SaTC: CORE: Medium: Collaborative: Theory and Practice of Cryptosystems Secure Against Subversion

SaTC：核心：媒介：协作：密码系统安全防范颠覆的理论与实践

• 批准号: 1801487
• 负责人: Alexander Russell
• 金额: $ 30万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1801487&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Collaborative; Theory

The discipline of cryptography provides the basic digital tools used across the globe to ensure data privacy and authenticity. With the broad deployment of these tools--often invisibly embedded in commercial software or hardware--an unconventional but devastating type of cyberattacks have emerged. These attacks involve deploying a cleverly subverted version of a cryptographic tool that appears to function normally, but in fact deliberately reduces security in a covert way that is known only to the subverting party. Such an attack can be carried out by the author of a software package, the manufacturer of a hardware device, or a third party who has contrived to interfere with the deployed product. Recent high-profile incidents of this kind have highlighted the threat associated with these attacks. This project is a comprehensive study of security in this setting, including development of formal models that permit rigorous reasoning about security, design and analysis of new cryptographic tools that resist subversion, and explicit recommendations for hardening the existing cryptographic tools in widespread use.The project is organized into three main threads. The first focuses on establishing cryptographic security models that expand on classical cryptographic models to adequately reflect malicious subversion attacks: in general, these models call for the design of cryptographic tools to be explicitly coupled with specification of black-box testing procedures so that the combination can guarantee security despite subversion attacks. The second effort pursues development of fundamental cryptographic primitives that achieve security in these new models and application of these primitives as building blocks to construct larger systems and protocols that retain security despite subversion. Finally, to transition these theoretical tools to practice, the project undertakes a practical effort to re-architect existing infrastructural tools, such as the IPSec, SSH and TLS protocols, to harden them against subversion.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

密码学学科提供了全球使用的基本数字工具，以确保数据隐私和真实性。随着这些工具的广泛部署（通常无形地嵌入到商业软件或硬件中），一种非常规但具有破坏性的网络攻击已经出现。这些攻击涉及部署加密工具的巧妙颠覆版本，该工具看似运行正常，但实际上以只有颠覆方知道的隐蔽方式故意降低安全性。此类攻击可以由软件包的作者、硬件设备的制造商或设法干扰已部署产品的第三方来执行。最近发生的此类备受瞩目的事件凸显了与这些攻击相关的威胁。该项目是对这种情况下安全性的全面研究，包括开发允许对安全性进行严格推理的形式模型、设计和分析抵抗颠覆的新密码工具，以及强化广泛使用的现有密码工具的明确建议。该项目被组织成三个主线程。第一个重点是建立密码安全模型，该模型扩展了经典密码模型，以充分反映恶意颠覆攻击：一般来说，这些模型要求密码工具的设计与黑盒测试程序的规范明确耦合，以便该组合可以尽管受到颠覆攻击，仍能保证安全。第二项努力是开发基本的密码原语，以在这些新模型中实现安全性，并将这些原语作为构建块来构建更大的系统和协议，尽管遭到颠覆，但仍能保持安全性。最后，为了将这些理论工具转化为实践，该项目付出了实际努力来重新构建现有的基础设施工具，例如 IPSec、SSH 和 TLS 协议，以强化它们以防止颠覆。该奖项反映了 NSF 的法定使命，并被视为值得通过使用基金会的智力优点和更广泛的影响审查标准进行评估来支持。

项目成果

Adaptive Risk-Limiting Comparison Audits

适应性风险限制比较审核

• DOI: 10.1109/sp46215.2023.10179424
• 发表时间: 2023-05
• 期刊: Proceedings IEEE Symposium on Security and Privacy
• 作者: Fuller, Benjamin;Harrison, Abigail;Russell, Alexander
• 通讯作者: Russell, Alexander

Let a Non-barking Watchdog Bite: Cliptographic Signatures with an Offline Watchdog

让不吠的看门狗咬一口：带有离线看门狗的剪贴签名

• DOI: 10.1007/978-3-030-17253-4_8
• 发表时间: 2019-04-14
• 作者: Sherman S. M. Chow;A. Russell;Qiang Tang;M. Yung;Yongjun Zhao;Hong
• 通讯作者: Hong