PhD Position: AI-assisted Physical Attacks on PQC Implementations

PhD Position: AI-assisted Physical Attacks on PQC Implementations

Published Deadline Location
18 Nov 14 Jan Nijmegen

Job description

Are you passionate about security and privacy and protecting user data? Do you believe that quantum-safe crypto algorithms can run securely on small devices? If so, join the Digital Security (DiS) group as a PhD candidate and help shape the future of secure technology!

Post-quantum cryptography (PQC) standards are gradually replacing public-key cryptography (PKC). This shift is driven by the vulnerability of existing PKC-based protocols to potential cryptanalysis attacks facilitated by quantum computers. While PQC algorithms are robust to known mathematical attacks, they are susceptible to physical attacks that monitor system execution (via side-channels). Therefore, it is crucial to identify and address these vulnerabilities before PQC is widely adopted. However, this new class of algorithms uses much larger key sizes, needs more resources in general, and uses more complex schemes (than classical PKC), making them considerably more computationally expensive than hardened PKC algorithms. This poses various non-trivial challenges to state-of-the-art methods for side-channel analysis (SCA) techniques for the security testing and validation of embedded systems. To ensure that critical digital infrastructure will withstand the quantum threat, we need to rethink the way digital devices are assuredly secured early on in their design stage in order to overcome existing methodological and computational inefficiencies.

This project investigates how to efficiently evaluate the resistance of post-quantum cryptographic implementations to physical attacks. The increased key sizes and more complex mathematical principles of PQC, in combination with countermeasures to side-channel analysis (SCA) attacks, significantly increase the data and computational complexity to analyse an implementation and evaluate side-channel leakage and fault tolerance. The project will exploit similarities and connections between side-channel analysis and genomics to develop novel methods and computational approaches for future-proof SCA techniques. It will create an advanced security testing suite that incorporates cutting-edge bio-inspired and deep learning-based SCA techniques, as well as several hardware acceleration IP blocks, optimised for high-performance SCA.

The concrete focus of your PhD research will be determined based on your interests and background. Possible topics and tasks include, but are not limited to: (i) considering existing deep learning SCA methodologies and revisiting them in the light of new complexity issues brought by implementations of PQC; (ii) exploring connections between bio-based and deep learning methods and their role in security evaluation, (iii) developing novel SCA methods inspired by genomics principles and algorithms, (iv) performing leakage assessment as a combination of techniques derived in the project and showcasing them on lightweight and PQC crypto implementations; (v) exploring language models for SCA.

You will be supervised by Lejla Batina and Stjepan Picek to conduct research and publish the results in top-ranked international academic conferences and journals. Within the project, you are expected to collaborate with researchers from the University of Twente and a number of companies in the project’s user committee.

You will spend about 10% of your time (0.1 FTE) assisting with teaching at our department. This will typically include tutoring practical assignments, grading coursework, and supervising student projects.

Specifications

Radboud University

Requirements

  • You should hold a Master’s degree in computer science, engineering, or a related field or expect to obtain such a degree soon.
  • You have solid programming skills and an affinity for using machine learning in your work.
  • You have a strong interest in cryptography and embedded systems security and particularly in their real-world deployment.
  • You are proficient in English and have good communication, presentation and writing skills

Conditions of employment

  • We will give you a temporary employment contract (1.0 FTE) of 1,5 years, after which your performance will be evaluated. If the evaluation is positive, your contract will be extended by 2.5 years (4-year contract).
  • You will receive a starting salary of €2,901 gross per month based on a 38-hour working week, which will increase to €3,707 in the fourth year (salary scale P).
  • You will receive an 8% holiday allowance and an 8,3% end-of-year bonus.
  • You will be able to use our Dual Career and Family Support Service. The Dual Career Programme assists your partner via support, tools, and resources to improve their chances of independently finding employment in the Netherlands. Our Family Support Service helps you and your partner feel welcome and at home by providing customised assistance in navigating local facilities, schools, and amenities. Also take a look at our support for international staff page to discover all our services for international employees.
  • You will receive extra days off. With full-time employment, you can choose between 30 or 41 days of annual leave instead of the statutory 20.

Work and science require good employment practices. This is reflected in Radboud University's primary and secondary employment conditions. You can make arrangements for the best possible work-life balance with flexible working hours, various leave arrangements and working from home. You are also able to compose part of your employment conditions yourself, for example, exchange income for extra leave days and receive a reimbursement for your sports subscription. And of course, we offer a good pension plan. You are given plenty of room and responsibility to develop your talents and realise your ambitions. Therefore, we provide various training and development schemes.

Department

You will join the Digital Security (DiS) group at the Institute for Computing and Information Sciences (iCIS) at Radboud University’s Faculty of Science. The Digital Security group is one of the leading groups in computer security and privacy in the Netherlands and Europe.

Additional information

You can apply only via the button below. Address your letter of application to Lejla Batina. In the application form, you will find which documents you need to include with your application.

The first interviews will take place on 31 January. You will preferably start your employment on 1 April 2025.

We can imagine you're curious about our application procedure. It describes what you can expect during the application procedure and how we handle your personal data and internal and external candidates.

Specifications

  • PhD
  • Natural sciences
  • max. 38 hours per week
  • €2901—€3707 per month
  • University graduate
  • 62.246.24

Employer

Location

Houtlaan 4, 6525XZ, Nijmegen

View on Google Maps

Interesting for you