is to make a deep-dive on Delta Chat and Briar, with the primary aim of conducting a formal security analysis of their cryptographic protocols. This entails analysing their cryptographic components as well as the composition of these components and various subprotocols that the applications rely on.

References:

[7AS23] 7ASecurity. Bridgefy Pentest Report , 2023. Download https://7asecurity.com/reports/pentest-report-bridgefy.pdf vertical_align_bottom .

[ABJM21] Martin R. Albrecht, Jorge Blasco, Rikke Bjerg Jensen, and Lenka Marekov á . Mesh messaging in large-scale protests: Breaking Bridgefy . In CT-RSA, volume 12704 of Lecture Notes in Computer Science, pages 375–398. Springer, 2021.

[ACDJ23] Martin R. Albrecht, Sof í a Celi, Benjamin Dowling, and Daniel Jones. Practically-exploitable cryptographic vulnerabilities in Matrix . Cryptology ePrint Archive, Paper 2023/485, 2023. To appear at IEEE Symposium on Security and Privacy, S&P 2023. external page https://eprint.iacr.org/2023/485 call_made .

[AEP22] Martin R. Albrecht, Raphael Eikenberg, and Kenneth G. Paterson. Breaking Bridgefy, again: Adopting libsignal is not enough . In USENIX Security Symposium, pages 269–286. USENIX Association, 2022.

[Son23] Yuanming Song. Cryptography in the wild: Briar , 2023. Download https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_YuanmingSong.pdf (PDF, 435 KB) vertical_align_bottom .

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Kien Tuong Truong )

While core cryptographic protocols such as TLS and Signal have received significant attention from the cryptographic research community, there are many products, apps, and protocols out there "in the wild" that rely on cryptographic mechanisms to protect their users that remain understudied. In particular, the amount of data stored on the cloud is projected to reach 200 Zettabytes by 2025 [Arc20], which makes cloud storage an interesting target for attackers who want access to personal data. Encryption-at-rest and encryption-in-transit can only provide a limited amount of security, given that advanced attackers (such as nation-state attackers) can actively compromise servers and thus gain access to user data. End-to-end encrypted (E2EE) cloud storage promises to allow users to keep control of their data, even when outsourcing it to the cloud. However, recent attacks on Mega [BHP22] and NextCloud [CPAB23], along with the general lack of a formal model in the literature, have raised some doubts about the security of existing implementations. Our objective is to investigate and analyse the cryptography used by other cloud storage solutions. The focus will be on applications that serve numerous or important organizations, making a possible vulnerability impactful for a large amount of users. As an example, the analysis can focus on products such as Tresorit and Sync. In more detail, we will try to understand the inner workings of the systems and provide accurate abstractions of the discovered systems and protocols. Using these abstractions, we will look for security weaknesses in these systems and/or produce security proofs for those abstractions. Any weaknesses discovered will be documented carefully, and disclosed to the affected vendors according to standard responsible disclosure practices. Our focus will be on describing how the different systems operate, what security issues were found, and (if time permits) how they were remediated.

[Arc20] Arcserve. The 2020 data attack surface report. 2020. Download https://cybersecurityventures.com/wp-content/uploads/2020/12/ArcserveDataReport2020.pdf vertical_align_bottom

[BHP22] Matilda Backendal, Miro Haller, and Kenneth G. Paterson. MEGA: malleable encryption goes awry. Download https://mega-awry.io/pdf/mega-malleable-encryption-goes-awry.pdf vertical_align_bottom

[CPAB23] Daniele Coppola, Kenneth G. Paterson, Martin Albrecht, and Matilda Backendal. Breaking cryptography in the wild: Nextcloud. Download https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf (PDF, 510 KB) vertical_align_bottom

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Jan Gilcher)

While core cryptographic protocols such as TLS and Signal have received significant attention from the cryptographic research community, there are many products, apps, and protocols out there "in the wild'' that rely on cryptographic mechanisms to protect their users that remain understudied.

