Grants Funded by the Center

PI
Current/Past Grants
 

Current Research Grants

Improved Algorithms for Generic Attacks on Cryptographic Hash Functions

PI: Keller N.

Cryptographic hash functions are one of the basic primitives in cryptography.

They are also used for numerous applications in cyber security, for example for signing messages, applications, and software updates. One of the main methods of comparison between strategies for designing hash functions is generic attacks. While usually non-practical, attacks of this type point at a structural weakness in a design strategy, and may make us prefer a more conservative (or just a different) design. Numerous generic attacks were presented in recent years. This research project aims at improving the existing algorithms for generic attacks on hash functions, and (more ambitiously) at devising new such algorithms.

Personal Information Management and Sharing

PI: Amsterdamer Y.

The distribution of personal data such as emails, photos, and social interactions over platforms of commercial vendors such as social networks, is of great current concern.

By giving up the management of personal data the users do not realize the full potential of the data that they generate: e.g., they cannot enforce certain policies and access control schemes on data they share with peers across multiple vendors. The goal of this research project is to develop a declarative, generic and robust framework that will allow users to jointly access and manage data they store in different platforms, and to easily share this data with others without compromising access control rights and data integrity.

Algebraic Lightweight Cryptography

PI: Tsaban B.

Present-day secure computation is mostly based on abelian mathematical structures and problems: Present-day secure computation is mostly based on abelian mathematical structures and problems: the discrete logarithm problem in finite cyclic groups (Diffie–Hellman), integer factorization (RSA), and more recently, lattice-based problems.

To reduce the dependence of cyber-security on a small number of problems, it is desirable to also have candidate problems of substantially different types. On the practical side, this would make it easier to tailor optimal implementations in constrained environments, such as RFID tags, that are more suitable for Internet of Things (IoT) applications.   Recently, some candidates for lightweight cryptographic primitives, based on nonabelian structures, begin to stand out as potentially secure. We will consider practical aspects of their security and efficiency.

Computing with Crypto-currency

PI: Moran T.

Crypto currencies, such as Bitcoin and Ethereum, are more than simply “decentralized digital cash”. One of their most interesting features is the ability to create “smart contracts”, that are enforced automatically by the decentralized system, as opposed to by a government or a court.  That is, crypto currencies allow us to combine computation with money, in new and exciting ways.

 

This research project aims to deepen our understanding of this interaction. On one hand, we will study the applications opened up by computing with existing crypto currencies (such as auctions with guaranteed fair execution and decentralized online games), looking at their complexity under various metrics, as well as searching for new applications.  On the other hand we will explore the underlying crypto currency protocols themselves, proposing extensions and alternative constructions that could improve the existing state of the art.

Past Research Grants

Attack Surface and Vulnerability Assessment.

PI: Geva M.

One of the key aspects in cyber security is the attack surface, which denotes the sum of the different “interfaces” (attack vectors) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment.

The research project strives to discover new methodologies and develop new tools to assess various vulnerabilities which exist in systems. In particular, our efforts are mostly focused on vulnerabilities in software, firmware and networking, using various tools, such as static and dynamic analysis, machine learning and natural language processing.  

Cyber Attack Attribution

PI: Geva M.

Malware attribution is the task of linking between a malware, or more precisely a cyber attack, to the threat actor who perpetrated the attack.

Naturally, one of the main goals of threat actors is to conceal their identities, making malware attribution process as difficult as possible. The research project aims at getting a deeper and wider understanding of existing attribution techniques, and developing new methods for performing a better and more accurate estimation of the link between the attack and the attacker, using advanced systems and machine learning techniques.