Research group Applied Security and Information Assurance (APSIA)

Our Research

Design, analysis and modelling of secure systems
APSIA’s mission is to develop and evaluate techniques to mitigate the multitude of cyber threats, and make the digital world more secure and trustworthy for its citizens. This covers design and verification of cryptographic protocols, privacy-enhancing technologies, as well as secure voting and digital democracy. It also encompasses quantum and post-quantum cryptography to future-proof security.

The Race to Prevent
the Quantum
Apocalypse

Read the Article

Researchers & Partners

The group specialises in the design, analysis and modelling of security protocols using classical, quantum, and post-quantum cryptography. They also investigate modelling and verification techniques that take account of the human and social aspects to achieve usable security. Researchers interested in the mathematical foundations of cybersecurity, with strong analytical skills and the ability of abstract thinking, will find a welcoming and stimulating environment in which they are encouraged to acquire new skills, to develop professionally and to perform creative and analytical research to benefit society.

Public sector and industrial partners with scientific research challenges in information assurance, including cryptographic primitives and protocols, quantum-resilient and agile cryptography, the digital society and e-democracy, and secure transactions will find a group with world-class expertise in classical and quantum cryptography employing cutting-edge, interdisciplinary techniques to create practical, real-world solutions.

Our Projects

  • Duration:

    01/04/2020-31/03/2023

  • Funding source:

    FNR CORE

  • Researchers:

    Peter Y.A. Ryan, Peter Roenne, Johannes Mueller, Georgios Fotiadis

  • Partners:

  • Description:

    Digital information and communication technologies, entrenched in the fabric of modern society, enrich and facilitate our lives. Elections form the foundations of democracy and as such, ensuring their security is of the utmost importance. One of the major security challenges that ought to be dealt with is the threat posed by the emergence of quantum computers. Almost all existing schemes depend on cryptography, which will be broken by quantum algorithms. Therefore, the goal of this project is to develop and prototype practical e-voting schemes that are secure against attackers capable of performing arbitrary quantum computations.

  • Duration:

    01/01/2021-31/12/2023

  • Funding source:

    FNR CORE

  • Researchers:

    Peter Y.A. Ryan, Johannes Mueller

  • Partners:

  • Description:

    Systems for electronic voting are now widely used both for national, state-wide, and municipal elections all over the world. At the same time, its security is increasingly challenged: bad cyber-actors, ranging from nation states, cyber-criminals and hacktivists, pose massive threats for e-voting systems. Our project aims to provide solutions for protecting voters’ privacy against future quantum attackers or even more powerful ones. The motivation is to not wait until such attackers have become a reality: we anticipate their development and act now. Therefore, our solutions aim to be highly practical so that they can be used for securing today’s elections.

  • Duration:

    01/01/2018-31/12/2020

  • Funding source:

    EC H2020

  • Researchers:

    Peter Y.A. Ryan

  • Partners:

    Technikon Forschungs Und Planungsgesellschaft Mbh | Austria | Industry / SME;
    University Of Surrey | United Kingdom | Academia / Research;
    Ubitech Limited | Cyprus | Industry / SME;
    Royal Holloway And Bedford New College | United Kingdom | Academia / Research;
    IBM Research Gmbh | Switzerland | Industry / SME;
    The University Of Birmingham | United Kingdom | Academia / Research;
    Infineon Technologies AG | Germany | Industry / SME;
    Infineon Technologies Austria AG | Austria | Industry / SME;
    Inesc Id Instituto De Engenhariade Sistemas E Computadores, Investigacao E Desenvolvimento Em Lisboa | Portugal | Academia / Research;
    SUITE5 DATA INTELLIGENCE SOLUTIONS LIMITED | Ireland | Industry / SME;
    University Of Piraeus Research Center | Cyprus | Academia / Research;
    Huawei Technologies Duesseldorf Gmbh | Germany | Industry / SME;
    Viva Payment Services Sa | Greece | Industry / SME;

  • Description:

    The goal of FutureTPM is to design a QR TPM by identifying and developing QR algorithms suitable for inclusion in a TPM. The algorithm design will be accompanied with implementation and performance evaluation in a hardware TPM, software TPM and virtual TPM. The work will be validated through formal security analysis, and also by considering three use cases:device management, e-payment and activity tracking. FutureTPM combines QR cryptography researchers with TPM developers, vendors and end users. The results will be published (in high-quality journals and conferences), and they will also contribute to new TPM standards.