The main focus of this thesis will be RocketChat, a team collaboration platform similar to Slack. RocketChat is open source and promises end-to-end encryption as well as the option of self hosting. This is a combination that is rare amongst it’s direct competitors. This has lead to adoption specifically by customers that by the nature of their business value confidentiality, such as banks (World Bank), insurance companies (Lloyd's), government agencies (US Department of Homeland Security, indirectly), but also more generally, e.g. Audio and Deutsche Bahn.

The main objective of this project is to take a deep dive into RocketChat and analyse their cryptography and its integration into a complex system from both a design aspect as well as an implementation aspect. Since RocketChat does not come with a detailed formal description of their cryptography, this will have to be derived from the existing implementation. RocketChat also has several different end-to-end encryption implementations with different security claims, as well as some integration with the Matrix protocol as part of federated rooms, resulting in a large surface for design and implementation aspects to go wrong.  

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Dr. Zichen Gui)

As outsourced storage becomes more and more affordable, many individuals and businesses decide to move their data to the cloud. This certainly improves data accessibility for the individuals and the businesses, but it also creates huge problems for them in case of a data breach. To address this problem, the most natural solution is to encrypt the data before uploading them onto a cloud. However, there is a problem with this solution. That is, the individuals and businesses can no longer search over their data. In the literature, the problem is known as encrypted search.

Fully homomorphic encryption [ Gen09 ], or FHE in short, is a primitive designed to perform computation on encrypted data. One of its applications is encrypted search.

The early research on FHE focused on feasibility rather than efficiency. Naturally, the schemes [ Gen09 , vGHV10 ] proposed in this time period are not practically efficient yet and they were not suitable for encrypted search. However, after years of research [ BraGenVai12 , GenSahWat13 , CKKS17 ], FHE has become much more efficient and we start to see practical FHE products [ BBB+22 , REDcuFHE , Concrete ]. So it is natural to ask the question:

Is Fully Homomorphic Encryption Efficient Enough for Encrypted Search Yet?

In this project, we aim to design an efficient encrypted search scheme (for a particular search functionality) from FHE. We will analyse the security of the scheme formally and implement the scheme for benchmarks.

[BBB+22] Ahm ad Al Badawi, Jack Bates, Flavio Bergamaschi, David Bruce Cousins, Saroja Erabelli, Nicholas Genise, Shai Halevi, Hamish Hunt, Andrey Kim, Yongwoo Lee, Zeyu Liu, Daniele Micciancio, Ian Quah, Yuriy Polyakov, Saraswathy R.V., Kurt Rohloff, Jonathan Saylor, Dmitriy Suponitsky, Matthew Triplett, Vinod Vaikuntanathan, and Vincent Zucca. Openfhe: Open-source fully homomorphic encryption library. Cryptology ePrint Archive, Paper 2022/915, 2022. external page https://eprint.iacr.org/2022/915 call_made .

[BraGenVai12] Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. (Leveled) fully homomorphic encryption without bootstrapping. In Shafi Goldwasser, editor, ITCS 2012, pages 309–325. ACM, January 2012.

[CKKS17] Jung Hee Cheon, Andrey Kim, Miran Kim, and Yong Soo Song. Homomorphic encryption for arithmetic of approximate numbers. In Tsuyoshi Takagi and Thomas Peyrin, editors, ASIACRYPT 2017, Part I, volume 10624 of LNCS, pages 409–437. Springer, Heidelberg, December 2017.

[Gen09] Craig Gentry. Fully homomorphic encryption using ideal lattices. In Michael Mitzenmacher, editor, 41st ACM STOC, pages 169–178. ACM Press, May / June 2009.

[GenSahWat13] Craig Gentry, Amit Sahai, and Brent Waters. Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based. In Ran Canetti and Juan A. Garay, editors, CRYPTO 2013, Part I, volume 8042 of LNCS, pages 75–92. Springer, Heidelberg, August 2013.

