Research

My research is in the area of elliptic curve cryptography and related number-theoretic questions. I am interested in new cryptographic primitives, new algorithms in computational number theory, new protocols, efficient implementation, and cryptanalysis. The focus of my recent work is on post-quantum cryptography and isogeny-based cryptosystems.

Journal articles

  1. Fast software implementation of bilinear pairings (http://cacr.uwaterloo.ca/techreports/2016/cacr2016-03.pdf), with R. Azarderakhsh, D. Fishbein, G. Grewal, S. Hu, P. Longa, and R. Verma, IEEE T. Depend. Secure. (to appear), doi:10.1109/TDSC.2015.2507120 (http://dx.doi.org/10.1109/TDSC.2015.2507120).
  2. Post-quantum cryptography on FPGA based on isogenies on elliptic curves (https://eprint.iacr.org/2016/672), with B. Koziel, R. Azarderakhsh, and M. Kermani, IEEE Trans. Circuits Syst. I, Reg. Papers 64(1):86-99, 2017, doi:10.1109/TCSI.2016.2611561 (http://dx.doi.org/10.1109/TCSI.2016.2611561).
  3. Common subexpression algorithms for space-complexity reduction of Gaussian normal basis multiplication (http://cacr.uwaterloo.ca/techreports/2015/cacr2015-03.pdf), with R. Azarderakhsh and H. Lee, IEEE Trans. Inf. Theory 61(5):2357-2369, 2015, doi:10.1109/TIT.2015.2409833 (http://dx.doi.org/10.1109/TIT.2015.2409833).
  4. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies (http://eprint.iacr.org/2011/506), with L. De Feo and J. Plût, J. Math. Cryptol. 8(3):209-247, 2014, doi:10.1515/jmc-2012-0015 (http://dx.doi.org/10.1515/jmc-2012-0015).
  5. Constructing elliptic curve isogenies in quantum subexponential time (http://arxiv.org/abs/1012.4019), with A. Childs and V. Soukharev, J. Math. Cryptol. 8(1):1-29, 2014, doi:10.1515/jmc-2012-0016 (http://dx.doi.org/10.1515/jmc-2012-0016).
  6. Expander graphs based on GRH with an application to elliptic curve cryptography (http://arxiv.org/abs/0811.0647), with S. D. Miller and R. Venkatesan, J. Number Theory 129(6):1491-1504, 2009, doi:10.1016/j.jnt.2008.11.006 (http://dx.doi.org/10.1016/j.jnt.2008.11.006).
  7. Supersingular primes for points on X0(p) / wp (http:../../wiki/images/d/df/Jnt-2005.pdf), J. Number Theory 113(2):208-225, 2005, doi:10.1016/j.jnt.2004.09.002 (http://dx.doi.org/10.1016/j.jnt.2004.09.002).

