Home Research Research Areas Information Security

Content Start here

Information Security

Information security is an enabling technology which allows us to protect our electronic assets and valuable information stored in our systems or transferred over computer networks from being stolen, damaged or misused by malicious attackers or careless users.

In this age of universal electronic connectivity, individuals and organizations are heavily relying on the availability of interconnected computer systems for storing and communicating their valuable information. However, the presence of malicious attackers and careless users inside and outside the systems as well as on the interconnected computer networks is, at the same time, posing severe threats to our systems. These threats include eavesdropping for accessing confidential information without permission, malevolent attacks and intrusion for destroying and preventing legitimate users from access the systems, or leakage of valuable information due to the misuse of the systems by careless users. In order to continually ensure the availability and enhance the robustness of our systems, we need to apply advanced and state-of-the-art information security techniques to our systems for maintaining secure communications and strong system protection. Systematic methods are also needed to routinely assess the security risks of our systems and networks.

This subject embraces a wide range of technologies such as cryptography, network security and intrusion detection, and also includes the study of how security can best be managed. In the Department of Computer Science, we have a strong group of devoted researchers and competent graduate students working in various fields of cryptography and information security at large. We also organize various seminars and forums to discuss topics which range from the basic notions of information security to advanced cryptographic problems. Our research activities in this area include theoretical cryptographic problems, security protocol design and analysis for secure wireless computing devices, provable security of public key cryptography, as well as risk analysis and security management. We also pioneer the application of PKI technology in an education environment.

People
  • Prof. YAO, Frances Foong (Chair)
  • Prof. DENG, Xiaotie
  • Mr. LEE, Chan Hee (coordinator)
  • Dr. KWOK, Lam For
  • Dr. WONG, Shek Duncan

Current Projects

Anonymous Key Exchange for Roaming Services - Consider the roaming service of an interconnected cellular system, when a mobile user subscribed to a home network is roaming to a visiting network, they carry out a set of protocols for authenticating each other and establishing a session key for data confidentiality. In this project, we focus on enhancing the roaming experience of the mobile users by providing them anonymity and unlinkability. We design new protocols for providing authenticated key exchange while keeping the roaming user anonymous so that no one except the user's home network can find out the user's movements and whereabouts. (Dr. Wong)

Lightweight Key Establishment Protocols - This project concerns the design and analysis of key establishment protocols which can be carried out efficiently on resource constrained wireless devices such as those in Personal Area Networks (PANs) and sensor networks. (Dr. Wong)

Spontaneous Group Cryptography - On the topics of encryption, digital signature and authentication of contemporary cryptography, group cryptography is the study of these areas when there is a collection of entities which are working jointly to carry out these operations. Spontaneous group cryptography is a kind of group cryptography in which group members can carry out various cryptographic operations on behalf of the group without the help of any trusted third party or group manager. We design new schemes in this area and study their security models. These schemes include ring signatures, custodian-hiding verifiable encryption and spontaneous group key management. (Dr. Wong)

Anonymous Signature - A conventional signature scheme by itself should be publicly verifiable, that is, given the public key of a signer and the corresponding message, the signature can be verified. However, if the message is not given and the signer is not explicitly specified, a signature scheme may be able to provide identity hiding for the signer without introducing any additional mechanism. In this project, we investigate the formal security definitions and devise signature schemes which have this property. (Dr. Wong)