WPI Research is the research magazine of Worcester Polytechnic Institute. It contains news and features about graduate research in the arts and sciences, business, and engineering, along with notes about new grants, books, and faculty achievements.
Issue link: http://wpiresearch.epubxp.com/i/229254
WPI's new Cybersecurity Program draws together experts from computer science, electrical and computer engineering, mathematical sciences, and the social sciences to find new and innovative approaches to protecting digital data — approaches that take the human factor into account in one way or another. platform modules (TPMs) that are installed in many desktop and notebook computers. But what about all of the chips that live in the smartphones and smart cards that, increasingly, are being used to access bank account information, make purchases, and provide proof of identity? While some of those chips employ cryptographic protections like digital signatures, which rely on both public and private keys, they are far from bulletproof. The cryptographic algorithms currently in use, for example, use the same private keys over and over again. By monitoring the electromagnetic emissions from the chips that process those keys, a clever attacker could, over time, collect enough information to crack the private key. "It's always a trade-off between cost and security," says Eisenbarth, who explains that cryptographic enhancements can increase CPU usage, power consumption, and even chip size. That may be so. But the need for better, cheaper, and less burdensome security measures will only increase. And Eisenbarth and his colleagues in the Cybersecurity Program will continue to help fnd them, using all the means at their disposal. Re Building elusive keys According to Thomas Eisenbarth, assistant professor of electrical and computer engineering, there are two ways to fend off such attacks: develop countermeasures to protect the standard cryptographic algorithms; or come up with entirely new algorithms that are less vulnerable in the frst place. Having already investigated the former approach, Eisenbarth is currently working on the latter in his own laboratory and in the Vernam Lab, a new partnership between Eisenbarth and fellow ECE cybersecurity researchers Berk Sunar and Lifeng Lai, and William Martin, professor of mathematical sciences (the lab is named for Gilbert Vernam, WPI Class of 1914, who discovered the only unbreakable encryption algorithm). In a forthcoming paper, Eisenbarth and his collaborators investigate key evolving cryptosystems: algorithms whose private keys change over time, making them more resilient to attack. Such systems have existed in theory for some time, but the trick is to implement them so that they will work in small, low-power devices. And researchers don't yet know what would be less costly, and therefore more viable: equipping the old algorithms with fresh countermeasures, or replacing those algorithms altogether with new and improved ones. > Thomas Eisenbarth, assistant professor of electrical and computer engineering, develops key evolving cryptographic algorithms that will make small networked devices more secure. Worcester Polytechnic Institute > 41