Refereed conference proceedings

  1. Efficient compression of SIDH public keys (https://eprint.iacr.org/2016/963), with C. Costello, P. Longa, M. Naehrig, J. Renes, and D. Urbanik, Eurocrypt 2017, Part I, pp. 679-706, doi:10.1007/978-3-319-56620-7_24 (http://dx.doi.org/10.1007/978-3-319-56620-7_24)
  2. A post-quantum digital signature scheme based on supersingular isogenies (http://cacr.uwaterloo.ca/techreports/2017/cacr2017-02.pdf), with Y. Yoo, R. Azarderakhsh, A. Jalali, and V. Soukharev, FC 2017 (to appear).
  3. On fast calculation of addition chains for isogeny-based cryptography (https://eprint.iacr.org/2016/1045), with B. Koziel, R. Azarderakhsh, and M. Mozaffari-Kermani, Inscrypt 2016, pp. 323-342, doi:10.1007/978-3-319-54705-3_20 (http://dx.doi.org/10.1007/978-3-319-54705-3_20).
  4. NEON-SIDH: Efficient implementation of supersingular isogeny Diffie-Hellman key exchange protocol on ARM (https://eprint.iacr.org/2016/669), with B. Koziel, R. Azarderakhsh, A. Jalali, and M. Mozaffari-Kermani, CANS 2016, pp. 88-103, doi:10.1007/978-3-319-48965-0_6 (http://dx.doi.org/10.1007/978-3-319-48965-0_6).
  5. Key compression for isogeny-based cryptosystems (http://eprint.iacr.org/2016/229), with R. Azarderakhsh, K. Kalach, B. Koziel, and C. Leonardi, AsiaPKC 2016, pp. 1-10, doi:10.1145/2898420.2898421 (http://dx.doi.org/10.1145/2898420.2898421).
  6. Post-quantum security models for authenticated encryption (http://cacr.uwaterloo.ca/techreports/2016/cacr2016-04.pdf), with V. Soukharev and S. Seshadri, PQCrypto 2016, pp. 64-78, doi:10.1007/978-3-319-29360-8_5 (http://dx.doi.org/10.1007/978-3-319-29360-8_5).
  7. A quantum algorithm for computing isogenies between supersingular elliptic curves (http://cacr.uwaterloo.ca/techreports/2014/cacr2014-24.pdf), with J. F. Biasse and A. Sankar, Indocrypt 2014, pp. 428-442, doi:10.1007/978-3-319-13039-2_25 (http://dx.doi.org/10.1007/978-3-319-13039-2_25).
  8. Isogeny-based quantum-resistant undeniable signatures (http://cacr.uwaterloo.ca/techreports/2014/cacr2014-15.pdf), with V. Soukharev, PQCrypto 2014, pp. 160-179, doi:10.1007/978-3-319-11659-4_10 (http://dx.doi.org/10.1007/978-3-319-11659-4_10).
  9. Efficient implementation of bilinear pairings on ARM processors (http://eprint.iacr.org/2012/408), with G. Grewal, R. Azarderakhsh, P. Longa, and S. Hu, SAC 2012, pp. 149-165, doi:10.1007/978-3-642-35999-6_11 (http://dx.doi.org/10.1007/978-3-642-35999-6_11). Source code: projective (http:../../relicproj.tar.gz) pairings, affine (http:../../relicaffine.tar.gz) pairings, ARM assembly (http:../../gmp.tar.gz) code, and improved ARM assembly code (http:../../thesis-code.tar.bz2) from D. Fishbein's thesis (https://uwspace.uwaterloo.ca/bitstream/handle/10012/8400/Fishbein_Dieter.pdf).
  10. Publicly verifiable secret sharing for cloud-based key management (http:../../wiki/images/9/9c/Indocrypt11.pdf), with R. D'Souza, I. Mironov, and O. Pandey, Indocrypt 2011, pp. 290-309, doi:10.1007/978-3-642-25578-6_21 (http://dx.doi.org/10.1007/978-3-642-25578-6_21).
  11. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies (http://cacr.uwaterloo.ca/techreports/2011/cacr2011-32.pdf), with L. De Feo, PQCrypto 2011, pp. 19-34, doi:10.1007/978-3-642-25405-5_2 (http://dx.doi.org/10.1007/978-3-642-25405-5_2).
  12. A subexponential algorithm for evaluating large degree isogenies (http://arxiv.org/abs/1002.4228), with V. Soukharev, ANTS IX, pp. 219-233, doi:10.1007/978-3-642-14518-6_19 (http://dx.doi.org/10.1007/978-3-642-14518-6_19).
  13. A study of two-party certificateless authenticated key-agreement protocols (http:../../wiki/images/1/1a/Indocrypt09.pdf), with C. Swanson, Indocrypt 2009, pp. 57-71, doi:10.1007/978-3-642-10628-6_4 (http://dx.doi.org/10.1007/978-3-642-10628-6_4).
  14. Boneh-Boyen signatures and the Strong Diffie-Hellman problem (http://eprint.iacr.org/2009/221), with K. Yoshida, Pairing 2009, pp. 1-16, doi:10.1007/978-3-642-03298-1_1 (http://dx.doi.org/10.1007/978-3-642-03298-1_1).
  15. Speeding up pairing computations on genus 2 hyperelliptic curves with efficiently computable automorphisms (http:../../wiki/images/1/1a/Pairing-2008.pdf), with X. Fan and G. Gong, Pairing 2008, pp. 243-264, doi:10.1007/978-3-540-85538-5_17 (http://dx.doi.org/10.1007/978-3-540-85538-5_17).
  16. Efficient pairing computation on genus 2 curves in projective coordinates (http:../../wiki/images/b/b5/Sac-2008.pdf), with X. Fan and G. Gong, SAC 2008, pp. 18-34, doi:10.1007/978-3-642-04159-4_2 (http://dx.doi.org/10.1007/978-3-642-04159-4_2).
  17. On the bits of elliptic curve Diffie-Hellman keys (http:../../wiki/images/8/82/Indocrypt-2007.pdf), with D. Jetchev and R. Venkatesan, Indocrypt 2007, pp. 33-47, doi:10.1007/978-3-540-77026-8_4 (http://dx.doi.org/10.1007/978-3-540-77026-8_4).
  18. Digit set randomization in elliptic curve cryptography (http:../../wiki/images/0/0a/Saga-2007.pdf), with S. R. Raju and R. Venkatesan, SAGA 2007, pp. 105-117, doi:10.1007/978-3-540-74871-7_10 (http://dx.doi.org/10.1007/978-3-540-74871-7_10).
  19. Do all elliptic curves of the same order have the same difficulty of discrete log? (http:../../wiki/images/9/91/Asiacrypt-2005.pdf), with S. D. Miller and R. Venkatesan, Asiacrypt 2005, pp. 21-40, doi:10.1007/11593447_2 (http://dx.doi.org/10.1007/11593447_2).
  20. Applications of secure electronic voting to automated privacy-preserving troubleshooting (http:../../wiki/images/2/2e/Ccs-2005.pdf), with Q. Huang and H. J. Wang, CCS 2005, pp. 68-80, doi:10.1145/1102120.1102132 (http://dx.doi.org/10.1145/1102120.1102132).

