The research addresses the task of protecting large multi-user systems collecting and managing sensitive data, in which individual system components may be compromised by attacks. Typically, data confidentiality and integrity are ensured with the help of cryptographic tools, whose security relies on secrets, such as passwords and keys. However, in a hostile cyber-environment, these secrets themselves are subject to inevitable exposure. Thus, there is a need to ensure that leakage of secrets will have minimal negative effect: in other words, in order to secure the system, cryptography itself must be made fault-tolerant.
This need for cryptographic fault-tolerance is addressed through development and use of intrusion-resilient and tamper-evident techniques. Intrusion-resilient cryptography enables quick recovery from local security breaches. Tamper-evident cryptography provides externally detectable evidence of security breaches even when all the secrets are stolen by the attacker (and thus common cryptographic tools are rendered helpless).
The above techniques are applied to a specific system that collects and manages vast amounts of sensitive video data. Such systems have important potential benefits, from providing environments that assist the disabled to helping law enforcement. The research addresses serious privacy and security concerns that hamper their development and deployment.
