The classical approach to achieve multiple security properties such as authentication, integrity and confidentiality is to combine dedicated building
blocks separately achieving each property. This apparently obvious process proves in fact to be very difficult, as testified by numerous attacks exploiting
weaknesses in the “mortar” connecting the blocks, even in widely used, and presumably well-known, products such as OpenSSL. A promising approach to solve
this issue is the use of combined primitives. This is for example the case for authenticated encryption, a fundamental cryptographic primitive that ensures
at the same time confidentiality, integrity and authentication. Many new authenticated encryption schemes were recently proposed in the framework of the
CAESAR competition.

The goal of this research project is to investigate the efficiency and security of these new proposals. That is, assuming that
authenticated encryption will be deployed on small embedded platforms, how to guarantee that these algorithms can be implemented within the time budget imposed by
practical applications, while making sure that they cannot (or at least not easily) be broken, especially by attacks taking advantage of physical
information leakages (so-called side-channel attacks). Besides, a more prospective research will investigate the possibilities to extend the recent trend of
“leakage-resilient” cryptography towards authentication and authenticated encryption. That is, can we design algorithms or encryption modes that are
inherently more secure against physical attacks?

Site web: http://www.securit-brussels.be/project/scaut/