A Unifying Framework For Theoretical and Empirical Analysis of Secure Communication Protocols

(logo)

Overview

Many networking protocols have been designed without security in mind, and many cryptographic schemes have been designed without practical deployments in mind. Moreover, most of security-enhanced communication protocols still lack the provable-security treatment and hence the security guarantees. This project aims at bridging the gap between protocol design, implementation, deployment, and security guarantees by developing a novel general security framework that facilitates the provable-security analyses of practical networking protocols. The project has an interdisciplinary approach as it combines concepts from applied cryptography and algorithms with implementation and empirical analyses to provide a unifying framework for studying and developing secure communication protocols. This joint design effort yields both new cryptographic foundations and fundamentally secure networking protocols.

Publications

    Conferences

    Analyzing Operational Behavior of Stateful Protocol Implementations for Detecting Semantic Bugs. Endadul Hoque, Omar Chowdhury, Sze Yiu Chau, Cristina Nita-Rotaru, Ninghui Li. DSN 2017, June 2017.
    SymCerts: Practical Symbolic Execution For Exposing  Noncompliance in X.509 Certificate Validation Implementations Sze Yiu Chau, Omar Chowdhury,  Endadul Hoque, Huangyi Ge, Aniket Kate,  Cristina Nita-Rotaru, Ninghui Li. IEEE Security and Privacy, May 2017.
    How Secure and Quick is QUIC? Provable Security and Performance Analyses Robert Lychev, Samuel Jero, Alexandra Boldyreva, and Cristina Nita-Rotaru. 36th IEEE Symposium on Security and Privacy (Oakland), May 2015. [PDF] [BIBTEX] [VIDEO]
        Awarded the 2016 IETF/IRTF Applied Networking Research Prize
    Detecting specification noncompliance in network protocol implementations, E. Hoque, O. Chowdhury, S. Y. Chau, C. Nita-Rotaru, and N. Li. Poster in USENIX Annual Technical Conference (ATC'16). USENIX Association, 2016.
    QUIC: Performance and Security at the Transport Layer, S. Jero. IETF Journal, Nov. 2016. [WWW]

    Journals

    Toward a Taxonomy and Attacker Model for Secure Routing Protocols. E. Hoque, H. Lee, R. Potharaju, C. Killian. and C. Nita-Rotaru. M. Hollick, C. Nita-Rotaru, P. Papadimitratos, A. Perrig, In ACM SIGCOMM Computer Communication Review, Volume 47 Issue 1, January 2017.

    Presentations

  • On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru, Boston University, March 2016.
  • On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru, MIT, Oct. 2015.
  • On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru, Columbia University, Oct. 2015.
  • On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru, ETH Zurich, July 2015.

Students

    Current Members

    • Endadul Hoque, Northeastern University
    • Samuel Jero, Purdue University
    • Arash Molavi Kakhki, Northeastern University

Previous collaborators and members

  • Robert Lychev, PhD Georgia Institute of Technology 2015, MIT Lincoln Labs.

Funding

This project is funded by NSF SaTC grant 1421815-CNS. Principal Investigator: Cristina Nita-Rotaru (Purdue University) This is a collaboration with Alexandra Boldyreva, Georgia Institute of Technology.