This included visiting and collaborating with:
The focus of my first research project is on the design and prototyping of a secure and safe mobile code execution environment in Erlang, the functional language developed by Ericsson for telecommunications applications. Followng this, I am now evaluating and prototyping the best methods for specifying and implementing safety policies in this environment.
This work is summarised in an overview paper with Dan Sahlin called Extending Erlang for Safe Mobile Code Execution (Mar 98, also available as TR CS03/97). The prototype I developed is documented in SSErl - Prototype of a Safer Erlang (Oct 97, also available as TR CS04/97), as is ongoing work as to the best mechanisms to implement Custom Safety Policies in SSErl (Oct 97). I identified a need for extensions to support a hierarchy of nodes within an Erlang system to provide a "custom context", restrictions on "side-effects", and resource limits for processes executing in each node; the use of capabilities for nodes, processes, ports, and user defined references, to provide a finer granularity of control on the use of these identifiers; and support for remote module loading mechanisms that preserve the context for such modules.
This work was presented at the Erlang Users Conference - Aug 97 in a joint talk with Dan Sahlin (CSlabs) Towards an Even Safer Erlang.
Previous technical notes, now superceeded, include: Towards a Safer Erlang (Jun 97), Custom Security Policies in SSErl (Apr 97), and Introducing SERCs Safer Erlang (Apr 97).
Also of interest may be my earlier 1996 survey paper on
Mobile Code Security.
LOKI97
The focus of my second research project is on a redesign of the LOKI encryption algorithm. LOKI is a 64-bit block cipher originally designed as part of my PhD, and revised and strengthened in 1991. Since that time developments in differential, linear, and related key cryptanalyses; along with the development of a number of other ciphers, have led to further insights in cipher design. In this project I am drawing these insights together in order to design the improved LOKI97.
Current information on this project is available from the LOKI97 Research area.
Previous working papers created during the design process include: Design of LOKI97 (Mar 98), Preliminary Analysis of LOKI97 (Oct 97), and Preliminary Thoughts on the Redesign of LOKI (Dec 97).
LOKI97 has been submitted to the call for an Advanced Encryption Standard (AES) by the US NIST.