Cryptography Research Laboratory

Cryptography Research Laboratory

Cryptography Research Laboratory (CRL) is a research group established in 2016. The primary focus of CRL is to research cryptographic fundamentals that enable secure communications. CRL develops new cryptographic building blocks, formally analyzes their security, implements cryptographic building blocks for secure communications, and finds attacks against existing cryptographic building blocks. The group is lead by Dr. Janaka Alawatugoda. The CRL is featured in the Hanthana Vision Research Magazine of the University of Peradeniya, Vol 7, Issue 1, in June 2021, and the Newsletter of the IEEE Computer Society Sri Lanka Chapter, Vol 1, Issue 1, in December 2021.


Distinguished Collaborators

Research Projects


At present providing quantum-safe security for systems became a major requirement to realize as existing secured cryptosystems may not survive after 30 years when quantum computers become a reality. Even though the existing quantum-safe cryptosystems are provably secure in theory, their security against side-channel (leakage) attacks may be problematic. In this research, we aim to construct leakage-resilient and quantum-safe cryptographic constructions.

21-021 RG/MATHS/AS_1-FR3240319461

Security models for two-party authenticated key exchange (AKE) protocols have been developed over the years to address various attack scenarios against AKE protocols. The extended Canetti–Krawczyk (eCK) security model is widely used to provide security arguments for AKE protocols because of its clear definitions of security as well as advanced adversarial capabilities. Most of the eCK-secure AKE protocols are proven to be secure in the random oracle model (ROM). The ROM is an ideal-world assumption, whereas the standard model captures the real-world assumptions. In this project, we investigate different security improvements on AKE protocols, such as leakage resiliency, secure pairing-based constructions, etc. Our aim is to come up with new provable-secure protocol constructions in the standard model.

E15-FYP (Gr13)

Surveillance and censorship-resistant communication have been interesting topics in online communication. In this research, we report the shortcomings of modern centralized architecture-based communication. Then we explore design techniques that protect users’ privacy. Under design techniques, we explain how distributed and decentralized systems provide the privacy that users envy along with NAT navigation techniques and methods of safeguarding privacy and anonymity in communication. Then we present our design of a hybrid decentralized communication system and utilize this to establish DTLS tunnels to maintain connectivity among devices behind NAT. Design covers explicit details of the communication protocols designed for connection establishment, communication, tunnel establishment, and connection termination. Then we present our experiments and results to measure the performance of the system in a real environment. Then we conclude the research along with the results and the shortcomings of the current design.


Typically, secure channels are constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties based on long-term public keys and establishes secret session keys, and a secure data transmission layer that uses the secret session keys to encrypt transmitted data. Particularly, in the real-world scenario, the TLS/SSL protocol suite is used for this purpose. First, the TLS/SSL handshake protocol exchanges a secret key (session key). Thereafter the TLS/SSL record protocol uses that session key to encrypt data. During the handshake protocol, both parties agree on an algorithm to encrypt data in the TLS/SSL record layer. During the past two decades, side-channel attacks become a popular method of attacking various cryptographic implementations. Side-channel attacks use the leakage of secret parameters due to the execution of the real-world implementation, to break the underlying cryptographic primitive.

In this research, we aim to address the partial leakage of long-term secret keys, ephemeral secret keys, and session keys of protocol participants, due to various side-channel attacks. Partial leakage of long-term secret keys, ephemeral secret keys, and session keys can negatively affect the security of channel establishment and data transmission. Security models for two-party AKE protocols have developed over time to provide security, even when the adversary learns certain secret values. In this work, we will advance the modeling of security for AKE protocols by considering more granular partial leakage of long-term secret keys, ephemeral secret keys, and session keys of protocol participants. Then we will construct AKE protocols that can be proven secure in the advanced security models. Thus, our project will be helpful to construct leakage-resilient protocol suites for future communication.


Power analysis attacks are a relatively new type of attack which measures and analyses the power consumption of electronic circuits to extract secret information. These attacks have become a huge threat to the security of embedded systems. Therefore, identifying ciphers which are vulnerable against these type of attacks and developing countermeasures is of paramount importance. Many studies have been done on this topic. However, most of them are on block ciphers. This research focuses on an attack done on Trivium, which is a stream cipher. Correlation power analysis (CPA) is used in this attack to analyze the power consumption of the cryptosystem and figure out the secret key.

NRC 16-020

As the Internet developed, more and more computers and private networks are connected to the Internet. Since the Internet is a public resource, the security of the information exchanges via the Internet is not guaranteed. Therefore, ensuring the security of the information becomes an important task. Cryptography is engaged with communication systems to enforce the security of the information by establishing a secure channel for communication. A secure channel ensures that no third party can see or modify the actual messages that are being transferred. In the real world, Transport Layer Security/Secure Socket Layer (TLS/SSL) protocol suites are used for this purpose. First, the “TLS/SSL handshake protocol” exchanges a secret session key. After that, the “TLS/SSL record protocol” uses a secret session key to encrypt the messages.

In the key exchange phase (handshake protocol), various secret keys of communicating parties can be leaked to the attacker, and in the message transmission phase (record protocol), the secret session keys, as well as the plaintext messages can be leaked to the attacker, due to various side-channel attacks. Much research has been carried out in analyzing the leakage of

(1)—various secret keys in the key exchange phase, and

(2)—secret session keys in the message transmission phase.

Relatively less research has been carried out in analyzing the leakage of plaintext messages in the message transmission phase. In this research, our aim is to address this research gap and deploy necessary server/client-side countermeasures to the TLS/SSL protocol suite, in order to protect the plaintext messages from side-channel attacks. Although compression is desirable for network applications as it saves bandwidth, when data is compressed before being encrypted, the amount of compression leaks information about the quantity of redundancy in the plaintext. This side-channel has led to successful CRIME and BREACH attacks on web traffic protected by the TLS/SSL protocols.

The obvious mitigation technique is to eliminate data compression before the encryption, which is not desirable as it will waste the communication bandwidth. There are a number of mitigation techniques proposed by Gluck et al. [GHP13], without formal security arguments. In 2015, Alawatugoda et al. [ASB15] formally proved the security of one mitigation technique proposed by Gluck et al, as well as proposed a new proven secure mitigation technique; separating secrets from user inputs and fixed-dictionary compression, respectively. Currently, it is an open research question to adopt the proven secure mitigation techniques against compression-based side-channel attacks with real-world security protocol suites such as TLS/SSL protocol suites.