[ REDcuFHE ] TwC Group. REDcuFHE . external page https://github.com/TrustworthyComputing/REDcuFHE call_made .

[vGHV10] Marten van Dijk, Craig Gentry, Shai Halevi, and Vinod Vaikuntanathan. Fully homomorphic encryption over the integers. In Henri Gilbert, editor, EUROCRYPT 2010, volume 6110 of LNCS, pages 24–43. Springer, Heidelberg, May / June 2010.

[ Concrete ] Zama. Concrete. external page https://github.com/zama-ai/concrete call_made . 

Completed Projects

Léa Micheloud. Securing Cloud Storage with OpenPGP: An Analysis of Proton Drive [ Download pdf (PDF, 2.1 MB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisors: Matilda Backendal , Daniel Huigens (Proton AG, Zurich)

Daniel Pöllmann.   Differential Obliviousness and its Limitations . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Tianxin Tang

Andreas Tsouloupas.   Breaking Cryptography in the Wild: Double-Ratchet Mutations.  Supervisor: Prof. Kenny Paterson, Co-supervisors: Matteo Scarlata, Kien Tuong Truong

Thore Göbel.   Security Analysis of Proton Key Transparency  [ Download pdf (PDF, 838 KB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Daniel Huigens (Proton AG, Zurich), Felix Linker

Sina Schaeffler.  Algorithms for Quaternion Algebras in SQIsign [ Download pdf (PDF, 664 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Luca De Feo (IBM Research, Zurich)

Lucas Dodgson.  Post-Quantum building blocks for secure computation - the Legendre OPRF [ Download pdf (PDF, 735 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich)

Mirco Stäuble.  Mitigating Impersonation Attacks on Single Sign-On with Secure Hardware [ Download pdf (PDF, 1.7 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisors:  Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich)

Younis Khalil . Implementing a Forward-Secure Cloud Storage System [ Download pdf (PDF, 5.4 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Matilda Backendal

Andrei Herasimau. Formal Verification of the "Crypto Refresh" Update to the OpenPGP Standard [ Download pdf (PDF, 615 KB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Daniel Huigens (Proton Mail)

Benjamin Fischer. Privacy-Preserving Federated Learning for Cyber  Threat Intelligence Sharing [ Download pdf (PDF, 3.3 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Juan R. Troncoso-​Pastoriza (Tune Insight SA)

Pascal Schärli.  Security Assessment of the Sharekey Collaboration App [ Download pdf (PDF, 2.8 MB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr.  Bernhard Tellenbach (Armasuisse)

Lena Csomor. Bridging the Gap between Privacy Incidents and PETs [ Download pdf (PDF, 1.3 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Anwar Hithnawi, Alexander Viand, Shannon Veitch

Ran Liao. Linear-​Time Zero-​Knowledge Arguments in Practice .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Jonathan Bootle (IBM Research, Zurich) Christian Knabenhans.   Practical Integrity Protection for Private Computations [ Download pdf (PDF, 660 KB) vertical_align_bottom ]. Supervisor:  Prof. Kenny Paterson, Co-supervisors: Dr.  Anwar Hithnawi,  Alexander Viand

Ella Kummer.  Counting filters in adversarial settings [ Download pdf (PDF, 943 KB) vertical_align_bottom ] . Supervisor.  Prof. Kenny Paterson, Co-supervisors:  Dr. Anupama Unnikrishnan, Mia Filić 

Massimiliano Taverna.  Breaking Cryptography in the Wild: Web3 [ Download pdf (PDF, 1.2 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson

Giacomo Fenzi.  Klondike: Finding Gold in SIKE [ Download pdf vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr.  Fernando Virdia .

Kien Tuong Truong.  Breaking Cryptography in the Wild: Threema  [ Download pdf (PDF, 824 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Matteo Scarlata.

Jonas Meier.  Diophantine Satisfiability Arguments for Private Blockchains [ Download pdf vertical_align_bottom ].  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Patrick Towa.

