TWC

Most traditional approaches to computer security assume that information from the system can only be sent through intended output channels, such as network connection, monitor, portable disk drive, etc. Side-channel and covert-channel attacks circumvent these protections by extracting information that is leaked or deliberately sent from the system through unintended signals, such as electromagnetic emanations, power consumption, timing of computational activity, etc.

Mobile computing technologies are rapidly evolving and phone (and other mobile device) manufacturers are under constant pressure to offer new product models. Each manufacturer customizes operating system software for its devices and often changes this software to support its new models. Given the many manufacturers in the mobile device marketplace and the many different generations of products, there are many customized branches of mobile operating systems in use at any time.

Malware (e.g., viruses, worms, and Trojans) is software that deliberately fulfills the harmful intent of an attacker. It has been used as a major weapon by the cyber-criminals to launch a wide range of attacks that cause serious damages and significant financial losses to many Internet users. To protect legitimate users from these attacks, the most significant line of defense against malware is anti-malware software products, which predominately use signature-based methods to recognize threats.

This project aims to obtain provably optimal cryptographic constructions, using objectively practical techniques, for a wide range of tasks. To achieve this goal, the project makes progress on three technical fronts. First, a general-purpose framework is developed that encompasses and systematizes known practical cryptographic techniques from many domains. Second, the project develops techniques for proving concrete, fine-grained lower bounds about constructions within this framework. Finally, techniques from program synthesis will be applied to the new framework.

Internet users concerned about their privacy, including whistleblowers and dissident citizens of totalitarian states, depend on reliable means to access Internet services anonymously. However, recent events publicized in popular press demonstrate that these services offer little privacy and anonymity in practice. For example, recent subpoena requiring Twitter to provide connection details of suspected Wikileaks supporters showed that governments can readily discover the network identities of Web users.