Aarhus University Seal / Aarhus Universitets segl

Meet Associate Professor Diego F. Aranha and his research in Cryptographic Engineering.

Associate Professor Diego F. Aranha. Photo: Sebastian Krog Knudsen

Diego joined Aarhus University in 2018, first as an Assistant Professor at the Department of Engineering. After two years there, he joined the Department of Computer Science as an Associate Professor. His main research interests are the efficient and secure implementation of cryptographic algorithms and protocols, an area called Cryptographic Engineering. At AU, he is also affiliated to the Concordium Blockchain Research Center (COBRA) and serves as the Cybersecurity Lead at the DIGIT Center.

His approach to research includes the application of algorithmic techniques, theoretical tools, and rigorous experimentation to solve efficiency and security problems for the deployment of cryptography. In a world where strong cryptography mediates a substantial part of human activity, its security is critical not only for protecting sensitive information but also societal values like privacy and freedom of speech. The study of techniques to translate the mathematical strength of cryptography to practice, where imperfect software stacks and computing platforms are commonplace, is a challenging but fundamental goal.

Academic background

Diego received his PhD in Computer Science at the University of Campinas in Brazil, under the supervision of Julio López, a co-inventor of the López-Dahab algorithms. During his doctoral studies, he visited the University of Waterloo in Canada for one year to work with Alfred Menezes, and worked as a consultant in cryptography for a few startup companies. Before arriving in Denmark, he was Assistant Professor in Brazil at the University of Brasília and University of Campinas, for a total of 7 years.

During his time in Brazil, he developed new algorithmic and implementation strategies for improving the performance of curve-based cryptography (elliptic curves and pairings), setting several speed records for its implementation in popular computing platforms. He has since broadly expanded his research span to include symmetric lightweight cryptography, cryptography based on physical assumptions, privacy-preserving computing, electronic voting, and lately post-quantum and high-assurance cryptography. In recent years, he also developed enormous interest for the security analysis of real-world systems, having contributed to hardening mobile applications and the official voting machine software used in Brazil. He also participated in the global encryption policy debate, by providing expert assessment at the Brazilian Supreme Court on the dangers of mass surveillance and mandated backdoors in encrypted messaging applications. All these experiences made him an accomplished public speaker and frequent media commentator on topics of his expertise (in La Nación, Ars Technica, Spiegel Online, The Economist, ZDNet). His work in electronic voting was awarded the Innovators Under 35 Brazil by MIT TechReview in 2015, and the results of his research were covered at the prestigious BlackHat and DEF CON security conferences. Finally, he leads the development of the RELIC cryptographic library and can be frequently found talking about science on Twitter.

Top 3 publications

  • Faster Explicit Formulas for Computing Pairings over Ordinary Curves at EUROCRYPT 2011 is his most influential conference paper and most important result from his PhD. The work proposes several optimizations for the efficient computation of cryptographic pairings, including lazy reduction for extension field arithmetic and compressed cyclotomic squarings that found their way in most efficient research and production implementations of pairings.
  • Two is the fastest prime: Lambda coordinates for binary elliptic curves was published at the Journal of Cryptographic Engineering to extend the results awarded with the Best Paper at the CHES 2013 workshop, a premier conference in Cryptographic Engineering. Here, a new coordinate system and associated formulas are proposed for binary elliptic curves that set -- and still hold -- the speed record for elliptic curve implementation.
  • The Return of Software Vulnerabilities in the Brazilian Voting Machine finished a 7-year saga to experimentally demonstrate the security problems with the electronic voting system adopted in Brazilian elections. In this paper, published in the traditional Computers & Security journal, the authors discuss the software vulnerabilities that allowed them to violate ballot secrecy and software integrity to fully compromise the Brazilian voting machine during controlled trials organized by the electoral authority. Later, it informed the (still ongoing) nation-wide debate around the need for adopting paper trails for auditing elections in the country.