Scientific Foundations

As wireless technologies become more pervasive, it becomes increasingly important for devices to authenticate the locations of other devices. For example, patients with implantable medical devices (IMDs) may reasonably expect that any device used to control their IMD would have to be within arm's reach, to help prevent unauthorized access to their device. In other words, IMDs should enforce policies based on the proximity, and in general the location, of wirelessly connected devices.

Consider a network where each node is either good or bad. The good nodes all run an algorithm that attempts to achieve a specific goal. The hidden set of bad nodes are controlled by an adversary who uses them to thwart this goal.

Cloud computing allows users to delegate data and computation to cloud providers, at the cost of giving up physical control of their computing infrastructure. An attacker with physical access to the computing platform can perform various physical attacks, referred to as digital insertion and observation attacks, which include probing memory buses, tampering with memory, and cold-boot style attacks. While memory encryption can prevent direct leakage of data under digital observation, memory access patterns to even encrypted data may leak sensitive information.

Both sound software verification techniques and heuristic software flaw-finding tools benefit from the presence of software annotations that describe the behavior of software components. Function summaries (in the form of logical annotations) allow modular checking of software and more precise reasoning. However, such annotations are difficult to write and not commonly produced by software developers, despite their benefits to static analysis. The Crowdsourcing Annotations project will address this deficiency by encouraging software-community-based crowd-sourced generation of annotations.

Cryptographers have invented many different types of encryption. The PIs' research brings many of these under one umbrella, thereby reconceptualizing the landscape of modern cryptography. In the process, the research puts forward some entirely new kinds of encryption. The work is motivated by the needs of existing security practice. Sample questions include how to save space when storing encrypted copies of the same material in the cloud, and how to encrypt a credit-card number by reimagining the process as the shuffling of a deck of cards.