October 15, 2013: Congratulations to UIC Computer Science Research Prof. Dan Bernstein, who recently received an NSF award letter for a 4-year grant for $258,984 entitled "TWC: Option: Medium: Collaborative: Authenticated Ciphers."

Congratulations to UIC Computer Science Research Professor Dan Bernstein, who recently received an NSF award letter for a 4-year grant for $258,984 entitled "TWC: Option: Medium: Collaborative: Authenticated Ciphers."

This is, as the "Collaborative" in the title indicates, part of a multi-institution award, totaling $1.13 Million. Dan is the project coordinator. The other institutions and their PIs are: the other Phillip Rogaway at UC Davis, Ted Krovetz at CSUS, Kris Gaj and Jens-Peter Kaps at GMU.

Abstract:

OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.

It is easy to blame many of these security problems on a lack of education: much stronger authenticated ciphers have been in the literature for many years. However, in many cases these stronger authenticated ciphers fail to meet the performance requirements of the applications. Performance is exactly the motivation for RC4 in WEP; EAXprime in the "Smart Grid"; HB in RFID; and "IPsec" continuing to support unauthenticated encryption.

This project is building a new generation of authenticated ciphers that improve efficiency without compromising security and that improve security without compromising efficiency. This work spans seven main topics: more efficient ciphers; more efficient MACs; more efficient forgery rejection; improved protection against side channels; improved protection against misuse and bad luck; improved quantitative security; and improved security proofs. The ultimate objective is to obtain the best possible security subject to a variety of performance constraints specified by cryptographic users.

The high-security high-performance authenticated ciphers produced in this project will be directly and straightforwardly usable in cryptographic applications, avoiding the disasters in current applications and finally bringing secure secret-key cryptography from theory to practice.











































 
Copyright 2016 The Board of Trustees
of the University of Illinois.webmaster@cs.uic.edu
WISEST
Helping Women Faculty Advance
Funded by NSF