| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | May 4, 2018 |
| Latest Amendment Date: | March 4, 2022 |
| Award Number: | 1755539 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Phillip Regalia
pregalia@nsf.gov (703)292-2981 CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | May 1, 2018 |
| End Date: | April 30, 2023 (Estimated) |
| Total Intended Award Amount: | $174,469.00 |
| Total Awarded Amount to Date: | $174,469.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
874 TRADITIONS WAY TALLAHASSEE FL US 32306-0001 (850)644-5260 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
1017 Academic Way Tallahassee FL US 32306-4530 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | CRII CISE Research Initiation |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Many real-world cryptographic schemes are based on the provable-security paradigm, certifying their security via some proof. However, in several important settings, existing proofs for the in-use constructions give weak security bounds, even to the extent that these results are not meaningful. Moreover, many proofs in the literature are buggy, giving false confidence on the security of constructions which are in fact vulnerable. Even worse, practitioners may introduce seemingly harmless optimizations into a secure scheme, only to find out later that these optimizations completely undermine the security of these schemes. This project aims to partially address these issues from several fronts: (1) improving security guarantees of important applications, (2) weeding out insecure optimizations of real-world protocols by devising attacks, and (3) developing tools for automatic verification of cryptographic proofs.
This research aims to develop some message-recovery attacks on real-world format-preserving encryption schemes, which are widely used for encrypting credit-card numbers. The work targets some national standards as well as other constructions that are widely used. The research also studies how to provide meaningful provable security guarantees assuming that the discovered weaknesses are fixed properly. Furthermore, the research revisits the current approach for extracting high-quality randomness from random sources, with the goal to improve both security and efficiency. This is a fundamental problem in cryptography, as many cryptographic scenarios crucially rely on the use of randomness. Finally, the research investigates how to improve current methods of automatically verifying cryptographic proofs.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Many real-world cryptographic schemes are based on the provable-security paradigm, certifying their security via some proofs. However, in several important settings, existing proofs for the in-use constructions gives weak security bounds, even to the extent that these results are not meaningful. Moreover, many proofs in the literature are buggy, giving false confidence on the security of actually vulnerable constructions. Even worse, practitioners may introduce seemingly harmless optimizations into a secure scheme, only to find out later that they completely undermine the security. This project aims to partially address these issues by improving security guarantees of important applications, and weeding out insecure optimizations of real-world protocols by giving attacks.
Specifically, we gave several attacks on the NIST Format-Preserving Encryption standards FF1 and FF3; these schemes are widely used in practice to encrypt credit-card numbers and fields in legacy databases. Our attacks prompted NIST to revise those standards, and our papers were used extensively in ANSI meetings for discussing how to patch the FPE methods.
In addition, we analyzed the security of the nonce-randomization mechanism in TLS 1.3 protocol. Our work is used in RFC 9001 to prescribe its usage limits in QUIC and TLS, the protocols you use when you visit most websites, including Gmail, your bank, and Facebook.
We also gave the first security analysis of the NIST standard CTR-DRBG. This is the most popular random-number generator, and randomness is crucial for security of cryptographic protocols used by billions of people daily.
We also validated the design of the streaming encryption in Google's Tink library, and suggested better approaches to improve both security and speed. Tink is heavily used by many companies such as Google, Square, and Citadel, as well as hundreds of Google Cloud customers and Google Pay partners. Our work received an unsolicited gift from Google under their Patch Rewards Program. Our improved designs were already implemented and used by practitioners.
On the educational side, we revamped the material of the graduate crypto course at Florida State University to give students more hand-on experience in breaking weak crypto designs. We also added some fun, unorthodox applications of crypto such as (i) using a deck of cards to solve a dating problem, or (ii) re-enacting Sherlock Holmes’ code breaking in “The Adventure of the Dancing Men” via modern methods of cracking substitution ciphers. These activities dispel the myth that theory classes are boring, and inspire many students to develop an interest in the theory side of computer science. This course has now become a favorite for many students at Florida State University.
This project trained two Ph.D. students, one is in the final year of his Ph.D. study, and another now works as a postdoc at the Catholic University of Louvain.
Last Modified: 05/03/2023
Modified by: Viet Tung Hoang
Please report errors in award information by writing to: awardsearch@nsf.gov.