Book chapters

  1. Elliptic curve cryptography (http:../../wiki/images/a/a1/Handbook.pdf), in Handbook of Information and Communication Security, pp. 35-57, doi:10.1007/978-3-642-04117-4_3 (http://dx.doi.org/10.1007/978-3-642-04117-4_3).

Workshop proceedings

  1. Isogeny-based cryptography on mobile devices (http://docbox.etsi.org/Workshop/2013/201309_CRYPTO/e-proceedings_Crypto_2013.pdf), with D. Fishbein, Proceedings of the 1st ETSI workshop on quantum-safe cryptography (http://www.etsi.org/news-events/events/648-crypto-workshop2013), 2013. (source code (http:../../thesis-code.tar.bz2))
  2. Constructing elliptic curve isogenies in quantum subexponential time (http://qip2011.quantumlah.org/scientificprogramme/abstract/1012.4019.pdf), with A. Childs and V. Soukharev, 14th Workshop on Quantum Information Processing (http://qip2011.quantumlah.org/), 2011.

Patents

  1. Systems and protocols for anonymous mobile payments with personal secure devices (http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220130138571%22.PGNR.&OS=DN/20130138571&RS=DN/20130138571), with A. T. Vassilev and D. P. Jetchev, United States patent application no. 2013/0138571 (filed September 25, 2008).
  2. Privacy-preserving data aggregation using homomorphic encryption (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7856100), with H. J. Wang and Q. Huang, United States patent 7856100 (issued December 21, 2010).
  3. Aggregating information from a cluster of peers (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7743123), with H. J. Wang, N. Borisov, and Q. Huang, United States patent 7743123 (issued June 22, 2010).
  4. Randomized sparse formats for efficient and secure computation on elliptic curves (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7664258), with R. Venkatesan, P. Montgomery, and S. R. Raju, United States patent 7664258 (issued February 16, 2010).
  5. Systems and methods for generation and validation of isogeny-based signatures (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7617397), with P. Montgomery, R. Venkatesan, and V. Boyko, United States patent 7617397 (issued November 10, 2009); CIPO patent CA 2517807 (http://brevets-patents.ic.gc.ca/opic-cipo/cpd/eng/patent/2517807/summary.html) (issued May 13, 2014).
  6. Determining cardinality of a parameter using hash values (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7584182), with H. J. Wang, N. Borisov, and Q. Huang, United States patent 7584182 (issued September 1, 2009).
  7. Use of isogenies for design of cryptosystems (http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F7499544), with R. Venkatesan, United States patent 7499544 (issued March 3, 2009); CIPO patent CA 2483486 (http://brevets-patents.ic.gc.ca/opic-cipo/cpd/eng/patent/2483486/summary.html) (issued December 24, 2013).