TWC: Medium: Collaborative: Black-Box Evaluation of Cryptographic Entropy at Scale

TWC：媒介：协作：大规模密码熵的黑盒评估

• 批准号: 1937622
• 负责人: Hovav Shacham
• 金额: $ 7.36万
• 依托单位: University of Texas at Austin
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-09-01 至 2019-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1937622&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Black; Box

The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.This project will develop black-box techniques for finding entropy failures at Internet scale related to randomness. These techniques, which build on programming languages, operating systems, networking, security, and cryptography, will then be applied to perform a systematic, ongoing census of the state of random number generation vulnerabilities. Through this census, the project can analyze the "longtail" of deployed networked systems rather than a handful chosen a priori.The project will develop and disseminate defensive analysis tools that will help programmers debug and correct entropy problems in their code before they ship it. It will produce cryptographic countermeasures and entropy-gathering subsystems that provide better security guarantees than existing systems, reducing the impact of those entropy failures that do slip through.The result will be a better understanding of entropy and more trustworthy systems, today and in the future.

生成随机数的能力 - 翻转硬币 - 对于从蒙特卡洛模拟到确保通信的许多计算任务至关重要。 构建此类子系统以生成随机数的理论是充分理解的，但是理论与实践之间的差距令人惊讶地广泛。 如今，这些子系统是不透明和脆弱的。 这些子系统中的缺陷可能会损害数百万个互联网主机的安全性。该项目将开发黑框技术，以在与随机性有关的Internet规模上查找熵故障。 这些技术基于编程语言，操作系统，网络，安全性和加密技术，然后将应用于随机数生成漏洞的系统，持续的人口普查。 通过这项人口普查，该项目可以分析已部署的网络系统的“长尾”，而不是先验选择的少数选择。该项目将开发和传播防御性分析工具，这些工具将帮助程序员在运输之前的代码中调试和正确的熵问题。 它将产生与现有系统相比，提供更好的安全保证的加密对策和熵收集子系统，从而减少了确实消失的那些熵故障的影响。结果将更好地理解熵和更多可信赖的系统，即当今和将来。