  • Duration:

    01/08/2018-31/07/2022

  • Funding source:

    FNR INTER

  • Researchers:

    Peter Y.A. Ryan, Peter Roenne, Johannes Mueller

  • Partners:

    Norwegian University of Science and Technology | Norway | Academia / Research;
    University of Melbourne | Australia | Academia / Research;
    Queensland University of Technology | Australia | Academia / Research;

  • Description:

    This project will investigate the security of voting systems and increase our assurance in state-of-the-art voting systems. The focus will be on three specific areas that are critical in progressing towards adoption of modern voting systems to the benefit of society. (1) User confidence: voting systems must be designed so that voters believe in their security and integrity. (2) Security proofs: to provide a mathematical security proofs for the typically complex voting systems. (3) Long-term security: protect electronic records to remain secure into the future, specifically also against quantum computers.

  • Duration:

    01/07/2018-30/06/2021

  • Funding source:

    FNR CORE

  • Researchers:

    Peter Y. A. Ryan, Arash Atashpendar, Dimiter Ostrev, Peter Roenne, Jeroen van Wier

  • Partners:

  • Description:

    The goal of Q-CoDe is to conduct a thorough formal analysis of the promising, but poorly understood field of deniable quantum communication. The results will be both in the form of impossibility, as well as feasibility theorems. In the latter case, actual protocols satisfying deniability will be developed. This will be both in the form of modifying existing QKD protocols to restore deniability, as well as devising new quantum protocols that provide deniability for key exchange and beyond, e.g. for e-voting. The methodology will be continuously supported by software prototyping aimed at running simulations and validating our approach and results.

  • Duration:

    01/10/2016-30/09/2020

  • Funding source:

    FNR INTER

  • Researchers:

    Peter Y. A. Ryan, Peter Roenne, Marie-Laure Zollinger

  • Partners:

    Universite Catholique Louvain la Neuve | Belgium

  • Description:

    The goal of this research project is to provide significant advances on the issues that appear in modern voting and e-voting systems, with a particular focus on the following aspects: rigorous expression of the security properties intended from and/or exhibited by a voting system, in order to both improve our understanding of what can be achieved in general, and of the properties, and potential weaknesses, of actual systems. Further, the design of voting systems and components, that offer a more effective balance between coercion-resistance and usability and improved robustness, resilience to incidents, and more effective dispute resolution procedures.

  • Duration:

    01/05/2015-30/04/2018

  • Funding source:

    FNR CORE

  • Researchers:

    Peter Y. A. Ryan, Jean Lancrenon, Jose Becerra, Dimiter Ostrev, Marjan Skrobot

  • Partners:

  • Description:

    Authenticated Key Exchange protocols (AKEs) are cryptographic protocols that allow two or more parties to jointly compute a shared session key over an insecure public channel. Ever since the advent of provable security, an enormous amount of research has been done to define ever-stronger complexity-theoretic security models to capture desirable AKE properties. However, consensus has yet to be established over which models are the most suitable, both in theory and practice. Our goal is to conduct this study independently of the authentication mechanism used (PKI-based, password-based, attribute-based, etc.) and the underlying key exchange technique (group-based, lattice-based, quantum-based etc.).

  • Duration:

    01/10/212-30/09/2014

  • Funding source:

    FNR INTER

  • Researchers:

    Peter Y. A. Ryan, Rui Joaquim, Rolf Haenni, Eric Dubuis, Reto Koenig

  • Partners:

    Bern University of Applied Sciences | Switzerland

  • Description:

    The VIVO project is motivated by the broad discrepancy between theory and practice in electronic voting today. The general goal of the project is to diminish this gap between the theory and practice of Internet voting and to push the deployment of the latest research achievements into next-generation systems to be developed worldwide. The project is a collaboration between two internationally well-recognised e-voting research groups from the Bern University of Applied Sciences and the University of Luxembourg.

