Division of Computing and Communication Foundations (CCF)
group_project
Submitted by Giuseppe Ateniese on Tue, 12/19/2017 - 10:20am
Informally speaking, Secure Multi-Party Computation (SMPC) allows two or more parties to jointly compute some function on their private inputs in a distributed fashion (i.e., without the involvement of a trusted third party) such that none of the parties learns anything beyond its dedicated output and what it can deduce from considering both this output and its own private input. Since its inception in 1982 by Yao, SMPC has advanced greatly and over the years a large body of work has been developed.
group_project
Submitted by Shuangqing Wei on Mon, 12/18/2017 - 3:35pm
The project aims at quantifying a general network's inner potential for supporting various forms of security by achieving secret common randomness between pairs or groups of its nodes. Statistical and computational secrecy measures are being considered against a general passive adversary. Common-randomness-achieving protocols are classified into two groups: culture-building and crowd-shielding. The former achieves common randomness between nodes situated in close proximity of each other, from correlated observations of specific (natural or induced) network phenomena.
group_project
Submitted by asarwate on Mon, 12/18/2017 - 3:18pm
Medical technologies such as imaging and sequencing make it possible to gather massive amounts of information at increasingly lower cost. Sharing data from studies can advance scientific understanding and improve healthcare outcomes. Concern about patient privacy, however, can preclude open data sharing, thus hampering progress in understanding stigmatized conditions such as mental health disorders.
group_project
Submitted by lalithasankar on Mon, 12/18/2017 - 3:13pm
Information sharing between operators (agents) in critical infrastructure systems such as the Smart Grid is fundamental to reliable and sustained operation. The contention, however, between sharing data for system stability and reliability (utility) and withholding data for competitive advantage (privacy) has stymied data sharing in such systems, sometimes with catastrophic consequences. This motivates a data sharing framework that addresses the competitive interests and information leakage concerns of agents and enables timely and controlled information exchange.
group_project
Submitted by Stephen Chong on Mon, 12/18/2017 - 3:03pm
Language-based security (the use of programming language abstractions and techniques for security) holds the promise of efficient enforcement of strong, formal, fine-grained, application-specific information security guarantees. However, language-based security has not yet reached its potential, and is not in widespread use for providing rich information security guarantees.
group_project
Submitted by Allison Lewko on Mon, 12/18/2017 - 2:32pm
Modern cryptography offers an impressive virtual buffet to a consumer who is wealthy in resources, with powerful tools like fully homomorphic encryption (which allows a provider to compute with encrypted values while keeping the client's data safe) and general purpose obfuscation (which allows one to hide the purpose of a given computation). But for more modestly minded users, who seek to perform less lofty tasks using more affordable computing resources or under more time-tested assumptions, the offerings are comparatively paltry.
group_project
Submitted by angelos on Thu, 12/14/2017 - 6:58pm
This project will investigate, prototype and evaluate CloudFence, a proposed framework that allows users to independently audit the treatment of their private data by third-party online services, through the intervention of the cloud provides hosting said services.
group_project
Submitted by Ben Hardekopf on Tue, 10/17/2017 - 2:08pm
This research project helps secure the privacy of web browser users. It specifically targets the browser addon framework, which allows third-party developers to extend the browser's functionality. These addons are written in JavaScript and have extraordinary privileges and access to sensitive user information. Therefore, vetting third-party addons to prevent malicious or accidental security violations is critical. However, the current vetting process for browser addons is manual and ad-hoc, making this process both tedious and error-prone.
group_project
Submitted by tiwari on Mon, 10/09/2017 - 4:36pm
Applications that run on billions of mobile devices backed by enormous datacenters hold the promise of personal, always-on healthcare; of intelligent vehicles and homes; and thus of a healthier, more efficient society. It is imperative to make such applications secure by protecting their integrity and keeping their data confidential. However, malicious programs (``malware'') today can subvert the best software-level defenses by impersonating benign processes on mobile devices or by attacking victim processes through the hardware on shared datacenter servers.
group_project
Submitted by Michael Rosulek on Mon, 10/09/2017 - 12:42pm
Our society is becoming increasingly reliant on powerful and interconnected computing devices that store much of our personal information. These devices present an ever-growing tension between the desire for our personal information to be private, and the desire to put our personal information to good use for our own convenience. In cryptography, problems that involve requirements of useful computation and privacy are understood through the lens of secure multi-party computation (SMPC).
