Protect

group_project

Visible to the public CAREER: Cryptography for Secure Outsourcing

Individuals and organizations routinely trust third party providers to hold sensitive data, putting it at risk of exposure. While the data could be encrypted under a key that is kept secret from the provider, it rarely is, due to the inconvenience and increased cost of managing the cryptography. This project will develop technologies for working with encrypted data efficiently and conveniently. In particular, it will enable searching on encrypted data, which is prevented by currently deployed encryption, and running arbitrary programs efficiently on encrypted data.

group_project

Visible to the public SaTC: An Architecture for Restoring Trust in Our Personal Computing Systems

Computers today are so complex and opaque that a user cannot possibly hope to know, let alone trust, everything occurring within the machine. While software security techniques help ensure the integrity of user computations, they are only as trustworthy as the underlying hardware. Even though many proposals provide some relief to the problem of hardware trust, the user must ultimately rely on the assurances of other parties. This work restores hardware trust through a simple, small, and slow pluggable hardware element.

group_project

Visible to the public CAREER: Bridging the Semantic Gap in Virtualization-based Security Solutions via Collaboration between Guest OS and Virtual Machine

In the last ten years virtual machines (VMs) have been extensively used for security-related applications, such as intrusion detection systems, malicious software (malware) analyzers and secure logging and replay of system execution. A VM is high-level software designed to emulate a computer's hardware. In the traditional usage model, security solutions are placed in a VM layer, which has complete control of the system resources. The guest operating system (OS) is considered to be easily compromised by malware and runs unaware of virtualization.

group_project

Visible to the public TWC: TTP Option: Frontier: Collaborative: MACS: A Modular Approach to Cloud Security

The goal of the Modular Approach to Cloud Security (MACS) project is to develop methods for building information systems with meaningful multi-layered security guarantees. The modular approach of MACS focuses on systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where the security of the system as a whole can be derived from the security of its components. The project concentrates on building outsourced, cloud-based information services with client-centric security guarantees.

group_project

Visible to the public TWC: Medium: Collaborative: The Theory and Practice of Key Derivation

Most cryptographic applications crucially rely on secret keys that are chosen randomly and are unknown to an attacker. Unfortunately, the process of deriving secret keys in practice is often difficult, error-prone and riddled with security vulnerabilities. Badly generated keys offer a prevalent source of attacks that render complex cryptographic applications completely insecure, despite their sophisticated design and rigorous mathematical analysis.

group_project

Visible to the public TWC SBES: Medium: Utility for Private Data Sharing in Social Science

One of the keys to scientific progress is the sharing of research data. When the data contain information about human subjects, the incentives not to share data are stronger. The biggest concern is privacy - specific information about individuals must be protected at all times. Recent advances in mathematical notions of privacy have raised the hope that the data can be properly sanitized and distributed to other research groups without revealing information about any individual. In order to make this effort worthwhile, the sanitized data must be useful for statistical analysis.

group_project

Visible to the public STARSS: Small: SecureDust - The Physical Limits of Information Security

Truly ubiquitous computing with very small, self-powered and wirelessly networked integrated circuits will become possible within a decade. Applications of these devices include biosensors, environmental monitors, and defense, all of which bring a need for security and privacy. Enabling the use of strong cryptographic algorithms on extremely constrained devices requires rethinking, from an energy-first perspective, the design and implementation of basic cryptographic building blocks.

group_project

Visible to the public TWC: Option: Medium: Collaborative: Authenticated Ciphers

OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.

group_project

Visible to the public CAREER: Non-Black-Box Cryptography: Defending Against and Benefiting from Access to Code

Cryptography is an essential and widespread tool for providing information security. Traditional cryptographic models assume only black-box, or input/output access to devices, thereby limiting the class of attacks. In practice, an attacker may obtain non-black-box access to a device and attack a particular algorithm or specific implementation such as through timing or fault injection attacks. Exploiting non-black-box access has been a remarkably effective technique for compromising cryptosystems.

group_project

Visible to the public TWC: Frontier: Collaborative: CORE: Center for Encrypted Functionalities

The Center for Encrypted Functionalities (CORE) tackles the deep and far-reaching problem of general-purpose "program obfuscation," which aims to enhance cybersecurity by making an arbitrary computer program unintelligible while preserving its functionality.