| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | September 2, 2014 |
| Latest Amendment Date: | September 2, 2014 |
| Award Number: | 1408734 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Shannon Beck
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | October 1, 2014 |
| End Date: | September 30, 2018 (Estimated) |
| Total Intended Award Amount: | $430,000.00 |
| Total Awarded Amount to Date: | $430,000.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
3451 WALNUT ST STE 440A PHILADELPHIA PA US 19104-6205 (215)898-7293 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
3451 Walnut Street, P-221 Philadelphia PA US 19104-6205 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
The ability to generate random numbers -- to flip coins -- is crucial for many computing tasks, from Monte Carlo simulation to secure communications. The theory of building such subsystems to generate random numbers is well understood, but the gap between theory and practice is surprisingly wide. As built today, these subsystems are opaque and fragile. Flaws in these subsystems can compromise the security of millions of Internet hosts.
This project will develop black-box techniques for finding entropy failures at Internet scale related to randomness. These techniques, which build on programming languages, operating systems, networking, security, and cryptography, will then be applied to perform a systematic, ongoing census of the state of random number generation vulnerabilities. Through this census, the project can analyze the "longtail" of deployed networked systems rather than a handful chosen a priori.
The project will develop and disseminate defensive analysis tools that will help programmers debug and correct entropy problems in their code before they ship it. It will produce cryptographic countermeasures and entropy-gathering subsystems that provide better security guarantees than existing systems, reducing the impact of those entropy failures that do slip through.
The result will be a better understanding of entropy and more trustworthy systems, today and in the future.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Cryptography allows people to communicate privately and securely over the Internet. For cryptography to be effective, the communicating devices must be able to generate random numbers---flip coins---that an eavesdropper cannot predict. Computers are built to be deterministic, to produce the same result every time a calculation is run, so generating unpredictable random numbers is hard. Prior to our project, several widely deployed systems had been identified where flawed random number generators undermined the systems’ intended cryptographic security guarantees.
We carried out a comprehensive study of deployed cryptographic random number generators. How common are flawed generators? What effects do flaws have on system behavior? How did the flaws come to be deployed? And how can we improve development processes to avoid them? We sought to answer these questions through Internet-wide scanning studies and through reverse engineering of individual devices and software packages.
We found that deployed systems used by millions of users had deficiencies in their random number generation routines that would allow eavesdroppers to decrypt communications that were supposed to remain private. These systems included several that had been certified to comply with standards developed by NIST, the U.S. National Institute of Standards and Technology, even though certification to NIST standards is supposed to preclude such flaws, and is relied on by the Federal Government in its purchasing.
For one system analyzed by the project, the deficiencies we found appeared to be intentional—a “backdoor” that would allow whoever arranged to have it added to decrypt and snoop on so-called “virtual private network” (VPN) communication facilitated by the device. Our technical analysis led the device manufacturer to remove the backdoor. Our analysis also informed an ongoing policy conversation around “exceptional access,” or law-enforcement backdoors in communication systems.
The observations we made in this research have influenced a new line of research in the cryptographic theory community on protecting against backdoored random number generators.
The project’s findings have also spurred improvements in important open-source projects including the Linux kernel and the OpenSSL cryptographic library and have influenced the evolution of cryptographic standards including TLS 1.3, the new version of the TLS protocol that secures Web communications.
The project’s findings were disseminated in over two dozen peer-reviewed publications, several of which were recognized with a number of “best paper” awards and other honors.
The project has provided hands-on training for undergraduate and graduate students. During the project we also participated in many outreach activities for women and underrepresented minorities in computer science.
Last Modified: 04/16/2019
Modified by: Nadia Heninger
Please report errors in award information by writing to: awardsearch@nsf.gov.
