TC: Small: Securing Programs and Data In Remote and Hostile Environments

TC：小型：保护远程和敌对环境中的程序和数据

• 批准号: 1018064
• 负责人: Shafrira Goldwasser
• 金额: $ 49.92万
• 依托单位: Massachusetts Institute of Technology
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-09-01 至 2014-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1018064&HistoricalAwards=false
• 关键词: TC; Small; Securing; Programs; Data

Cryptographic protocols lie at the core of sound and trustworthy solutions to protect the integrity and secrecy of data stored in private computers and remote servers; and programs executed on hand held devices and remote host computers. Such protocols are guaranteed to preserve some pre-defined security requirements in the face of malicious attacks.The starting point of this research project is that the nature of these attacks has changed fundamentally in recent years. A fast growing worldwide trend is to view computation as a commodity. Organizations or individuals may pay specialized providers (such as the Amazon EC2) to carry out desired computations for them. This trend (often called ``Cloud Computing'') carries with it great promise in terms of overall computing efficiency, power consumption, and financial flexibility. However, it also opens the door to much more acute security threats than those we have encountered so far. Without additional protection, the client must completely trust the provider to perform the computation correctly, and at the same time keep the secrecy of the clients' most sensitive private data. Putting in protection to reduce this trust is a delicate and complex challenge which requires a paradigm shift. Traditional cryptographic techniques and concepts seem to be insufficient to address these new threats and opportunitiesIn this project, we propose to address several challenges arising due to this new computing reality. These include: (1) Designing techniques for securing remote executable code both to safeguard the underlying algorithms and to enable limited time execution. (2) Designing techniques for achieving security against computational side-channel attacks on programs executed in hostile environments, (3) Diversifying the constructions of homomorphic encryption and further exploring their potential to current applications. Intellectual Merit and Broad Impact: Protecting the electronic information world is paramount to the success and stability of modern society. The main goal of this project is to develop techniques for the security of remotely executed programs and cryptographic primitives. We ask basic questions underlying the development of such techniques: Can we build cryptographic primitives that resist various forms of inadvertent information leakage, such as the ones that occur due to side-channel attacks? can the computational assumptions that we have made thus far withstand the existence of extra auxiliary information about their solutions? Can fully homomorphic encryption schemes be demonstrated that possess other useful properties such as leakage-resilience, circular security and the ability to test the ciphertext for predefined predicates? Progress on any of these questions will significantly enhance our tool kit for the remote storage of data and program execution. We believe that this project addresses the most important area of investigation in cryptography today and will have broad impact on teaching us how to utilize remote computers to run your computations maintaining security. This may have far reaching conclusions for the safe use of cloud computing.

加密协议是可靠可靠的解决方案的核心，可以保护存储在私人计算机和远程服务器中的数据的完整性和保密性;以及在手持设备和远程主机上执行的程序。这类协议保证在面对恶意攻击时保持一些预定义的安全需求，本研究项目的出发点是近年来这些攻击的性质发生了根本性的变化。一个快速增长的全球趋势是将计算视为一种商品。组织或个人可以向专业提供商（例如Amazon EC 2）付费，以为其执行所需的计算。这种趋势（通常称为“云计算”）在整体计算效率、功耗和财务灵活性方面带来了巨大的希望。 然而，它也为我们迄今遇到的更为严重的安全威胁打开了大门。在没有额外保护的情况下，客户端必须完全信任提供程序，以正确执行计算，同时保持客户端最敏感的私有数据的机密性。 提供保护以减少这种信任是一个微妙而复杂的挑战，需要转变模式。传统的加密技术和概念似乎不足以解决这些新的威胁和机会，在这个项目中，我们建议解决由于这种新的计算现实而产生的几个挑战。其中包括：（1）设计用于保护远程可执行代码的技术，以保护底层算法并实现有限时间执行。(2)设计技术，以实现安全的计算侧信道攻击的程序执行在恶劣的环境中，（3）多样化的同态加密的结构，并进一步探索其潜力，目前的应用。知识价值和广泛影响：保护电子信息世界对现代社会的成功和稳定至关重要。 该项目的主要目标是开发远程执行程序和密码原语的安全技术。我们问的基本问题，这些技术的发展：我们可以建立密码原语，抵御各种形式的无意中的信息泄漏，如发生由于侧信道攻击？到目前为止，我们所做的计算假设是否能够承受关于其解的额外辅助信息的存在？ 是否可以证明完全同态加密方案具有其他有用的属性，如泄漏弹性，循环安全性和测试预定义谓词的密文的能力？ 在这些问题上的任何进展都将大大增强我们用于远程存储数据和程序执行的工具包。我们相信，这个项目解决了当今密码学研究中最重要的领域，并将对教我们如何利用远程计算机来运行计算以维护安全产生广泛的影响。这可能对云计算的安全使用产生深远的影响。