Award Abstract # 1801492
SaTC: CORE: Medium: Collaborative: Theory and Practice of Cryptosystems Secure Against Subversion

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: NEW JERSEY INSTITUTE OF TECHNOLOGY
Initial Amendment Date: August 23, 2018
Latest Amendment Date: May 3, 2021
Award Number: 1801492
Award Instrument: Continuing Grant
Program Manager: Phillip Regalia
pregalia@nsf.gov  (703)292-2981
CNS  Division Of Computer and Network Systems
CSE  Directorate for Computer and Information Science and Engineering
Start Date: October 1, 2018
End Date: September 30, 2022 (Estimated)
Total Intended Award Amount: $299,969.00
Total Awarded Amount to Date: $299,969.00
Funds Obligated to Date: FY 2018 = $207,807.00
FY 2020 = $92,162.00
History of Investigator:
  • Chase Wu (Principal Investigator)
     chase.wu@njit.edu
  • Qiang Tang (Former Principal Investigator)
Recipient Sponsored Research Office: New Jersey Institute of Technology
 323 DR MARTIN LUTHER KING JR BLVD
 NEWARK
 NJ  US  07102-1824
(973)596-5275
Sponsor Congressional District: 10
Primary Place of Performance: New Jersey Institute of Technology
 GITC 4204, University Heights
 Newark
 NJ  US  07102-1982
Primary Place of Performance
Congressional District:		 10
Unique Entity Identifier (UEI): SGBMHQ7VXNH5
Parent UEI:
NSF Program(s): Secure &Trustworthy Cyberspace
Primary Program Source: 01001819DB NSF RESEARCH & RELATED ACTIVIT
01002021DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 025Z, 7434, 7924
Program Element Code(s): 806000
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

The discipline of cryptography provides the basic digital tools used across the globe to ensure data privacy and authenticity. With the broad deployment of these tools--often invisibly embedded in commercial software or hardware--an unconventional but devastating type of cyberattacks have emerged. These attacks involve deploying a cleverly subverted version of a cryptographic tool that appears to function normally, but in fact deliberately reduces security in a covert way that is known only to the subverting party. Such an attack can be carried out by the author of a software package, the manufacturer of a hardware device, or a third party who has contrived to interfere with the deployed product. Recent high-profile incidents of this kind have highlighted the threat associated with these attacks. This project is a comprehensive study of security in this setting, including development of formal models that permit rigorous reasoning about security, design and analysis of new cryptographic tools that resist subversion, and explicit recommendations for hardening the existing cryptographic tools in widespread use.

