CSE Associate Professor Attila A. Yavuz and his lab, Applied Cryptography Research Laboratory (ACRL), are leading a highly competitive research project "Distributed Computing in Effect: Towards Trustworthy, Resilient and Secure NextG Mobile Networks" funded by the National Science Foundation (NSF). This project aims to defend next-generation mobile networks against powerful adversaries that may compromise critical components of the network and even have access to quantum computers. Professor Yavuz’s research group, ACRL, leads this collaborative project that was recently awarded $1.2 million, and his lab’s portion of the funds was $255,000. The coalition includes Dr. Mehran Mozaffari Kermani as Co-PI from USF and Virginia Tech and Oregon State University as external partners.
Professor Yavuz is the Director of the Applied Cryptography Research Laboratory (ACRL) and a Co-Director of the Center of Cryptologic Research. “As a cyber-security expert with a great passion for cryptography, this project allows me to harness my skills to protect our critical network infrastructure from hackers, and it is an invaluable motivation for me to participate in this project,” said Professor Yavuz. At the heart of any emerging networked system (e.g., 6G, vehicular networks) lies the Public Key Infrastructure (PKI) and Key Management (KM) since they form the backbone of the security mechanisms that support our internet. However, these PKIs and KMs have crucial problems: (i) They rely on centralized architectures, which makes them vulnerable to breaches and single points of failure. (ii) They are currently based on conventional cryptographic methods. Emerging quantum computers can break these conventional public key-based (PKC) techniques (e.g., RSA, ECDSA) much faster than classic computers can. (iii) The emerging next-generation networks have very stringent performance requirements such as low latency and transmission. (iv) Many of the existing software used in these cyberinfrastructures are not safe against implementation attacks. The project team led by Dr. Yavuz aims to address these vital problems.
The centrality poses a severe threat to the reliability and safety of current PKI/KM systems. For example, consider a certification authority which single-handedly procedures certificates for various mobile devices. It has been historically shown that a single compromised authority negatively impacted several millions of people at once. Besides being vulnerable to breaches, centrality also incurs more cryptographic overhead during handovers when mobile devices traverse from one wireless coverage to another. The project team will address these centrality challenges by developing novel secure multi-party computation (MPC) techniques that are strategically synergized by the mobile network architectures of next-generation systems. By thresholding PKI/KM algorithms effectively, we will not only mitigate the risk of compromise but also enable collaboration among different wireless service providers, thereby reducing the handover costs drastically.
In addition to centrality issues, NextG networks, such as vehicular networks, also have strict performance requirements due to their real-time nature. For example, consider a vehicle broadcasting its velocity and direction every second to coordinate with other vehicles and infrastructure around. By tampering with this message, an attacker may create accidents, and therefore, all those messages must be authenticated. However, existing cryptographic techniques add significant delay, which may cause accidents due to factors such as increased brake time. To make matters more complicated, quantum computers can break these conventionally secure existing schemes. Yet, the future replacement of these schemes like NIST-PQC standards is significantly costlier than their conventional counterparts since they require more computation and transmission, thereby putting a heavier load on the vehicular network.
Professor Yavuz’s research group will devise novel post-quantum algorithms that are not only efficient but also distributed in nature, thereby addressing the centrality issues of current mobile networks. For example, they will vastly improve recent NIST-PQC signature schemes by thresholding with secure multi-party computing, thereby making PKIs and KMs resilient to breaches and quantum-safe at the same time. These innovations will also permit network entities to form alliances without exposing their secrets, therefore further reducing the costs for handovers in mobile networks. Finally, our team will develop countermeasures against implementation attacks that can leak important secrets via timing, power, or fault traces that can be found in cyber-security mechanisms.
The proposed project is expected to tackle some of the biggest open research challenges in emerging next-generation mobile systems with such innovation solutions, thereby making a significant broad impact on a myriad of real-life applications such as mobile phones, vehicular networks, aerial networks, and autonomous robotic systems are just some to mention. The proposed innovations have the potential to improve emerging NIST-PQC and lightweight security standards, thereby forming novel standards by themselves and making a lasting long-term impact in cyber-security and networking technologies.