PhD Position: AI-assisted Physical Attacks on PQC Implementations

Employment 1.0 FTE

Gross monthly salary € 2,872 - € 3,670

Required background Research University Degree

Organizational unit Faculty of Science

Application deadline 14 January 2025

Are you passionate about security and privacy and protecting user data? Do you believe that quantum-safe crypto algorithms can run securely on small devices?  If so, join the Digital Security (DiS) group as a PhD candidate and help shape the future of secure technology!

Post-quantum cryptography (PQC) standards are gradually replacing public-key cryptography (PKC). This shift is driven by the vulnerability of existing PKC-based protocols to potential cryptanalysis attacks facilitated by quantum computers. While PQC algorithms are robust to known mathematical attacks, they are susceptible to physical attacks that monitor system execution (via side-channels). Therefore, it is crucial to identify and address these vulnerabilities before PQC is widely adopted. However, this new class of algorithms uses much larger key sizes, needs more resources in general, and uses more complex schemes (than classical PKC), making them considerably more computationally expensive than hardened PKC algorithms. This poses various non-trivial challenges to state-of-the-art methods for side-channel analysis (SCA) techniques for the security testing and validation of embedded systems. To ensure that critical digital infrastructure will withstand the quantum threat, we need to rethink the way digital devices are assuredly secured early on in their design stage in order to overcome existing methodological and computational inefficiencies.

This project investigates how to efficiently evaluate the resistance of post-quantum cryptographic implementations to physical attacks. The increased key sizes and more complex mathematical principles of PQC, in combination with countermeasures to side-channel analysis (SCA) attacks, significantly increase the data and computational complexity to analyse an implementation and evaluate side-channel leakage and fault tolerance. The project will exploit similarities and connections between side-channel analysis and genomics to develop novel methods and computational approaches for future-proof SCA techniques. It will create an advanced security testing suite that incorporates cutting-edge bio-inspired and deep learning-based SCA techniques, as well as several hardware acceleration IP blocks, optimised for high-performance SCA.

The concrete focus of your PhD research will be determined based on your interests and background. Possible topics and tasks include, but are not limited to: (i) considering existing deep learning SCA methodologies and revisiting them in the light of new complexity issues brought by implementations of PQC; (ii) exploring connections between bio-based and deep learning methods and their role in security evaluation, (iii) developing novel SCA methods inspired by genomics principles and algorithms, (iv) performing leakage assessment as a combination of techniques derived in the project and showcasing them on lightweight and PQC crypto implementations; (v) exploring language models for SCA.

You will be supervised by Lejla Batina and Stjepan Picek to conduct research and publish the results in top-ranked international academic conferences and journals. Within the project, you are expected to collaborate with researchers from the University of Twente and a number of companies in the project’s user committee.

You will spend about 10% of your time (0.1 FTE) assisting with teaching at our department. This will typically include tutoring practical assignments, grading coursework, and supervising student projects.

Profile

• You should hold a Master’s degree in computer science, engineering, or a related field or expect to obtain such a degree soon.
• You have solid programming skills and an affinity for using machine learning in your work.
• You have a strong interest in cryptography and embedded systems security and particularly in their real-world deployment.
• You are proficient in English and have good communication, presentation and writing skills

We are

You will join the Digital Security (DiS) group  at the Institute for Computing and Information Sciences (iCIS) at Radboud University’s Faculty of Science. The Digital Security group is one of the leading groups in computer security and privacy in the Netherlands and Europe.

Radboud University

At Radboud University, we aim to make an impact through our work. We achieve this by conducting groundbreaking research, providing high-quality education, offering excellent support, and fostering collaborations within and outside the university. In doing so, we contribute indispensably to a healthy, free world with equal opportunities for all. To accomplish this, we need even more colleagues who, based on their expertise, are willing to search for answers. We advocate for an inclusive community and welcome employees with diverse backgrounds, cultures, and perspectives. Will you also contribute to making the world a little better? You have a part to play.

If you want to learn more about working at Radboud University, follow our Instagram account and read stories from our colleagues.

Faculty of Science
The Faculty of Science (FNWI), part of Radboud University, engages in groundbreaking research and excellent education. In doing so, we push the boundaries of scientific knowledge and pass that knowledge on to the next generation.
We seek solutions to major societal challenges, such as cybercrime and climate change and work on major scientific challenges, such as those in the quantum world. At the same time, we prepare our students for careers both within and outside the scientific field.
Currently, more than 1,300 colleagues contribute to research and education, some as researchers and lecturers, others as technical and administrative support officers. The faculty has a strong international character with staff from more than 70 countries. Together, we work in an informal, accessible and welcoming environment, with attention and space for personal and professional development for all.

We offer

• We will give you a temporary employment contract (1.0 FTE) of 1,5 years, after which your performance will be evaluated. If the evaluation is positive, your contract will be extended by 2.5 years (4-year contract).     
• You will receive a starting salary of €2,872 gross per month based on a 38-hour working week, which will increase to €3,670 in the fourth year (salary scale P).
• You will receive an 8% holiday allowance and an 8,3% end-of-year bonus. 
• You will be able to use our Dual Career and Family Support Service. The Dual Career Programme assists your partner via support, tools, and resources to improve their chances of independently finding employment in the Netherlands. Our Family Support Service helps you and your partner feel welcome and at home by providing customised assistance in navigating local facilities, schools, and amenities. Also take a look at our support for international staff page to discover all our services for international employees.
• You will receive extra days off. With full-time employment, you can choose between 30 or 41 days of annual leave instead of the statutory 20. 

Additional employment conditions

Work and science require good employment practices. Radboud University's primary and secondary employment conditions reflect this. You can make arrangements for the best possible work-life balance with flexible working hours, various leave arrangements and working from home. You are also able to compose part of your employment conditions yourself. For example, exchange income for extra leave days and receive a reimbursement for your sports membership. In addition, you receive a 34% discount on the sports and cultural activities at Radboud University as an employee. And, of course, we offer a good pension plan. We also give you plenty of room and responsibility to develop your talents and realise your ambitions. Therefore, we provide various training and development schemes.

Practical information and applying

You can apply only via the button below. Address your letter of application to Lejla Batina. In the application form, you will find which documents you need to include with your application.

The first interviews will take place on 31 January. You will preferably start your employment on 1 April 2025.
We can imagine you're curious about our application procedure. It describes what you can expect during the application procedure and how we handle your personal data and internal and external candidates. 

Application deadline 14 January 2025

We would like to recruit our new colleague ourselves. Acquisition in response to this vacancy will not be appreciated.

Would you like more information?

Prof. L. Batina (Lejla)

lejla.batina@ru.nl