Marc Ilunga.  Analysis of the EDHOC Lightweight Authenticated Key Exchange Protocol [ Download pdf vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther .

Robertas Maleckas.  Cryptography in the Wild: Analyzing Jitsi Meet [ Download pdf (PDF, 996 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.

Miro Haller. Cloud Storage Systems: From Bad Practice to Practical Attacks  [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Matilda Backendal .

Lorenzo Laneve . Quantum Random Walks [ Download pdf vertical_align_bottom ]. Joint supervisor:  Prof. Kenny Paterson.

Florian Moser . Swiss Internet Voting [ Download pdf vertical_align_bottom ].  Supervisor: Prof. Kenny Paterson.

Moritz Winger . Automated Hybrid Parameter Selection & Circuit Analysis for FHE [ Download pdf vertical_align_bottom ]. Joint supervisor: Prof. Kenny Paterson, Co-supervisor: Alexander Viand

Tijana Klimovic . Modular Design of the Messaging Layer Security (MLS) Protocol [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Igors Stepanovs.

Radwa Abdelbar . Post-Quantum KEM-based TLS with Pre-Shared Keys [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Dr. Patrick Towa.

Raphael Eikenberg . Breaking Bridgefy, Again [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.

Andreas Pfefferle . Security Analysis of the Swiss Post’s E-Voting Implementation . Supervisor: Prof. Kenny Paterson.

Mihael Liskij . Survey of TLS 1.3 0-RTT Usage [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.

Nicolas Klose . Characterizing Notions for Secure Cryptographic Channels [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.

Alexandre Poirrier . Continuous Authentication in Secure Messaging [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Benjamin Dowling, Dr. Felix Günther.

Luca Di Bartolomeo . ArmWrestling: efficient binary rewriting for ARM [ Download pdf vertical_align_bottom ]. Joint Supervisor: Prof. Kenny Paterson.

Matteo Scarlata . Post-Compromise Security and TLS 1.3 Session Resumption [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Benjamin Dowling.

Anselme Goetschmann . Design and Analysis of Graph Encryption Schemes [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Sikhar Patranabis.

Lara Bruseghini . Analysis of the OpenPGP Specifications and Usage . Joint Supervisor: Prof. Kenny Paterson.

Semira Einsele . Average Case Error Estimates of the Strong Lucas Probable Prime Test [ Download pdf vertical_align_bottom ]. Joint Supervisor: Prof. Kenny Paterson.

Jan Gilcher . Constant-Time Implementation of NTS-KEM [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson. 

On the use of code-based cryptography in automotive applications

Ieee account.

• Change Username/Password
• Update Address

Purchase Details

• Payment Options
• Order History
• View Purchased Documents

Profile Information

• Communications Preferences
• Profession and Education
• Technical Interests
• US & Canada: +1 800 678 4333
• Worldwide: +1 732 981 0060
• Contact & Support
• About IEEE Xplore
• Accessibility
• Terms of Use
• Nondiscrimination Policy
• Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

• < Previous

Home > Master's Theses > 1697

Master's Theses

Native cryptography in the browser, an exploratory approach.

Joseph A. Wilson , California Polytechnic State University, San Luis Obispo Follow

DOI: https://doi.org/10.15368/theses.2016.171 Available at: https://digitalcommons.calpoly.edu/theses/1697

Date of Award

Degree name.

MS in Computer Science

Department/Program

Computer Science

Zachary Peterson

As applications move from the desktop to the web browser, security needs to be taken into consideration. The new Web Crypto API provides native support for web applications to perform cryptographic operations and key management functions. Client side cryptographic support is a critical component in the future development of secure web based applications. This thesis presents an exploration of the Web Crypto API. The aim of this research was to determine the feasibility of developing complex cryptographic applications in the browser. This evaluation was performed by building an end to end encrypted messaging system that implements the off the record (OTR) messaging protocol. This thesis also proposes Joey’s Web Crypto Library (JWCL), a wrapper library around the native Web Crypto API that provides network portable output, secure default options, and a class based modern interface. In this thesis the Web Crypto API is shown to be capable of supporting the development of a functional, proof of concept, end to end encrypted secure messaging system in the browser. JWCL succeeds in providing a high level, simple yet elegant interface to the low level Web Crypto API.

