Security and Cryptography

Established: July 13, 2009

The MSR-T Security & Cryptography group does applied research in systems security and cryptography.


Summer 2015

  • Ping Ngai (Brian) Chung, University of Chicago
  • Eric Crockett, Georgia Institute of Technology
  • Matthew Bernhard, University of Michigan
  • Rahul Chatterjee, Cornell University
  • Tim Ruffing, Saarland University
  • Zhe Liu, University of Luxembourg

Summer 2014

  • Benjamin Dowling, Queensland University of Technology
  • Michael Wesolowski, University of Waterloo
  • Zheng Dong, Indiana University Bloomington














MSR JavaScript Cryptography Library

December 2015

    Click the icon to access this download

  • Website


June 2015

    Click the icon to access this download

  • Website

Distributed Key-Manager Verification

December 2010

This package contains the F# and F7 source files to aid in the verification of a distributed key-management system. This new component implements a data-protection API for groups of clients. To enable long-term data protection, it supports cryptographic agility so cryptography algorithms and policies can evolve for protecting fresh data while preserving access to old…

Size: 32 KB

    Click the icon to access this download

  • Website


Lattice Cryptography Library

Established: April 19, 2016

LatticeCrypto is a high-performance and portable software library that implements lattice-based cryptographic algorithms. The first release of the library provides an implementation of lattice-based key exchange with security based on the Ring Learning With Errors (R-LWE) problem using new algorithms for the underlying Number Theoretic Transform (NTT) [1]. The chosen parameters provide at least 128 bits of security against attackers running classical and quantum computers. LatticeCrypto implements the key exchange protocol proposed by Alkim, Ducas,…

SIDH Library

Established: April 16, 2016

SIDH Library is a fast and portable software library that implements a new suite of algorithms for supersingular isogeny Diffie-Hellman key exchange [1]. The chosen parameters aim to provide 128 bits of security against attackers running a large-scale quantum computer, and 192 bits of security against classical algorithms. SIDH has the option of a hybrid key exchange that combines supersingular isogeny Diffie-Hellman with a high-security classical elliptic curve Diffie-Hellman key exchange at a small overhead. SIDH is…


Established: August 26, 2015

FourQlib is an efficient and portable math library that provides functions for computing essential elliptic curve operations on a new, high-performance curve called "FourQ". This curve targets the 128-bit security level and supports computations that are significantly faster than any other alternative; e.g., it is between four and five times faster than the NIST P-256 curve and between two and three times faster than Curve25519. The library is available for download at the link below.…

MSR Elliptic Curve Cryptography Library

Established: June 27, 2014

MSR ECCLib is an efficient cryptography library that provides functions for computing essential elliptic curve operations on a new set of high-security curves.  All computations on secret data exhibit regular, constant-time execution, providing protection against timing and cache attacks.  The library is available for download below. Library Features MSR ECCLib supports six high-security elliptic curves proposed in [2], which cover three security levels (128-, 192-, and 256-bit security) and two curve models. The curves have a…

MSR JavaScript Cryptography Library

Established: June 17, 2014

JavaScript cryptographic algorithm implementations suitable for use in all cloud services The MSR JavaScript Cryptography Library has been developed for use with cloud services in an HTML5 compliant and forward-looking manner. The algorithms are exposed via the W3C WebCrypto interface, and are tested against the Internet Explorer 11 implementation of that interface. The library currently supports RSA encrypt/decrypt (PKCS#1 v1.5, OAEP, and PSS), AES-CBC and GCM encrypt/decrypt, SHA-256/384/512, HMAC with supported hash functions, PRNG (AES-CTR based)…


Established: February 25, 2012

U-Prove components are released in the Security and Cryptography Incubations Quarterly Technology Drop.   Overview A U-Prove token is a new type of credential similar to a PKI certificate that can encode attributes of any type, but with two important differences: 1) The issuance and presentation of a token is unlinkable due to the special type of public key and signature encoded in the token; the cryptographic “wrapping” of the attributes contain no correlation handles.…

Verifiable Computing

Verifiable computation schemes enable a client to outsource the computation of a function F on various inputs to an untrusted worker, and then verify the correctness of the returned results. Critically, the outsourcing and verification procedures must be more efficient than performing the computation itself. In more detail, we introduce and formalize the notion of Verifiable Computation, which enables a computationally weak client to "outsource" the computation of an arbitrary function F on…