Protect

group_project

Visible to the public TWC: Small: Secure Near Field Communications between Mobile Devices

Submitted by Kai Zeng on Tue, 11/14/2017 - 11:20am

By the end of this decade, it is estimated that Internet of Things (IoT) could connect as many as 50 billion devices. Near Field Communication (NFC) is considered as a key enabler of IoT. Many useful applications are supported by NFC, including contactless payment, identification, authentication, file exchange, and eHealthcare, etc. However, securing NFC between mobile devices faces great challenges mainly because of severe resource constraints on NFC devices, NFC systems deployed without security, and sophisticated adversaries.

group_project

Visible to the public TWC: Small: System Infrastructure for SMM-based Runtime Integrity Measurement

Submitted by Karen Karavanic on Tue, 11/14/2017 - 11:11am

The World Wide Web and computer "clouds" have become widely used, and are interwoven into many activities of daily life, from shopping to socializing to education. But the data center servers that are the backbone of this richly connected world remain vulnerable to malicious software ("malware"). Over the past decade, attacks have increased in number and sophistication, motivated by both financial and political goals. The results include consumer concerns about identify theft and fraudulent charges, corporate concerns about millions of dollars in losses, and potential defense concerns.

group_project

Visible to the public  CAREER: Research and Education: Number Theory, Geometry and Cryptography

Submitted by Katherine Stange on Tue, 11/14/2017 - 10:59am

This project advances the understanding of number theory, geometry, and cryptography. Number theory and geometry are among the oldest and most central topics in mathematics, while their application to cryptography underlies modern cybersecurity. The project focuses on the relationships between number-theoretic information and geometric structures such as elliptic curves, circle packings, and lattices.

group_project

Visible to the public EAGER: Implementing Practical Provably Secure Authenticated Key Exchange for the Post-Quantum Worl

Submitted by Jintai Ding on Tue, 11/14/2017 - 10:46am

Cyber security is considered one of the most important aspects of our information technology based society. Key Exchange(KE) is a fundamental cryptographic primitive, and authenticated KE (AKE) is one of the most used cryptographic tools in secure communication protocols (e.g. SSL/TLS, IPSec, SSH) over the Internet. In light of the threat that quantum computers pose to cryptosystems such as RSA and ECC, this project is devoted to the development of secure and efficient AKE alternatives for the post-quantum computer world, which is now considered of a high priority by the US government.

group_project

Visible to the public TWC: Medium: Collaborative: Hiding Hay in a Haystack: Integrating Censorship Resistance into the Mainstream Internet

Submitted by Joan Feigenbaum on Tue, 11/14/2017 - 10:44am

Freedom and openness of the Internet are under threat. Government censors in non-democratic countries are deploying network filters to block sources of uncensored information, suppress dissent, and prevent citizens from using the Internet to exercise their human rights such as freedom of speech and freedom of assembly.

group_project

Visible to the public TWC: TTP Option: Small: Understanding the State of TLS Using Large-scale Passive Measurements

Submitted by Johanna Amann on Tue, 11/14/2017 - 10:38am

The Transport Layer Security (TLS) protocol constitutes the key building block for today's Internet security and is, for example, used for encrypted web connections using the HTTPS protocol. However, from its first version in 1994 until today, researchers and practitioners keep discovering TLS deficiencies undermining the protocol's security on a regular basis. While the academic community has applied intense scrutiny to the TLS/X.509 ecosystem, much of such work depends on access to difficult to acquire representative data on the protocol's deployment and usage.

group_project

Visible to the public EAGER: TWC: Collaborative: iPrivacy: Automatic Recommendation of Personalized Privacy Settings for Image Sharing

Submitted by Jianping Fan on Tue, 11/14/2017 - 10:35am

The objective of this project is to investigate a comprehensive image privacy recommendation system, called iPrivacy (image Privacy), which can efficiently and automatically generate proper privacy settings for newly shared photos that also considers consensus of multiple parties appearing in the same photo. Photo sharing has become very popular with the growing ubiquity of smartphones and other mobile devices.

group_project

Visible to the public STARSS: Small: Collaborative: Zero-power Dynamic Signature for Trust Verification of Passive Sensors and Tag

Submitted by Jian Ren on Tue, 11/14/2017 - 10:01am

As passive tagging technologies like RFID become more economical and ubiquitous, it can be envisioned that in the future, millions of sensors integrated with these tags could become an integral part of the next generation of smart infrastructure and the overall concept of internet-of-things. As a result, securing these passive assets against data theft and counterfeiting would become a priority, reinforcing the importance of the proposed dynamic authentication techniques.

group_project

Visible to the public STARSS: Small: Collaborative: Physical Design for Secure Split Manufacturing of ICs

Submitted by Jeyavijayan Rajen... on Tue, 11/14/2017 - 9:55am

The trend of outsourcing semiconductor manufacturing to oversea foundries has introduced several security vulnerabilities -- reverse engineering, malicious circuit insertion, counterfeiting, and intellectual property piracy -- making the semiconductor industry lose billions of dollars. Split manufacturing of integrated circuits reduces vulnerabilities introduced by an untrusted foundry by manufacturing only some of the layers at an untrusted high-end foundry and the remaining layers at a trusted low-end foundry.

group_project

Visible to the public TWC: Medium: Collaborative: Development and Evaluation of Next Generation Homomorphic Encryption Schemes

Submitted by Jeffrey Hoffstein on Tue, 11/14/2017 - 9:43am

Fully homomorphic encryption (FHE) is a promising new technology that enables an untrusted party to efficiently compute directly on ciphertexts. For instance, with FHE a cloud server without access to the user's encrypted content can still provide text search services. An efficient FHE scheme would significantly improve the security of sensitive user data stored and processed on cloud servers. Significant progress has been made in bringing FHE proposals closer to practice.