Since April 26, 2017

Advanced Search

• Notify me via email or RSS
• Disciplines
• Collections

Author Corner

• Submit Research
• Cal Poly, San Luis Obispo
• Robert E. Kennedy Library
• Graduate Education Office

Undergraduate Research Commons | Cal Poly Website Accessibility Statement | bepress Accessibility Statement

Privacy Copyright

Design of Quantum Communication Protocols in Quantum Cryptography

• Published: 18 July 2023

Cite this article

• Bilal A. Alhayani 1 ,
• Omar A. AlKawak 2 ,
• Hemant B. Mahajan 3 ,
• Haci Ilhan 1 &
• Roa’a Mohammed Qasem 4  

459 Accesses

9 Citations

Explore all metrics

Secure communication has developed into one of the most promising disciplines in the contemporary world. This is a highly essential subject for every business and body, and its advancements are increasing significantly. Quantum computing is becoming an increasingly popular kind of contemporary computing. This type of computing makes advantage of the fundamental characteristics of quantum mechanics to process information. Certain of the problems that were present in classical computing, such as the factoring discrete logarithm problem, have already been addressed by some writers in the field of quantum computing QC. Another significant challenge faced by conventional computing is one related to security, which may now be addressed thanks to quantum cryptography protocols. However, researchers have recently shown that even quantum encryption may be vulnerable to hacking. Implementing protocols for quantum cryptography still comes with a number of significant challenges, the most significant of which being quantum bit errors.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price includes VAT (Russian Federation)

Instant access to the full article PDF.

Rent this article via DeepDyve

Institutional subscriptions

Similar content being viewed by others

Secure quantum key distribution

Hoi-Kwong Lo, Marcos Curty & Kiyoshi Tamaki

Quantum Information Protocols for Cryptography

Post-quantum Cryptography: A Solution to the Challenges of Classical Encryption Algorithms

Data availability.

Not applicable.

Dunjko, V., & Briegel, H. J. (2018). Machine learning & artificial intelligence in the quantum domain: A review of recent progress. Reports on Progress in Physics, 81 (7), 074001.

Article   MathSciNet   Google Scholar  

Argüelles, C. A., & Jones, B. J. P. (2019). Neutrino oscillations in a quantum processor. Physical Review Research, 1 , 033176.

Article   Google Scholar  

Wehner, S., Elkouss, D., & Hanson, R. (2018). Quantum internet: A vision for the road ahead. Science, 362 (6412), 9288.

Article   MathSciNet   MATH   Google Scholar  

Ren, J. G., Ping, X., Yong, H. L., Zhang, L., Liao, S. K., Yin, J., Liu, W. Y., Cai, W. Q., Yang, M., Li, L., Yang, K. X., Han, X., Yao, Y. Q., Li, J., Hai-Yan, W., Wan, S., Liu, L., Liu, D. Q., Kuang, Y. W., Pan, J. W. (2017). Ground-to-satellite quantum teleportation. Nature, 549 (7670), 70–73. https://doi.org/10.1038/nature23675

Nandi, K., & Mazumdar, C. (2014). Quantum teleportation of a two qubit state using GHZ-like state. International Journal of Theoretical Physics, 53 (4), 1322–1324.

Article   MATH   Google Scholar  

Bennett, C. H., & Brassard, G. (2014). Quantum cryptography: Public key distribution and coin tossing. Theoretical Computer Science, 560 , 7–11.

Hassanpour, S., & Houshmand, M. (2015). Efficient controlled quantum secure direct communication based on GHZ-like states. Quantum Information Processing, 14 (2), 739–753.

