Blue and green image showing binary code in circles

Electronic Security & Privacy, Research & Innovation Lab (ESPRI)

About Us

The Electronic Security & Privacy, Research & Innovation Lab (ESPRI) Lab is a focal point for information security and privacy research and innovation in the Department of Computer Science at the University of Calgary.  The ESPRI Lab is part of The Institute for Security, Privacy and Information Assurance (ISPIA).

Our Vision

  • To Excel and Innovate in information security and privacy research and training, and through them positively impact society.
  • To Promote collaborative and industry-driven research and innovation.

Our History

ESPRI Lab is the successor of iCORE Information Security Laboratory (iCIS Lab), founded in 2007 through a research grant by Alberta Innovates, formerly iCORE (Informatics Circle of Research Excellence).

Latest news

UCalgary research raises questions about internet security

Computer scientist Joel Reardon in Faculty of Science, and U.S. colleague, uncover privacy concerns about ‘root certificate authority’

Partners team up to fight cybercrime

UCalgary brings expertise in network and software security to partnership with police and industry

Computer science alum aims to preserve people’s privacy in internet-connected 'smart' environments

Faculty of Science grad Emmanuel Onu is developing a 'privacy assistant' tool that works with mobile phones

Congratulations to Dr. Joel Reardon for recent award

Joel Reardon has received the Emilio Aced Research and Personal Data Protection Award.

UCalgary computer science and business professors advise Bank of Canada on central bank digital currency design

Interdisciplinary team selected to propose a framework that supports centralized digital cash

Upcoming events



Congratulations!

Warmest congratulations to our recent graduates!

Supervisor: Reihaneh Safavi - Naini

Thesis Title: Contributions to Information Theoretic Multiterminal Secret Key Agreement

Abstract: A multiterminal secret key agreement (SKA) protocol is used to establish a shared se- cret key among a group of terminals. We study SKA protocols with information-theoretic security. In the source model of SKA, each terminal can sample from a correlated random variable. In the channel model of SKA, terminals instead are connected through an un- derlying noisy channel that is used for distributing the correlated variables. The terminals arrive at a shared secret key by establishing correlation (as per the presumed source/channel model) and communicating over a noiseless authenticated public channel. In the general models of SKA, it is assumed that terminals’ variables are partially leaked to the adversary, Eve, in the form of a random variable which we call Eve’s wiretap side information. Eve has unlimited computational power and has read access to all public communication mes- sages. The key rate of an SKA protocol is given by the key length divided by the terminals’ variables length, and the maximum possible key rate calculated for an SKA model is called the wiretap secret key (WSK) capacity of that model. Finding a general expression for the WSK capacity continues to be one of the hardest open problems within the context of information-theoretic key agreement.

Our contributions include proving the WSK capacity and proposing capacity achieving SKA protocols for the wiretapped PIN, Tree-PIN, and Polytree-PIN models, that are special multiterminal SKA models of interest in practice. Also, we introduce a new channel model of SKA that we call the transceiver model for which we prove multiple upper and lower bounds on key capacity under various assumptions. Furthermore, we note that traditionally the key capacity was studied and calculated for SKA models, while in the actual implementation of SKA protocols, the achievable key length as a function of terminals’ variables length is needed. Compared to calculating WSK capacity, finding the key length requires different information-theoretic techniques for evaluating the protocols. We prove finite-length upper and lower bounds on the maximum achievable key length for some of the models that we have considered. In the concluding sections, we outline directions for future research.

Supervisor: Reihaneh Safavi - Naini

Thesis Title: Resource Sharing using Permissioned Blockchain: The Case of Smart Neighborhood


Abstract: In a resource sharing system users can offer goods and services with specified conditions which if satisfied, the access will be granted. In conventional resource sharing systems, users' interactions are mediated by a trusted authority (TA). As a result, TA becomes the single point of trust and has access to users' data. In addition, TA requires significant processing and management capabilities, and the ability to handle many requests simultaneously which may make it a single point of failure under various denial of service attacks. Motivated by the advantages of emerging blockchain technology, a decentralized resource sharing system was proposed which uses a permissioned blockchain based resource sharing system for allowing users to share their digital items and credentials with specified attributed-based access policies, and are enforced through a set of smart contracts. The system eliminates the need for a trusted intermediary and overcome the shortcomings associated to it. However, such a system allows users' accesses to be tracked and has limited availability since access to a resource requires the resource's owner to be online.

Our proposed architecture offers the same required functionality while ensuring user privacy and access automation, and eliminating the requirement for the resource owner to be online. We use two cryptographic primitives, Ciphertext Policy Attribute-Based Encryption (CPABE) and ring signatures, and develop smart contracts that allow specification of the user-defined policies. We analyze security and privacy of this system, provide the description of smart contracts and construct protocols for the proposed system. We present a case study and conduct performance evaluation of cryptographic primitives and blockchain operations, and show that the overhead for cryptographic operations is adding up to two seconds to the user interaction time, and the gas cost is below 2600000. We design and implement a web application, smart neighborhood, which represents the proposed system by providing user interface (UI) for its user. Although our work is motivated by sharing digital items in distributed resource sharing system, our design and implementation are general and can be employed for wider applications for privacy-preserving sharing of digital items.