|
Cryptography is a core component of modern technology. It protects internet transactions, hides usernames and passwords as they traverse networks, protects the data residing on mobile devices and computer disk drives, and much more. The systems that cryptographic mechanisms are tasked with protecting are typically very complex, with many interacting parts and a large number of places that may be vulnerable (often called the "attack surface"). One element of this large attack surface is the connection (or disconnection) between the mathematical algorithms that researchers design and the software that purports to implement these powerful algorithms. When the software fails to accurately implement the mathematical algorithms, much can go wrong in practice. This has led to real-world attacks, even though mathematics proves that no such attacks should be possible. The two main themes of this research are: (1) to develop a broad and deep view of just how prevalent these disconnections are between the mathematical algorithms and their implementation, and (2) to reshape the way that researchers think about their theoretical efforts, so that what they develop is harder for software developers to get wrong, easier to understand, and easier to validate.
More specifically, to date the onus is on the security engineers and developers to understand and correctly realize the cryptographic primitives and protocols that are provably secure in theory, and to reshape their existing code base and application programming interfaces (APIs) as required. This project explores an alternative viewpoint: as real-world libraries and their APIs are necessarily inflexible, the onus is to be on the theory to respect this. Moreover, ease of correct implementation ought to be a primary design goal. Whenever possible, theoretical primitives should be resilient to misunderstandings by developers who lack expertise in cryptography. Concretely, the work includes three main tasks. The first one applies this "API-centric" viewpoint to several important primitives, e.g., secure channels and authenticated key exchange. It also includes efforts to survey existing standards, libraries, and software artifacts. The second task seeks to develop theoretical primitives that are forgiving of their misuse (e.g., primitives that are robust in the face of bad randomness, and that natively handle highly structured plaintext data). The third task is to develop abstract syntax for cryptographic primitives that is "thoughtful" with respect to the real functionalities that will need to be implemented in practice.
|
SaTC: CORE: Small: API-centric Cryptography