The project is organized into three main threads. The first focuses on establishing cryptographic security models that expand on classical cryptographic models to adequately reflect malicious subversion attacks: in general, these models call for the design of cryptographic tools to be explicitly coupled with specification of black-box testing procedures so that the combination can guarantee security despite subversion attacks. The second effort pursues development of fundamental cryptographic primitives that achieve security in these new models and application of these primitives as building blocks to construct larger systems and protocols that retain security despite subversion. Finally, to transition these theoretical tools to practice, the project undertakes a practical effort to re-architect existing infrastructural tools, such as the IPSec, SSH and TLS protocols, to harden them against subversion.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 11)
Chen, Long and Li, Yanan and Tang, Qiang "CCA Updatable Encryption Against Malicious Re-encryption Attacks" International Conference on the Theory and Application of Cryptology and Information Security , 2020 https://doi.org/10.1007/978-3-030-64840-4_20 Citation Details
Chen, Long and Li, Ya-Nan and Tang, Qiang and Yung, Moti "End-to-Same-End Encryption: Modularly Augmenting an App with an Efficient, Portable, and Blind Cloud Storage" 31st USENIX Security Symposium , 2022 Citation Details
Chow, Sherman S. and Russell, Sherman S. and Tang, Qiang and Yung, Moti and Zhao, Yongjun and Zhou, Hong-Sheng "Let a Non-barking Watchdog Bite: Cliptographic Signatures with an Offline Watchdog" IACR International Workshop on Public Key Cryptography (PKC 2019) , v.11442 , 2019 10.1007/978-3-030-17253-4_8 Citation Details
Feng, Hanwen and Tang, Qiang "Computational Robust (Fuzzy) Extractors for CRS-Dependent Sources with Minimal Min-entropy" Theory of Cryptography Conference , 2021 https://doi.org/10.1007/978-3-030-90453-1_24 Citation Details
Feng, Hanwen and Tang, Qiang "Witness Authenticating NIZKs and Applications" Annual International Cryptology Conference , 2021 https://doi.org/10.1007/978-3-030-84259-8_1 Citation Details
He, Songlin and Lu, Yuan and Tang, Qiang and Wang, Guiling and Wu, Chase "Fair Peer-to-Peer Content Delivery via Blockchain" European Symposium on Research in Computer Security , 2021 https://doi.org/10.1007/978-3-030-88418-5_17 Citation Details
He, Songlin and Lu, Yuan and Tang, Qiang and Wang, Guiling and Wu, Chase Qishi "Blockchain-Based P2P Content Delivery With Monetary Incentivization and Fairness Guarantee" IEEE Transactions on Parallel and Distributed Systems , 2022 https://doi.org/10.1109/TPDS.2022.3217036 Citation Details
He, Songlin and Tang, Qiang and Wu, Chase Qishi and Shen, Xuewen "Decentralizing IoT Management Systems Using Blockchain for Censorship Resistance" IEEE Transactions on Industrial Informatics , v.16 , 2020 10.1109/TII.2019.2939797 Citation Details
Kenney, E. and Tang, Q. and Wu, C. "Anonymous Traceback for End-to-End Encryption" European Symposium on Research in Computer Security , 2022 https://doi.org/10.1007/978-3-031-17146-8_3 Citation Details
Pang, Bo and Chen, Long and Fan, Xiong and Tang, Qiang "Multi-input Laconic Function Evaluation" Australasian Conference on Information Security and Privacy , 2020 https://doi.org/10.1007/978-3-030-55304-3_19 Citation Details
Russell, A. and Tang, Q. and Yung, M. and Zhou, HS. "Correcting Subverted Random Oracles" 38th Annual International Cryptology Conference , 2018 https://doi.org/10.1007/978-3-319-96881-0_9 Citation Details
(Showing: 1 - 10 of 11)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

This project aims to investigate new cryptographic methods and techniques to defend against subversion attacks. We conducted research to correct a potentially subverted hash function and developed a theory of correcting subverted random oracles and a concept of crooked-indifferentiability, which is used as a technical tool to build a subversion resistant digital signature scheme. We also explored other techniques via decentralization and key rotation to deal with potential security breach in different settings.

Regarding intellectual merits, the project led to more than a dozen of publications in cryptography and blockchain, most of which appeared in top security/crypto/blockchain venues. The project also supported several Ph.D. students including Erin Kenney and Yanan Li. Besides the new lines of research initiated for correcting idealized objects, a new type of zero-knowledge proof and others as mentioned above, we also solved some major open problems, including the one in robust randomness extractor and the integrity issue in updatable encryption for secure key rotation. 

Regarding broader impacts, we designed new courses on the topic of cryptography, blockchain, and cybersecurity that integrate part of the research results into the curriculum at both the undergraduate and graduate levels at NJIT. We disseminated some of our research results in wider communities including DC Area Crypto Day, and open-sourced several of our research outputs for a general use of end to same end encryption to the public so people can build their own secure storage backend for any App they wish. The project embraced diversity by partially supporting two female Ph.D. students from under-represented groups, including one transgender. 

This project laid down a solid foundation for subversion resistant cryptography, expanded the horizon of introducing blockchain to the design of decentralized systems to prevent censorship and others in content delivery, and improved the state of the arts of practical systems including end-to-end messaging and secure storage. The project also delivered a set of tools available for the public, and materials for education, training, and undergraduate student research.


Last Modified: 12/13/2022
Modified by: Chase Q Wu

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page

Top