Cryptography, applied

group_project

Visible to the public EDU: QuaSim: A Virtual Interactive Quantum Cryptography Educator-A Project-based Gamified Educational Paradigm

Submitted by Abhishek Parakh on Thu, 10/12/2017 - 4:58pm

Video-based traffic monitoring systems have been widely used for traffic management, incident detection, intersection control, and public safety operations. Current designs pose critical challenges. First, it relies heavily on human operators to monitor and analyze video images. Second, commercially available computer vision technologies cannot satisfactorily handle severe conditions, such as weather and glare, which significantly impair video image quality.

group_project

Visible to the public TWC: TTP Option: Frontier: Collaborative: MACS: A Modular Approach to Cloud Security

Submitted by Ran Canetti on Thu, 10/12/2017 - 2:13pm

The goal of the Modular Approach to Cloud Security (MACS) project is to develop methods for building information systems with meaningful multi-layered security guarantees. The modular approach of MACS focuses on systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where the security of the system as a whole can be derived from the security of its components. The project concentrates on building outsourced, cloud-based information services with client-centric security guarantees.

group_project

Visible to the public NSFSaTC-BSF: TWC: Small: Practical Plausibly Deniable Encryption through Low-Level Storage Device Behavior

Submitted by Radu Sion on Wed, 10/11/2017 - 1:25pm

Plausibly deniable encryption is the ability to hide that given data is on a device, whether the ability exists to decrypt it, or even that the data exists. Plausible deniability is a powerful property to protect data on devices the user has lost physical control over, such as protecting consumers from accidental mass disclosures of private data through misplaced devices. This issue is of particular concern for anyone who travels internationally with sensitive data, including human rights workers, diplomats, military personnel, or even business travelers.

group_project

Visible to the public TTP: Medium: A Campus Pilot For A Privacy-Enabled Cloud Storage, Search, and Collaboration Portal for Education

Submitted by Radu Sion on Wed, 10/11/2017 - 1:23pm

As higher education institutions consider moving services to the cloud to save costs and improve collaboration, significant challenges to successful large-scale adoption still exist. Institutions are unwilling to risk cloud deployment because provable technological defenses have thus far been lacking. Control over sensitive data is relinquished without the institution's knowledge, liability is shifted and data breach risks are significantly increased. Further, regulatory-sensitive data has become an increasingly attractive target.

group_project

Visible to the public TWC: Option: Medium: Collaborative: Authenticated Ciphers

Submitted by Phillip Rogaway on Wed, 10/11/2017 - 12:57pm

OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.

group_project

Visible to the public TWC: Small: Evaluating and Improving Security in Emerging Branchless Banking Systems

Submitted by Patrick Traynor on Wed, 10/11/2017 - 11:51am

Branchless banking brings much-needed financial services to the unbanked in both the developing and developed worlds. Leveraging ubiquitous cellular networks, these services are now being deployed as smart phone apps, providing an electronic payment infrastructure where alternatives such as credit cards generally do not exist. Over 30% of the GDP in many such nations can now be attributed to branchless banking applications, many of which now perform more transactions per month than traditional payment processors including PayPal.

group_project

Visible to the public GREPSEC III: Underrepresented Groups in Security Research

Submitted by tbenzel on Wed, 10/11/2017 - 1:16am

This proposal provides funding for the third GREPSEC: Underrepresented Groups in Security Research workshop, which will held in May 2017, in San Jose CA. This day-and-a-half-long workshop intended for women and underrepresented minorities in computer security and privacy, will be co-located with the IEEE Computer Society's Security and Privacy Symposium, the premier conference in security.

group_project

Visible to the public EDU: Development and Analysis of a Spiral Theory-based Cybersecurity Curriculum

Submitted by Vinod Lohani on Wed, 10/11/2017 - 12:49am

In this SaTC-EDU project at Virginia Tech, faculty members and graduate students in the Engineering Education, Computer Science (CS), Electrical & Computer Engineering (ECE) and the Hume Center for National Security and Technology in College of Engineering are collaborating to develop and implement a unique curriculum delivery model in cybersecurity into the CS and ECE curricula using Jerome Bruner's spiral theory approach.

group_project

Visible to the public TWC: Medium: Collaborative: Black-Box Evaluation of Cryptographic Entropy at Scale

Submitted by Nadia Heninger on Tue, 10/10/2017 - 10:21am

The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.

group_project

Visible to the public TWC: Small: Collaborative: An Iterative Approach to Secure Computation

Submitted by Muthuramakrishn V... on Tue, 10/10/2017 - 10:16am

Secure multi-party computation (SMC) allows several mutually untrusting parties to perform joint computations while keeping their inputs private. This project develops new techniques for constructing two-party secure computation protocols with low communication overhead. Building on the PIs prior work for constructing special-purpose secure computation protocols for greedy algorithms, this project aims to develop new techniques that exploit the algorithmic structure of a function in order to develop more efficient secure computation protocols.