  • Duration:

    01/09/2016-31/08/2019

  • Funding source:

    FNR CORE

  • Researchers:

    Peter Y. A. Ryan, Wojciech Jamroga, Leon van der Torre, Arash Atashpendar, Gergei Bada, David Mestel, Masoud Tabatabaei, Salima Lamhar, Wojciech Penczek, Michal Knapik, Damian Kurpiewski, Teofil Sidoruk, Marek A. Bednarczyk, Tadeusz Puzniakowski

  • Partners:

    Institute of Computer Science, Polish Academy of Sciences (ICS PAS) | Poland;
    Polish-Japanese IT Academy (PJITA) | Poland

  • Description:

    We propose to use techniques from formal specification and verification of multi-agent systems, and apply them to verify information security requirements for voting protocols. The research will lead to the development of a toolbox for practical verification of strategic properties in interaction protocols. We will significantly extend the existing techniques of model checking so that it becomes possible to verify strategic properties in voting procedures. Furthermore, we will develop abstract specifications that disambiguate different flavours of confidentiality, voter-verifiability, and coercion-resistance, as well as actual models and reduction techniques for the voting domain.

  • Duration:

    01/03/2018-28/02/2021

  • Funding source:

    FNR CORE

  • Researchers:

    Alfredo Rial, Peter Y. A. Ryan

  • Partners:

  • Description:

    A zero-knowledge (ZK) proof system allows a prover to prove statements to a verifier without revealing secret information. The goal of this project is to define, construct and analyse protocols for stateful zero-knowledge (SZK). We view the state as a data structure where the prover stores each piece of data at a certain position.

    We will use SZK as building block in protocols for data collection and analysis. Thanks to the strong privacy properties offered by SZK, we will be able to design protocols for tasks that before could not be realised while fully protecting user privacy.

  • Duration:

    01/05/2012-31/05/2015

  • Funding source:

    FNR CORE

  • Researchers:

    Sjouke Mauw, Peter Y. A. Ryan, Vincent Koenig, Gabriele Lenzini, Ana Margarita Ferreira, Wu Yining, Jean-Louis Huynen

  • Partners:

  • Description:

    STAST is about modelling and analysing the security and trustworthiness of systems as complex socio-technical structures where humans are crucial in either maintaining or undermining security. In such systems vulnerabilities exist not in the technical but rather in the social components, which are usually weaker because they are overlooked in traditional security analysis. STAST refers to a multi-layered model of systems, which consists of a sequence of communicating elements such as personae, user interfaces, operating system processes, and network agents.

  • Duration:

    01/07/2012-30/06/2014

  • Funding source:

    FNR AFR PostDoc

  • Researchers:

    Jean Lancrenon, Peter Y. A. Ryan

  • Partners:

  • Description:

    The objective of PAKAJ is to conduct a broad study of the password-based key exchange protocol J-PAKE designed by Feng HAO and Peter Y.A. RYAN. Three main directions are to be explored: 1) comparing different notions of security for password-authenticated key agreement, 2) establishing the exact security of J-PAKE in a computational model of security, and 3) abstracting J-PAKE’s underlying construction to try to obtain similar password-based key exchange algorithms from other computational assumptions.

  • Duration:

    01/05/2020-31/10/2020

  • Funding source:

    FNR COVID-19

  • Researchers:

    Peter Y. A. Ryan

  • Partners:

  • Description:

    This project aims at facilitating exit strategies that incorporate access control to the public space, border crossings, and critical areas. The strategies are based on the individual COVID-19 immunity and/or infection status. Also, the project will investigate the implementation of contact-tracing apps in Luxembourg, which clearly is an essential component of a successful exit strategy in order to backtrack and contain the infection.
    The smart access control system can be based on passports, ID cards or smart cards. We will propose a mechanism, produce a prototype implementation, and present a preliminary formal analysis of access-control solutions for exit strategies.