|
Cryptography is an essential component of today's information
society. Secure Web browsing, remote access to a company network,
and online financial trading are only a few of the many applications
that are unthinkable without strong cryptography.
We are actively pursuing research in cryptography and information
security, addressing many topics from the foundations to practical
applications. This page gives an overview of the current research
activites. Some highlights of our work are:
We maintain close links with the international security and cryptography
research communities through our research contributions, our participation
in scientific conferences, and our contributions to joint research
projects.
From here you can also access:
|
 |
|
| |
|
| |
Cryptographic protection for
data communication is well understood today. But protecting data on
storage devices poses new challenges. One notable difference between
these two problems is that communication uses a channel between two
endpoints, through which data is streamed with a first-in / first-out
characteristic. Storage systems, on the other hand, must provide random
access to small portions of the stored data and may be accessed by
multiple entities. We are designing flexible schemes for data encryption,
key management, and integrity protection of stored data.
More » |
|
| |
|
| |
|
Although cryptographic algorithms have been standardized and are
widely used today, cryptography is not a problem that can be considered
"solved". On the one hand, the resources available to
attackers increase continuously, and this necessitates the periodic
assessment of the strength of existing cryptosystems. On the other
hand, the scientific models used in cryptography need to be better
matched to reality.
We are combining cryptographic and formal proof techniques to develop
systematic, mathematically sound abstractions to prove the security
of secure systems that use cryptography. We are expanding our understanding
of an adversary from a worst-case attacker to a rational agent that
maximizes its payoff, using notions from game theory and economics.
Moreover, we are developing new, efficient cryptographic algorithms
that protect users online and at the same time guarantee their privacy
and anonymity.
More »
|
|
| |
|
| |
Identity theft and phishing
threaten the security of consumer data and business processes on the
Internet. Providing a secure notion of identity is difficult because
a person may have multiple sets of credentials, each of which describes
the person in a particular context (personal, business, school, leisure,
etc.). User-centric identity management systems provide an appealing
solution, in which users retain control of their personal, identity-related
data and can also limit the inadvertent disclosure of privacy-sensitive
information.
More » |
|
| |
|
|
| |
|
|
The IBM Zurich Research Lab is a founding member of the Zurich
Information Security Center (ZISC),
a cooperation dedicated to fundamental and applied research in information
security, led by the Swiss Federal Institute of Technology, Zurich.
We are also participating in the following research projects sponsored
by the European union:
| ECRYPT |
- |
Network of Excellence in Cryptology |
| PRIME |
- |
Privacy and Identity Management for Europe |
| ReSIST |
- |
Resilience for SUrvivability in IST |
|
|
|
| |
|
 |
| |
|
|
