Cryptographic engineering focuses on the design, implementation, optimization, and evaluation of cryptographic systems to make them practical, secure, and efficient for real-world applications. It bridges the gap between theory and practice, ensuring that cryptographic systems not only have formal security analysis but are also implemented securely, and perform well under practical constraints like runtime, memory, and energy. In a world where strong cryptography mediates a substantial part of human activity, its real-world security becomes just as critical as theoretical soundness.

Common concerns in cryptographic engineering are how to generate and distribute secret keys, how to design interfaces to prevent misuse, how to implement algorithms such that they do not leak information when they run in real processors, or even how to formally verify that implementations are correct and do not have dangerous corner cases. Rigorous experimentation plays a crucial role, as analyzing how implementations can be broken informs the design of better systems.

In our group, we work particularly with the engineering of algorithms based on elliptic curves. We have discovered new optimizations, achieved award-winning speed records, found new vulnerabilities in widely-deployed libraries, novel ways to detect those vulnerabilities, and generated correct-by-design code for new algorithms.

Cryptographic engineering helps protect the security and privacy of everyday digital activities, from online banking to private messaging. By making cryptographic systems practical and reliable, it ensures that people’s sensitive information stays safe even as technology advances. Our work helps build stronger, faster, and safer digital tools that millions of people depend on every day.