Currently, on an almost weekly basis there are reports on security breaches which expose private information such as passwords or credit card numbers to cyber criminals. In order to address this problem, this project develops theoretical foundations and cryptographic approaches, and analyzes these new mechanisms. This project focuses on three areas of great practical interest: (1) the recovery of a cryptographic key by an adversary; (2) delegatable format-preserving encryption which, for example, allows the in-place encryption of credit-card numbers while limiting the damage in case of a compromise, and (3) user authentication on the Internet. The broader impact of this work is in that the team will develop a software library PlayCrypt with the goal to make cryptography more accessible to a larger population.
Key-recovery attacks discussed in the literature lack precise models and rigorous estimates of success probability. To address this shortcoming, this project defines metrics for key-recovery security in order to enable rigorous claims about attacks and to be able to prove hedging theorems that complement moderately good security bounds under strong metrics with better bounds under these newly-developed key-recovery metrics. This is of great interest and value as key-recovery attacks are considered much more damaging in practice than violations of semantic security. Furthermore, this project defines security metrics for delegatable format-preserving encryption (FPE). FPE is widely used for in-place encryption of credit-card numbers, and delegation allows the damage from physical compromise of terminals to remain local. The project is also geared to inform current standardization efforts. As a third direction, this project considers client-to-server authentication over the Internet. Today's paradigm of passing the password to the server over a server-authenticated TLS (Transport Layer Security) channel exhibits many vulnerabilities. This project formalizes the notion of piggy-backed authentication which allows the client to convince the server of its identity without handing it its password yet designing this mechanism in such a fashion that allows its implementation within the current TLS-based web-security architecture in order to maximize the impact of this work in practice.
SaTC: CORE: Small: Foundations of Applied Cryptography