PostDoctoral Research Fellowship
The intellectual merit of this work includes the discovery of widespread entropy-related vulnerabilities in HTTPS and SSH. This has resulted in several further papers examining cryptographic entropy subsystems of other types, and foundational work to improve the security of cryptographic schemes in the face of these types of failures. Other work funded under this fellowship includes algorithmic advances for solving the approximate common divisor problem, a problem that arises in the cryptanalysis of RSA, the construction of fully homomorphic cryptography, and in the constructions of efficient error-correcting codes; applications of these techniques to construct an optimal private information retrieval scheme; and networking methods for improving the performance of the Tor anonymity network. The broader impacts of this work include increased security for some of the most commonly used software on the Internet, and an increased awareness among practitioners of these types of failures. We contacted over sixty companies to report vulnerabilities in millions of devices and worked closely with many of these companies during their internal investigation processes. The vulnerabilities we reported have so far resulted in six publicly available security advisories, several of them released in coordination with the US Industrial Control Systems CERT, and an update to the Linux kernel.
