english only
School of Computer and Communication Sciences
LASEC - Security and Cryptography Laboratory
Banner IC
Softwares & Events
How to reach us


Station 14 - Building INF
CH-1015 Lausanne

Tel. +41 21 693 7603

Job application or support letter request:
please read our policy.

 Research topics

 Research projects

Lightweight Cryptography

We study the design of lightweight cryptographic primitives of all kinds and their security.

RFID and Distance Bounding

We formalize and study security and privacy issues in RFID protocols. A quite related topic is the notion of distance bounding protocol that aims to mitigate man-in-the-middle attacks.

Design of Public-Key Cryptography Primitives

We contribute to advances in public-key cryptography by designing new algorithms.

Robust Cryptography, Composability, and Setup Assumptions

We seek for making cryptographic schemes resilient to leakage and being composable.


We analyze the security of cryptographic primitives and protocols. Sometimes, this leads us to demonstrating insecurity.

Methodology and Theory

We optimize algorithms which are used in cryptanalysis.

Automated Security Verification

We develop methods to verify automatically security of protocols.

 Past research projects

RFID Security

We study identification protocols over radio link for very low-cost devices. We concentrate on privacy issues and security. We yield flaws in several proposed protocols. We derive a new protocol based on key search with time-memory tradeoffs together with applications and comparisons with alternate protocols. We formalize the notion of privacy and the connection with various communication layers.

Cryptographic Analysis

We enjoy breaking cryptographic schemes or studying ways to prove their security. So far, we played with the Chor-Rivest cryptosystem (one of the earliest cryptosystem based on knapsacks) and TLS (against which we mounted a timing attack over a network by using tools from our optimal distinguisher techniques). We also developed the decorrelation theory.

Stream Ciphers

In this project we study, analyze, construct stream ciphers and related toolkits. We derive a framework to identify and construct optimal distinguishers between random sources. The notion of sequential distinguisher and the link between distinguishers and hypothesis testing is identified. We provide attacks against the standard Bluetooth encryption E0. We construct a trapdoor stream cipher, that is a new public-key cryptosystem for which encryption is low-cost since entirely based on stream cipher techniques.

Ad-hoc Key Establishment

In this project we study alternate mechanisms to set up a secure communication channel, that is to establish a symmetric key. We derive and analyze a protocol to authenticate an arbitrary digital information over an insecure channel provided that we have a secure channel at disposal which can be used to authenticate a very short string. This can be used for instance to authenticate a Diffie-Hellman protocol or a public key with (only little) help of human monitoring. Main applications are for local wireless communications and peer-to-peer security. We derive and analyze variants which are non-interactive or with integrated key agreement. We construct series of 3-party protocols including a human operator who can be involved in small computations. We analyze the Bluetooth key establishment protocol and show that security could be higher than expected if properly used.

Short Signatures

In this project we derive and analyze a series of undeniable signature schemes and variants and we study applications. We derive MOVA, a generic undeniable signature scheme with arbitrary small signature length based on a secret group homomorphism which is hard to interpolate. We study several group homomorphisms and implementation issues.

© 2023, EPFL