Securing Data in Future Computer Systems

保护未来计算机系统中的数据

• 批准号: RGPIN-2014-05983
• 负责人: SafaviNaeini, Reyhaneh
• 金额: $ 3.93万
• 依托单位: University of Calgary
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2014
• 资助国家: 加拿大
• 起止时间: 2014-01-01 至 2015-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=567510
• 关键词: Securing; Data; Future; Computer; Systems

Protection and control of digital data are increasingly threatened in two fundamental ways. First, the computational assumptions that underlie the security of today's cryptosystems will likely to be substantially weakened or completely broken in the near future. In particular, the advent of quantum computing will break the computational assumptions that are the basis of the security algorithms that are the backbone of secure communication: RSA encryption, and Diffie-Hellman (key establishment) protocol. Second, massive data publication and sharing will result in unwanted and uncontrollable inferences. Using search engines and data analysis techniques could reveal information that data owners had intended to protect, making it increasingly hard to maintain individual privacy and to implement laws on freedom of information that require protection of sensitive information. Protected data publishing (PDP) systems work on the assumption that removing terms from documents, or modifying parts of it, will provide the required protection. It has been shown that with sufficient related data, this assumption will not be valid. The long-term objectives of my research program are: To contribute security models for data protection that are inspired by real life scenarios; to develop theories, tools, and techniques to analyze and understand them; and to design systems with verifiable security properties that last through the coming decades. My research will use two complementary approaches, cryptographic and non-cryptographic. A cryptographic system with information theoretic security does not rely on any computational assumption and its security is proven through mathematical theorems that will not be affected with advances in computer algorithms, or development of new models of computation such as quantum computers. A large class of data protection problems, however, cannot be solved by cryptographic systems. I will use probabilistic interpretation of data and information theoretic measures to propose models, theories and protection systems for such problems. I will implement the algorithms and experiment on real data to verify the models and test the theories. Using the two complementary approaches will enable me to explore and contribute to a wide range of emerging problems, with the unifying thread being the use of information theoretic measures, arguments, and proofs. My short term objectives are: 1. Cryptographic systems for long-term data security. Propose models that capture two-party and multi-party data communication scenarios, analyze the models, and propose constructions with optimal performance, provable security, and efficiency. 2. Non-cryptographic systems for PDP. Explore information leakage, model and analyze the leakage in PDP, and propose protection systems to control the leakage. Evaluate the models and constructions, and test theories using experiments on real data. The proposed research is essential for long term security of digital data. Next generation information communication infrastructure will operate in an environment of massive data and abundant computation, and require cryptographic systems that remain secure irrespective of the computational power of the adversary, and tools and systems that can control information leakage in published data. The need for cryptographic technologies for future has been recognized by standardization bodies such as ETSI (http://www.etsi.org/news-events/events/648-crypto-workshop2013), and the need for technologies for controlling unwanted inferences is the today's need of individuals and institutions, which will grow in the coming years.

数字数据的保护和控制在两个基本方面日益受到威胁。首先，作为当今密码系统安全性基础的计算假设在不久的将来可能会被大大削弱或完全打破。特别是，量子计算的出现将打破作为安全通信支柱的安全算法基础的计算假设：RSA加密和Diffie-Hellman（密钥建立）协议。其次，大量数据的发布和共享将导致不必要的和不可控的推论。使用搜索引擎和数据分析技术可能会泄露数据所有者打算保护的信息，从而使维护个人隐私和执行要求保护敏感信息的信息自由法律变得越来越困难。受保护的数据发布（PDP）系统的工作假设是从文档中删除术语或修改部分文档将提供所需的保护。已经证明，如果有足够的相关数据，这种假设将是无效的。我的研究计划的长期目标是：贡献受真实的生活场景启发的数据保护安全模型;开发理论，工具和技术来分析和理解它们;并设计具有可验证的安全属性的系统，这些属性可以持续几十年。我的研究将使用两种互补的方法，加密和非加密。具有信息理论安全性的密码系统不依赖于任何计算假设，并且其安全性通过数学定理来证明，这些定理不会受到计算机算法的进步或新计算模型（如量子计算机）的发展的影响。然而，一大类数据保护问题不能通过密码系统来解决。我将使用数据的概率解释和信息理论的措施，提出模型，理论和保护系统，这样的问题。我将在真实的数据上实现算法和实验来验证模型和测试理论。使用这两种互补的方法将使我能够探索和促进广泛的新出现的问题，与统一的线程是使用信息理论的措施，参数和证明。我的短期目标是：1。用于长期数据安全的密码系统。提出捕获两方和多方数据通信场景的模型，分析模型，并提出具有最佳性能，可证明安全性和效率的构造。2. PDP的非加密系统。探讨PDP中的信息泄漏，对PDP中的信息泄漏进行建模和分析，并提出控制信息泄漏的保护系统。评估模型和构造，并使用真实的数据进行实验来测试理论。这项研究对数字数据的长期安全至关重要。下一代信息通信基础设施将在海量数据和大量计算的环境中运行，并且需要无论对手的计算能力如何都保持安全的密码系统，以及可以控制发布数据中的信息泄漏的工具和系统。对于未来的密码技术的需求已经被诸如ETSI（http：//www.etsi.org/news-events/events/648-crypto-workshop2013）的标准化机构所认识，并且对于用于控制不想要的推断的技术的需求是个人和机构的当今需求，其将在未来几年中增长。