ITR/SY(CISE): Cryptography: Examining the Assumptions

ITR/SY(CISE)：密码学：检查假设

• 批准号: 0113941
• 负责人: David Wagner
• 金额: $ 37.49万
• 依托单位: University of California-Berkeley
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2001
• 资助国家: 美国
• 起止时间: 2001-09-15 至 2004-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0113941&HistoricalAwards=false
• 关键词: ITR; SY; CISE; Cryptography; Examining

Cryptography is a fundamental building block for building information systems, and as we enter the so-called "information age" of global networks, ubiquitous computing devices, and eletronic commerce, we can expert that cryptography will become only more import with time.This proposal is designed to advance the state of the art in cryptography by examining some of the implicit assumptions that underlie the field. The birth of provable security has contributed significantly to the advances of the field over the past two decades, allowing us to amass strong evidence that-as long as the attacker plays by the rules specified in our formal threat model-the cryptosystem under consideration is likely to be secure. However, one problem is that, in practice, attackers don't always play by the rules: given the opportunity, they will gladly "cheat". Recent research has shown that there are a surprising number of ways to violate the designer's assumptions, for instance by observing timing measurements which the model does not allow for. The goals of practical cryptographic design, then, ought to include finding ways to reduce the opportunity for attackers to "cheat", preferably by relaxing our assumptions and broadening our models enough so that the attacker's behavior cannot help but be covered by the model. This is the research agenda that we take up in this project. We propose first to study real systems and case studies of how these assumptions can be violated in practice. A next step is to build a set of practical countermeasures that can be used to strengthen future cryptosystems against these attacks. Finally, we will seek new theoretical tools, techniques, and models for extending the provable security methodology to take into account these failure modes. If we succeed, these results will make a positive contribution not only to the practice of cryptography but also to the theoretical foundations of the field.

密码学是构建信息系统的基本构件，随着我们进入全球网络、无处不在的计算设备和电子商务的所谓“信息时代”，我们可以专家地认为，密码学只会随着时间的推移变得更加重要。这项建议旨在通过检验该领域背后的一些隐含假设来推动密码学的最新发展。可证明安全性的诞生对过去20年该领域的进步做出了重大贡献，使我们能够积累强有力的证据--只要攻击者遵守我们的正式威胁模型中指定的规则--正在考虑的密码系统很可能是安全的。然而，有一个问题是，在实践中，攻击者并不总是按规则行事：只要有机会，他们就会很乐意地“作弊”。最近的研究表明，有许多方法可以违反设计者的假设，例如，通过观察模型不允许的计时测量。因此，实用密码设计的目标应该包括找到减少攻击者“作弊”的机会的方法，最好是放松我们的假设，足够扩大我们的模型，以便攻击者的行为不能不被模型所涵盖。这是我们在这个项目中采取的研究议程。我们建议首先研究真实的系统和案例研究，看看这些假设如何在实践中被违反。下一步是建立一套实用的对策，可以用来加强未来的密码系统对这些攻击的攻击。最后，我们将寻求新的理论工具、技术和模型来扩展可证明安全方法论，以考虑这些故障模式。如果我们成功了，这些成果不仅将对密码学的实践做出积极的贡献，而且将对该领域的理论基础做出积极的贡献。