Saturday, September 24 , 2016, 3:14 pm | Fair 82º

  • Follow Noozhawk on LinkedIn
  • Follow Noozhawk on Pinterest
  • Follow Noozhawk on YouTube
 
 
 
 

UCSB Cryptologists Using $500,000 from NSF to Study Encryption Algorithms Both Efficient and Secure

In the era of Internet and social media, where much of our communication happens online, it’s easy to take our privacy for granted and to trust that the messages we send and transactions we perform are kept unreadable to prying eyes.

But according to UC Santa Barbara cryptologist Stefano Tessaro, even the most widely used standardized cryptographic algorithm, the Advanced Encryption Standard (AES), could be only a break-in away from being catastrophically compromised.

“Security is not proven,” he said. “Researchers have tried to break AES with known attacks and failed so far, and thus assume that no attack will be found."

In addition, standardization is a double-edged sword. An algorithm that gets recognized by an authority like the National Institute of Standards and Technology will be put into wide use, even embedded into chips that are built into computers.

“It’s great for efficiency and reliability,” he said, “but if there’s a successful attack, the vast majority of the world’s electronic communications will suddenly be vulnerable to decryption and hacking.”

There are, in principle, cryptographic algorithms that can be proved to be secure, Tessaro said, and their security can be demonstrated mathematically. However, the cost of security is speed, and the most protective algorithm is usually not the fastest. Since the algorithms have to run a multitude of times per second to encrypt even the smallest bit of electronic communication, the focus has been on those that are designed with speed in mind.

Funded by a $500,000 grant from the National Science Foundation’s Secure and Trustworthy Cyberspace program, Tessaro and his team hope to stay ahead of the curve by studying what it would take to close the gap between the algorithms researchers know to be secure and the level of service (i.e. speed) Internet users have come to expect.

“The work involves laying down a solid theoretical framework for the development of basic encryption algorithms that are both efficient and provably secure,” Tessaro said.

The researchers will examine some of the most fundamental issues of cryptography, such as privacy and integrity of information. They will also study block ciphers, widely used algorithms for encrypting large amounts of information.

“These are very simple encryption algorithms,” Tessaro said. “They are fast but are not as strong as the fully secure encryption algorithms we would want them to be.”

The project involves determining ways to build stronger block ciphers, based on guidelines to be developed by Tessaro and his group.

Though mostly theoretical, the outcome should have very real impacts on the world of electronic communications. The results of the study would be disseminated to the institutions, communities and other entities involved in electronic cryptography in the hopes that the next wave of standardizations will take the new framework into account. NIST is expected to hold competitions to replace encryption standards in the forseeable future, according to Tessaro. While the project is concerned mainly with developing the new, more secure encryption framework from which multiple cryptographic algorithms may be developed, one potential outcome is also that the group might develop its own algorithm as a candidate for standardization.

“The main point related to the grant is simply that there is a gap between cryptography satisfying the real world efficiency requirements — without provable security — and the algorithms that academics develop — with provable security — which are considered unpractical by system designers,” he said.

Reader Comments

Noozhawk's intent is not to limit the discussion of our stories but to elevate it. Comments should be relevant and must be free of profanity and abusive language and attacks.

By posting on Noozhawk, you:

» Agree to be respectful. Noozhawk encourages intelligent and impassioned discussion and debate, but now has a zero-tolerance policy for those who cannot express their opinions in a civil manner.

» Agree not to use Noozhawk’s forums for personal attacks. This includes any sort of personal attack — including, but not limited to, the people in our stories, the journalists who create these stories, fellow readers who comment on our stories, or anyone else in our community.

» Agree not to post on Noozhawk any comments that can be construed as libelous, defamatory, obscene, profane, vulgar, harmful, threatening, tortious, harassing, abusive, hateful, sexist, racially or ethnically objectionable, or that are invasive of another’s privacy.

» Agree not to post in a manner than emulates, purports or pretends to be someone else. Under no circumstances are readers posting to Noozhawk to knowingly use the name or identity of another person, whether that is another reader on this site, a public figure, celebrity, elected official or fictitious character. This also means readers will not knowingly give out any personal information of other members of these forums.

» Agree not to solicit others. You agree you will not use Noozhawk’s forums to solicit and/or advertise for personal blogs and websites, without Noozhawk’s express written approval.

Noozhawk’s management and editors, in our sole discretion, retain the right to remove individual posts or to revoke the access privileges of anyone who we believe has violated any of these terms or any other term of this agreement; however, we are under no obligation to do so.

Support Noozhawk Today

You are an important ally in our mission to deliver clear, objective, high-quality professional news reporting for Santa Barbara, Goleta and the rest of Santa Barbara County. Join the Hawks Club today to help keep Noozhawk soaring.

We offer four membership levels: $5 a month, $10 a month, $25 a month or $1 a week. Payments can be made through PayPal below, or click here for information on recurring credit-card payments.

Thank you for your vital support.



Daily Noozhawk

Subscribe to Noozhawk's A.M. Report, our free e-Bulletin sent out every day at 4:15 a.m. with Noozhawk's top stories, hand-picked by the editors.

Sign Up Now >