TC: Small: Towards Resettable & Statistical Security in Zero Knowledge

TC：小：走向可重置

• 批准号: 1118126
• 负责人: Rafail Ostrovsky
• 金额: $ 47.35万
• 依托单位: University of California-Los Angeles
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2011
• 资助国家: 美国
• 起止时间: 2011-09-01 至 2015-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1118126&HistoricalAwards=false
• 关键词: TC; Small; Towards; Resettable; &amp

Recent cyber attacks have shown the degree of vulnerability on the individual to the corporate to national level. Everyone is vulnerable, from the consumer using a credit card to make an online purchase, to the multi-national corporation whose systems are hacked, to national infrastructure and defense networks. Recent criminal attacks on computing devices and computer systems allow criminals to access private data without actually breaking the paradigm of provable-security, by exploiting some alternative and subtle weaknesses of the implemented systems (for instance through physical attacks mounted on computing devices or through clever internet-based attacks via exploiting concurrency of the communication). Examples of such attacks include measuring the power consumption of a computing device or manipulating its randomness generation process, or attacking multiple instances of the same protocol simultaneously on the internet. Moreover, the spread of light-weight (and extremely cheap) devices such as smart-cards and RFID chips makes evident that physical leakage of information must be prevented even when criminals are capable of physical reset of a device as well as manipulating network messages of computing artifacts. While the theory of many of the above attacks has been recently developed in cryptography, the ongoing research of security of network attacks and reset attacks so far produced very limited results. We address challenges posed by such sophisticated criminal attacks with the goal of making such attacks computationally much harder to perpetrate. Our objectives include designing stronger security defenses for an important class of attacks on computational devices, including information-theoretic guarantees even during reset and network attacks on weak computational devices. The goals of this research includes obtaining feasibility and impossibility results for multiple cryptographic tools, and developing novel security techniques that when combined together, provide much stronger defenses for deployed systems.

最近的网络攻击表明，个人对公司至国家一级的脆弱程度。从使用信用卡进行在线购买的消费者到跨国公司被黑客入侵，到国家基础设施和国防网络的跨国公司，每个人都很容易受到伤害。最近对计算设备和计算机系统的刑事攻击允许犯罪分子访问私人数据，而无需实际破坏可证明的安全性范式，通过利用实施系统的一些替代和微妙的弱点（例如，通过安装在计算设备上或通过巧妙的Internet基于Internet的攻击来通过利用通讯的一致性来实现的物理攻击）。此类攻击的示例包括测量计算设备的功耗或操纵其随机性生成过程，或在Internet上同时攻击同一协议的多个实例。此外，智能卡和RFID芯片等轻重量（和极为便宜）的设备的传播表明，即使犯罪分子能够物理重置设备以及操纵计算文物的网络信息，也必须防止信息的物理泄漏。尽管上述许多攻击的理论最近是在密码学中发展的，但迄今为止对网络攻击和重置攻击的安全性研究却产生了非常有限的结果。我们解决了如此复杂的犯罪攻击所带来的挑战，目的是使这些攻击在计算上更难进行。我们的目标包括为对计算设备的一系列重要攻击设计更强的安全防御，包括信息理论的保证，即使在重置和网络攻击较弱的计算设备期间也是如此。这项研究的目标包括获得多种加密工具的可行性和不可能结果，并开发新颖的安全技术，这些安全技术合并在一起，为部署的系统提供了更强大的防御能力。