CAREER: Cryptography Outside the Box

职业：打破常规的密码学

• 批准号: 0546614
• 负责人: Leonid Reyzin
• 金额: $ 40万
• 依托单位: Trustees of Boston University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2006
• 资助国家: 美国
• 起止时间: 2006-09-01 至 2012-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0546614&HistoricalAwards=false
• 关键词: CAREER; Cryptography; Outside; Box

Cryptography is the science of communication in the presence of a potential adversary and is an essential component in computer security. The past three decades of the study of cryptography continue to have a tremendous impact on society, having enabled, for example, world-wide ATM networks, pay TV, private email, VPNs, and electronic commerce. This project is developing cryptography that is more user-friendly, fault-tolerant and secure, thus broadening its applicability to our increasingly electronic lives.More specifically, the past study of cryptography, while very successful, has made many implicit assumptions about the environments in which cryptographic constructions operate. Such assumptions often turn out to be untrue in real-life deployments, resulting in serious securityvulnerabilities. This project focuses on freeing cryptography of the following unrealistic assumptions: that users have uniformly random long keys, which are remembered perfectly, never accidentally disclosed to the adversary, and used in computing devices that leak no information.As just one example, little work has been done on tailoring cryptographic schemes to real users, who cannot remember thousand-bit-long secret keys. Thus, despite all cryptographic achievements, the most commonly used method of user-authentication today is via passwords. Passwords, as theyare currently used, do not provide good security and inconvenience users unnecessarily. This project is developing alternatives to passwords that enhance security and user convenience. It is developing means of biometrics identification that do not require storage of the biometric template, thus reducing privacy risks. It is also studying the possibilities of using small inexpensive hardware tokens for opening virtual doors to those authorized, similarly to how physical keys are used to open physical doors. This project is also studying techniques that will recover gracefully and automatically from security breaches, such as unauthorized disclosure of passwords or keys.In addition to innovative cryptographic research, the educational components of the project focus on enabling students to think rigorously about computer security and to be able to critically evaluate various (often unjustified) security claims.

密码学是在潜在对手存在的情况下进行通信的科学，是计算机安全的重要组成部分。 过去30年的密码学研究继续对社会产生巨大影响，例如，全球ATM网络，付费电视，私人电子邮件，VPN和电子商务。 这个项目正在开发更加用户友好、容错和安全的密码学，从而扩大其在我们日益电子化的生活中的适用性。更具体地说，过去对密码学的研究虽然非常成功，但对密码结构的运行环境做了许多隐含的假设。这些假设在实际部署中往往是不真实的，导致严重的安全漏洞。 这个项目的重点是将密码学从以下不切实际的假设中解放出来：用户拥有均匀随机的长密钥，这些长密钥被完美地记住，永远不会意外地泄露给对手，并且用于不泄露任何信息的计算设备。举个例子，很少有人为无法记住千位长密钥的真实的用户定制密码方案。因此，尽管所有的密码学成就，最常用的用户身份验证方法今天是通过密码。 目前使用的密码不能提供很好的安全性，并且给用户带来不必要的不便。 该项目正在开发密码的替代方案，以提高安全性和用户便利性。它正在开发不需要储存生物特征模板的生物特征识别手段，从而减少隐私风险。 它还在研究使用小型廉价硬件令牌为授权人员打开虚拟门的可能性，类似于如何使用物理钥匙打开物理门。 该项目还研究了安全漏洞（如未经授权泄露密码或密钥）的优雅自动恢复技术。除了创新的密码学研究外，该项目的教育部分侧重于使学生能够严格思考计算机安全问题，并能够批判性地评估各种（通常不合理的）安全声明。