CAREER: Towards Secure and Policy-Compliant Encrypted Communications

职业：实现安全且符合策略的加密通信

• 批准号: 1653110
• 负责人: Matthew Green
• 金额: $ 55.83万
• 依托单位: Johns Hopkins University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1653110&HistoricalAwards=false
• 关键词: CAREER; Towards; Secure; Policy; Compliant

The past several years have seen a fundamental change in the way that individuals use technology to communicate. One aspect of this change has been the widespread deployment of new encrypted communications systems that are used by billions of users. With the emergence of new, practical encrypted messaging protocols and storage technologies, encryption is now available to the public in a quantity and quality that could only be imagined in previous decades. With the deployment of secure encryption technology comes new challenges. These span the traditional domains of cryptography, software design, and usable security. Technical flaws in these systems have already exposed hundreds of millions of users to the threat of data compromise. At the same time governments around the world have called for the introduction of new potential points of failure, in the form of exceptional access systems that would allow law enforcement to access communications on demand. This project studies problems arising from the often contradictory requirements of providing user security and providing exceptional access to government agencies. The work involves research into many aspects of the problem, ranging from cryptographic protocol design through the careful consideration of legal and administrative procedures. Research outputs will include development of requirements for these systems; analysis of concrete proposals put forward by government agencies; and the design of meaningful auditing systems and revocation mechanisms to maintain security for such systems in the event of a catastrophic breach. The research results have been integrated into graduate and undergraduate courses, and are disseminated through news publications and a public blog.

在过去的几年里，人们使用技术进行交流的方式发生了根本性的变化。这种变化的一个方面是广泛部署了数十亿用户使用的新加密通信系统。随着新的、实用的加密消息传递协议和存储技术的出现，加密现在以过去几十年只能想象的数量和质量向公众提供。安全加密技术的部署带来了新的挑战。这些系统跨越了传统的密码学、软件设计和可用的安全领域。这些系统中的技术缺陷已经使数亿用户面临数据泄露的威胁。与此同时，世界各国政府呼吁引入新的潜在故障点，以特殊访问系统的形式，允许执法部门按需访问通信。该项目研究了提供用户安全和提供政府机构特殊访问权限这两种往往相互矛盾的要求所产生的问题。这项工作涉及对问题的许多方面的研究，从加密协议设计到仔细考虑法律的和行政程序。研究成果将包括制定这些系统的要求;分析政府机构提出的具体建议;设计有意义的审计系统和撤销机制，以便在发生灾难性破坏时维护这些系统的安全。研究成果已被纳入研究生和本科生课程，并通过新闻出版物和公共博客传播。

项目成果

Giving State to the Stateless: Augmenting Trustworthy Computation with Ledgers

• DOI: 10.14722/ndss.2019.23060
• 发表时间: 2019
• 期刊: Proceedings 2019 Network and Distributed System Security Symposium
• 作者: Gabriel Kaptchuk;M. Green;Ian Miers

Where did I leave my keys?: lessons from the Juniper Dual EC incident

我把钥匙落在哪里了？：Juniper Dual EC 事件的教训

• DOI: 10.1145/3266291
• 发表时间: 2018
• 期刊: Communications of the ACM
• 影响因子: 22.7
• 作者: Checkoway, Stephen;Maskiewicz, Jacob;Garman, Christina;Fried, Joshua;Cohney, Shaanan;Green, Matthew;Heninger, Nadia;Weinmann, Ralf-Philipp;Rescorla, Eric;Shacham, Hovav
• 通讯作者: Shacham, Hovav

Fluid MPC: Secure Multiparty Computation with Dynamic Participants

Fluid MPC：具有动态参与者的安全多方计算

• DOI: 10.1007/978-3-030-84245-1_4
• 发表时间: 2021
• 期刊: CRYPTO 2021
• 作者: Choudhuri, A.R.

Order-C Secure Multiparty Computation for Highly Repetitive Circuits

适用于高度重复电路的 C 级安全多方计算

• 发表时间: 2021
• 期刊: EUROCRYPT 2021
• 作者: Gabrielle Beck, Aarushi Goel

ZEXE: Enabling Decentralized Private Computation

• DOI: 10.1109/sp40000.2020.00050
• 发表时间: 2020-05
• 期刊: 2020 IEEE Symposium on Security and Privacy (SP)
• 作者: Sean Bowe;A. Chiesa;M. Green;Ian Miers;Pratyush Mishra;Howard Wu