Wang, J., Li, L., Peng, H., & Yang, Y. (2017). Quantum-secret-sharing scheme based on local distinguishability of orthogonal multiqudit entangled states. Physical Review A . https://doi.org/10.1103/PhysRevA.95.022320

Matsumoto, R. (2017). Unitary reconstruction of secret for stabilizer-based quantum secret sharing. Quantum Information Processing, 16 (8), 202.

Lu, H., Zhang, Z., Chen, L. K., Li, Z. D., Liu, C., Li, L., Liu, N. L., Ma, X., Chen, Y. A., & Pan, J. W. (2016). Secret sharing of a quantum state. Physical Review Letters, 117 (3), 030501.

Gravier, S., Javelle, J., Mhalla, M., & Perdrix, S. (2015). On weak odd domination and graph-based quantum secret sharing. Theoretical Computer Science, 598 , 129–137. https://doi.org/10.1016/j.tcs.2015.05.038

Diep, D. N., Giang, D. H., & Phu, P. H. (2018). Application of quantum gauss-jordan elimination code to quantum secret sharing code. International Journal of Theoretical Physics, 57 (3), 841–847.

Abulkasim, H., Hamad, S., & Elhadad, A. (2018). Reply to Comment on ‘Authenticated quantum secret sharing with quantum dialogue based on Bell states.’ Physica Scripta, 93 (2), 027001.

Gao, G., Wang, Y., Wang, D., & Ye, L. (2018). Comment on ‘Authenticated quantum secret sharing with quantum dialogue based on Bell states. Physica Scripta, 93 (2), 027002.

Liu, Z.-M., & Zhou, L. (2014). Quantum teleportation of a three-qubit state using a five-qubit cluster state. International Journal of Theoretical Physics, 53 (12), 4079–4082.

Liao, C.-H., Yang, C.-W., & Hwang, T. (2014). Dynamic quantum secret sharing protocol based on GHZ state. Quantum Information Processing, 13 (8), 1907–1916.

Zhang, J.-L., Zhang, J.-Z., & Xie, S.-C. (2018). A Choreographed Distributed Electronic Voting Scheme. International Journal of Theoretical Physics, 57 (9), 2676–2686.

Sharma, R. D., & De, A. (2016). Quantum voting using single qubits. Indian Journal of Science and Technology, 9 (42), 032329.

Google Scholar  

Ghose, S., Kumar, A., & Hamel, A. M. (2014). Multiparty quantum communication using multiqubit entanglement and teleportation. Physics Research International, 2014 , 1–8. https://doi.org/10.1155/2014/948750

Tian, J.-H., Zhang, J.-Z., & Li, Y.-P. (2016). A voting protocol based on the controlled quantum operation teleportation. International Journal of Theoretical Physics, 55 (5), 2303–2310.

Thapliyal, K., Sharma, R. D., & Pathak, A. (2016). Protocols for quantum binary voting. International Journal of Quantum Information, 15 (01), 1750007.

Cao, H.-J., Ding, L.-Y., Jiang, X.-L., & Li, P.-F. (2018). A new proxy electronic voting scheme achieved by six-particle entangled states. International Journal of Theoretical Physics, 57 (3), 674–681. https://doi.org/10.1007/s10773-017-3597-y

Zhang, J.-L., Xie, S.-C., & Zhang, J.-Z. (2017). An elaborate secure quantum voting scheme. International Journal of Theoretical Physics, 56 (10), 3019–3028.

Xue, P., & Zhang, X. (2017). A simple quantum voting scheme with multi-Qubit entanglement. Scientific Reports . https://doi.org/10.1038/s41598-017-07976-1

Ballance, C. J., Harty, T. P., Linke, N. M., Sepiol, M. A., & Lucas, D. M. (2016). High-fidelity quantum logic gates using trapped-ion hyperfine Qubits. Physical Review Letters . https://doi.org/10.1103/PhysRevLett.117.060504

Zhu, G., Subaşı, Y., Whitfield, J. D., & Hafezi, M. (2018). Hardware-efficient fermionic simulation with a cavity–qed system. Npj Quantum Information, 4 (1), 1–10.

