TC

Hardware-level security and trust in many of society's microelectronic-based infrastructures, e.g., transportation, energy, etc., is inadequate. This project investigates chip-level hardware primitives that are designed to improve the security and trust in such systems. In particular, many security mechanisms depend on a secret, unique identifier that is associated with the chip or board in the system. An embedded digital signature inserted by the manufacturer is not secure because it can be extracted by adversaries.

Two principal components for providing protection in large-scale distributed systems are Byzantine fault-tolerance (BFT) and intrusion detection systems (IDS). BFT is used to implement strictly consistent replication of state in the face of arbitrary failures, including those introduced by malware and Internet pathogens. Intrusion detection relates to a broad set of services that detect events that could indicate the presence of an ongoing attack. IDSs are far from perfect -- they can both miss attacks or misinterpret events as being malicious.

Modern computer security requires bug-free code at every layer of the software stack. But in a world where operating systems and hypervisors are increasingly buggy, it can be dangerous to assume these components are trustworthy. LockBox provides an additional layer of security such that if the operating system or other system management software fails, certain portions of the system remain resistant to attack.

Authentication is a quintessential problem in computer security. However, most commonly used authentication mechanisms suffer from a variety of shortcomings. Passwords, the most common authentication mechanism, are vulnerable to replay attacks. Physical authentication tokens overcome some of these problems; however, they face deployment and compatibility obstacles.

To stop anonymous tools designed for free speech from being abused by criminals, this project investigates practical solutions to trace back criminals while support free speech for benign users, by exploiting two unique perspectives. First, it utilizes the resource advantages of law enforcement to explore the limitations of anonymous tools. As criminals operated from remote locations usually do not have resources to build large-scale systems, they have to rely on existing anonymous tools with third-party resources to hide their traces.