Cryptography, applied

This project is developing new techniques for manipulating sensitive data by exploring two related areas, computing on private keys and computing on authenticated data. Currently, a private key is an inert object that gives its holder the ability to perform a cryptographic operation on all messages, as may be the case when generating a signature. The project is exploring a new vision, in which computing on the private key itself creates new restricted private keys that can only perform restricted operations such as, for example, signing only some messages but not others.

The critical role of spectrum as a catalyst for economic growth was highlighted in the 2010 National Broadband Plan (NBP). A challenge for the NBP is realizing optimal spectrum sharing in the presence of interference caused by rogue transmissions from any source, but particularly secondary users who share the spectrum. This complex problem straddles wireless technology, industrial economics, international standards, and regulatory policy.

In order to enable collaboration between different parties it is necessary that the partners reach an agreement on the policy rules that will govern their interaction. While state-of-the-art mechanisms will allow the parties to reconcile their polices, today's policy reconciliation protocols have two main shortcomings. First, they violate privacy since at least one of the parties is required to discloses all its information during the reconciliation process. Second, they generally lack fairness, i.e., the parties' preferences are not recognized.

The new CyberCorps(r): Scholarship for Service (SFS) program offered by Marymount University in Arlington, VA educates undergraduate and graduate students in cybersecurity, preparing them for critical positions in the Federal Government. Students are taught and mentored by full-time faculty, with a research focus, and part-time faculty who are working professionals, including SFS alumni.

Side-channel attack (SCA) has shown to be a serious implementation attack to many cryptosystems. Practical countermeasures only mitigate the vulnerability to some extent. Considerable research efforts on leakage-resilient cryptography have so far not led to practical leakage-resilient implementations. One hindering reason is the lack of commonly accepted and sound metrics, standards, and evaluation procedures to measure and evaluate the vulnerability/resilience of cryptosystems to various side-channel attacks.