Veldhorst, M., Eenink, H. G. J., Yang, C. H., & Dzurak, A. S. (2017). Silicon cmos architecture for a spin-based quantum computer. Nature Communications . https://doi.org/10.1038/s41467-017-01905-6

Kleißler, F., Lazariev, A., & Arroyo-Camejo, S. (2018). Universal, high-fidelity quantum gates based on superadiabatic, geometric phases on a solid-state spin-Qubit at room temperature. Npj Quantum Information, 4 (1), 1–6.

Wendin, G. (2017). Quantum information processing with superconducting circuits: A review. Reports on Progress in Physics, 80 (10), 106001.

Riedel, M. F., Binosi, D., Thew, R., & Calarco, T. (2017). The European quantum technologies flagship programme. Quantum Science and Technology, 2 (3), 030501. https://doi.org/10.1088/2058-9565/aa6aca

Raymer, M. G., & Monroe, C. (2019). The US national quantum initiative. Quantum Science and Technology, 4 (2), 020504.

Yin, J., Ren, J.G., Liao, S.K., Cao, Y., Cai, W.Q., Peng, C.Z. and Pan, J.W. (2019) Quantum science experiments with micius satellite. In 2019 Conference on Lasers and Electro-Optics (CLEO) . pp 1–2, ISSN 2160-8989.

Roberson, T. M., & White, A. G. (2019). Charting the Australian quantum landscape. Quantum Science and Technology, 4 (2), 020505.

Sussman, B., Corkum, P., Blais, A., Cory, D., & Damascelli, A. (2019). Quantum Canada. Quantum Science and Technology, 4 (2), 020503.

Yamamoto, Y., Sasaki, M., & Takesue, H. (2019). Quantum information science and technology in Japan. Quantum Science and Technology, 4 (2), 020502.

AlKawak, O. A., Ozturk, B. A., Jabbar, Z. S., & Mohammed, H. J. (2023). Quantum optics in visual sensors and adaptive optics by quantum vacillations of laser beams wave propagation apply in data mining. Optik, 273 , 170396. https://doi.org/10.1016/j.ijleo.2022.170396

Alomari, E. S., Nuiaa, R. R., Alyasseri, Z. A. A., Mohammed, H. J., Sani, N. S., Esa, M. I., & Musawi, B. A. (2023). Malware detection using deep learning and correlation-based feature selection. Symmetry, 15 (1), 123.

Download references

Acknowledgements

This work received no specific funding.

Author information

Authors and affiliations.

Department of Electronics and Communication, Yildiz Technical University, Istanbul, Turkey

Bilal A. Alhayani & Haci Ilhan

Department of Energy Engineering, College of Engineering, Al-Mussaib, University of Babylon, Hillah, Babil, Iraq

Omar A. AlKawak

Godwit Technologies, Pune, India

Hemant B. Mahajan

Department of Electrical and Computer Engineering, Altinbas University, 34218, Istanbul, Turkey

Roa’a Mohammed Qasem

You can also search for this author in PubMed   Google Scholar

Contributions

The authors contributed significantly to the research and this paper, and the first author is the main contributor.

Corresponding author

Correspondence to Bilal A. Alhayani .

Ethics declarations

Conflict of interest.

The authors declare that they have no conflicts of interest to report regarding the present study.

Informed Consent

Additional information, publisher's note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Alhayani, B.A., AlKawak, O.A., Mahajan, H.B. et al. Design of Quantum Communication Protocols in Quantum Cryptography. Wireless Pers Commun (2023). https://doi.org/10.1007/s11277-023-10587-x

Download citation

Accepted : 30 June 2023

Published : 18 July 2023

DOI : https://doi.org/10.1007/s11277-023-10587-x

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Quantum communication
• Quantum cryptography
• Physical sciences
• Find a journal
• Publish with us
• Track your research