Contemporary encryption schemes are almost exclusively distribution-agnostic. Their security properties are independent of the statistical characteristics of plaintexts, and the output of these schemes are ciphertexts that are uniformly distributed bit strings, irrespective of use case. While conceptually simple, such encryption schemes fail to meet basic, real-world requirements and have left longstanding functional gaps in key security applications. This project investigates new formalisms and methodologies to guide scientific exploration of such security challenges and yield novel, principled solutions backed by experimental validation and robust, practical design. The project develops a new framework, called Distribution-Sensitive Cryptography (DSC), for cryptographic tool design that will connect and improve upon several existing primitives and produce entirely new ones. DSC can be applied to create new solutions to security challenges for which good approaches have historically been elusive, including brute-force attacks against password-based encryption, censorship of encrypted protocols, and securing human-generated authentication secrets. The investigators are actively engaged with industry partners, to glean real-world requirements and to transition the new tools into practice.
TWC: Medium: Collaborative: Distribution-Sensitive Cryptography