Scientific Foundations

This project addresses how semiconductor designers can verify the correctness of ICs that they source from possibly untrusted fabricators. Existing solutions to this problem are either based on legal and contractual obligations, or use post-fabrication IC testing, both of which are unsatisfactory or unsound. As a sound alternative, this project designs and fabricates verifiable hardware: ICs that provide proofs of their correctness for every input-output computation they perform in the field.

Safeguarding sensitive user information stored in computer systems is a fast growing concern, especially as computers are universally used everywhere from national defense to mobile phones. Malicious hackers have found unscrupulous ways to steal sensitive information largely by exploiting the vulnerabilities in existing hardware and software. Among the many forms of information leakage, covert timing channels exfiltrate secrets from a trojan process with higher security credentials to a spy process with lesser credentials by exploiting the access timing of system resources.

The protection of cyber-physical critical infrastructures such as the power grid, water distribution networks, and transportation networks against computer attacks is a matter of national security, public safety, and economic stability; however, most of these critical assets are owned and operated by private companies with pressing operational requirements, tight security budgets, and aversion to regulatory oversight. As a result it is not clear that market incentives alone will create enough momentum to improve the security posture of these systems.

Common smartphone authentication mechanisms such as PINs, graphical passwords, and fingerprint scans offer limited security. They are relatively easy to guess or spoof, and are ineffective when the smartphone is captured after the user has logged in. Multi-modal active authentication addresses these challenges by frequently and unobtrusively authenticating the user via behavioral biometric signals, such as touchscreen interaction, hand movements, gait, voice, and phone location.

Autonomous systems (AS) are key building blocks of the Internet's routing infrastructure. Surveillance of AS may allow large-scale monitoring of Internet users. Those who aim to protect the privacy of their online communications may turn to anonymity systems like Tor, but Tor is not designed to protect against such AS-level adversaries. AS-level adversaries present unique challenges for the design of robust anonymity systems and present a very different threat model from the ones used to design and study systems like Tor.