Protect

This project aims to obtain provably optimal cryptographic constructions, using objectively practical techniques, for a wide range of tasks. To achieve this goal, the project makes progress on three technical fronts. First, a general-purpose framework is developed that encompasses and systematizes known practical cryptographic techniques from many domains. Second, the project develops techniques for proving concrete, fine-grained lower bounds about constructions within this framework. Finally, techniques from program synthesis will be applied to the new framework.

Internet users concerned about their privacy, including whistleblowers and dissident citizens of totalitarian states, depend on reliable means to access Internet services anonymously. However, recent events publicized in popular press demonstrate that these services offer little privacy and anonymity in practice. For example, recent subpoena requiring Twitter to provide connection details of suspected Wikileaks supporters showed that governments can readily discover the network identities of Web users.

The objective of this project is to gather empirical evidence on the tradeoffs between security and usability in programming language and library design. Although it is well known that poorly-designed interfaces can lead to increased defect rates and software vulnerabilities, there is currently little specific guidance to designers on what precise language and library features make programmers more or less likely to write vulnerable code. Furthermore, little of the existing guidance is empirically based. The project will develop empirically-based guidance on two issues.

A wide range of cloud services and applications operate on sensitive data such as business, personal, and governmental information. This renders security and privacy as the most critical concerns in the cloud era. The objective of this project is to question the separation approach in the design of security and reliability features of storage systems, and to investigate new, coding-based security mechanisms based on a joint-design principle. The proposed program will result in a myriad of outcomes.

Increasing cyber security depends on our ability to guarantee that the system will provide the expected functionality under normal circumstances as well as if the system is perturbed by some random events or security threats. Providing such guarantee is often complicated due to several factors such as changes in system requirements caused by user demands, exposure to a new threat model that was not considered (or not relevant) in the original design, or identifying bugs or vulnerabilities during a system life cycle.