Award Abstract # 1651344
CAREER: Cryptographic Security at Internet Scale

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: TRUSTEES OF THE UNIVERSITY OF PENNSYLVANIA, THE
Initial Amendment Date: March 21, 2017
Latest Amendment Date: July 28, 2020
Award Number: 1651344
Award Instrument: Continuing Grant
Program Manager: Nina Amla
namla@nsf.gov  (703)292-7991
CNS  Division Of Computer and Network Systems
CSE  Directorate for Computer and Information Science and Engineering
Start Date: July 1, 2017
End Date: October 31, 2020 (Estimated)
Total Intended Award Amount: $450,000.00
Total Awarded Amount to Date: $423,413.00
Funds Obligated to Date: FY 2017 = $106,754.00
FY 2018 = $17,360.00
FY 2019 = $0.00
FY 2020 = $0.00
History of Investigator:
  • Nadia Heninger (Principal Investigator)
     nadiah@cs.ucsd.edu
Recipient Sponsored Research Office: University of Pennsylvania
 3451 WALNUT ST STE 440A
 PHILADELPHIA
 PA  US  19104-6205
(215)898-7293
Sponsor Congressional District: 03
Primary Place of Performance: University of Pennsylvania
 3451 Walnut Street
 Philadelphia
 PA  US  19104-6205
Primary Place of Performance
Congressional District:		 03
Unique Entity Identifier (UEI): GM1XX56LEP58
Parent UEI: GM1XX56LEP58
NSF Program(s): Secure &Trustworthy Cyberspace
Primary Program Source: 01001718DB NSF RESEARCH & RELATED ACTIVIT
01001819DB NSF RESEARCH & RELATED ACTIVIT
01001920DB NSF RESEARCH & RELATED ACTIVIT
01002021DB NSF RESEARCH & RELATED ACTIVIT
01002122DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 025Z, 1045, 7434, 9102
Program Element Code(s): 806000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Cryptography is a cornerstone of modern computer security and is ubiquitous on the computer systems we depend on daily. However, there is a significant gap between the theoretical guarantees provided by formalized security models, and the reality present in deployed systems today. The central research goals of this project are to perform an empirical study of cryptographic deployments on a global scale and to develop a framework for experimental cryptographic security research. This project develops and disseminates tools for measuring cryptographic security, and will result in increased security for cryptographic software and hardware in real use by detecting and eliminating flaws. Results are published for the academic community as well as popularized for nonacademic and industry audiences and incorporated into course materials.

The project yields fundamental new insights and deepens the understanding of cryptographic deployments in the real world. The main activities include the refinement of existing methods and development of new tools for collecting and processing large-scale cryptographic datasets. The research also investigates the development of efficient algorithmic tools for real-time cryptographic anomaly detection, improved methodology for tracing vulnerabilities to implementations, advancements in the state of high-performance computing for cryptanalysis, and the development of more precise security models and requirements for cryptographic systems.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

Boudot, Fabrice and Gaudry, Pierrick and Guillevic, Aurore and Heninger, Nadia and Thomé, Emmanuel and Zimmermann, Paul "Comparing the Difficulty of Factorization and Discrete Logarithm: A 240-Digit Experiment" CRYPTO 2020: Advances in Cryptology CRYPTO 2020 , 2020 https://doi.org/10.1007/978-3-030-56880-1_3 Citation Details
Breitner, Joachim and Heninger, Nadia "Biased Nonce Sense: Lattice Attacks Against Weak ECDSA Signatures in Cryptocurrencies" FC 2019: Financial Cryptography and Data Security , 2019 10.1007/978-3-030-32101-7_1 Citation Details
Cohney, Shaanan N. and Green, Matthew D. and Heninger, Nadia "Practical State Recovery Attacks against Legacy RNG Implementations" CCS '18 Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security , v.2018 , 2018 https://doi.org/10.1145/3243734.3243756 Citation Details
Dall, Fergus and De Micheli, Gabrielle and Eisenbarth, Thomas and Genkin, Daniel and Heninger, Nadia and Moghimi, Ahmad and Yarom, Yuval "CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks" IACR Transactions on Cryptographic Hardware and Embedded Systems , v.2018 , 2018 http://dx.doi.org/10.13154/tches.v2018.i2.171-191 Citation Details
Hastings, Marcella and Heninger, Nadia and Wustrow, Eric "Short Paper: The Proof is in the Pudding: Proofs of Work for Solving Discrete Logarithms" FC 2019: Financial Cryptography and Data Security , 2019 10.1007/978-3-030-32101-7_24 Citation Details
Moghimi, Daniel and Sunar, Berk and Eisenbarth, Thomas and Heninger, Nadia "TPM-Fail:TPM meets Timing and Lattice Attacks" 29th USENIX Security Symposium (USENIX Security 20) , 2020 Citation Details
Valenta, Luke and Sullivan, Nick and Sanso, Antonio and Heninger, Nadia "In search of CurveSwap: Measuring elliptic curve implementations in the wild" IEEE European Symposium on Security and Privacy , v.3 , 2018 Citation Details

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page

Top