Material Type  

 학위논문

 

0017162713

Date and Time of Latest Transaction  

20250211152045

ISBN  

9798384448426

DDC  

004

Author  

Dauterman, Emma.

Title/Author  

Secure Systems From Insecure Components.

Publish Info  

[S.l.] : University of California, Berkeley., 2024

Publish Info  

Ann Arbor : ProQuest Dissertations & Theses, 2024

Material Info  

271 p.

General Note  

Source: Dissertations Abstracts International, Volume: 86-03, Section: B.

General Note  

Advisor: Popa, Raluca Ada;Stoica, Ion.

학위논문주기  

Thesis (Ph.D.)--University of California, Berkeley, 2024.

Abstracts/Etc  

요약In many computer systems today, an attacker that compromises just one system component can steal many users' data. Unfortunately, past experience shows that attackers are very effective at compromising system components, whether by exploiting some software vulnerability, compromising hardware, or launching a phishing attack.In this thesis, we show how to build systems that provide strong security and privacy properties even if the individual components are insecure. This way, even if an attacker compromises any single component in the system, it cannot compromise user security and privacy. While this property is possible to achieve in theory using general-purpose cryptographic techniques, the challenge is to instantiate it efficiently in practice. The key idea is to co-design the system with the cryptography to reduce costs.We examined two core aspects of this problem: hiding queries and securing accounts. Users who store their data encrypted at servers still need to query their data. We built systems that provide both strong privacy guarantees and good concrete efficiency for keyword search (DORY), time-series analytics queries (Waldo), and object stores (Snoopy). Users also need to protect their accounts in the event of client device loss or compromise, but also in the event of service provider compromise. We built an encrypted backup system that relies on secure hardware without fully trusting it (SafetyPin) and a service that records every authentication without learning private information (larch).The Signal end-to-end encrypted messaging application uses some of the techniques in Snoopy to scale its private contact discovery service, which privately matches user contacts to Signal users.

Subject Added Entry-Topical Term  

Computer science.

Subject Added Entry-Topical Term  

Computer engineering.

Subject Added Entry-Topical Term  

Information technology.

Index Term-Uncontrolled  

Phishing attack

Index Term-Uncontrolled  

Cryptographic techniques

Index Term-Uncontrolled  

Signal users

Index Term-Uncontrolled  

Object stores

Index Term-Uncontrolled  

DORY

Added Entry-Corporate Name  

University of California, Berkeley Computer Science

Host Item Entry  

Dissertations Abstracts International. 86-03B.

Electronic Location and Access  

로그인을 한후 보실 수 있는 자료입니다.

Control Number  

joongbu:656357