DIMACS and IEEE Working Group on Efficient and Scalable Cyber-security using Algorithms Protected by Electricity (ESCAPE)

June 10 - 11, 2015
Carnegie Mellon University, Pittsburgh, PA, USA

Kurt Rohloff, NJIT, rohloff at njit.edu
Greg Shannon, CMU, shannon at cert.org
W. Konrad Vesey, Elkridge Security, konrad at elkridgesecurity.com
Presented under the auspices of the Special Focus on Cybersecurity, the Special Focus on Energy and Algorithms, and co-sponsored by the IEEE Cybersecurity Initiative.
Working Group Announcement

The best cyber technologies provide strong guarantees on security and privacy properties and require substantial computation to establish a property or to break a property. For example, system verification techniques require exhaustive or deep searches in very large state spaces, and encryption technologies are built around computational hardness assumptions for brute-force decryption. This principle of substantial computation for security and privacy applies even in operational settings such as finding vulnerabilities and data leaks in open-source software or detecting zero-day exploits by analyzing data from an enterprise's host and network monitors.

Although computational capability is important, limitations of other resources, such as memory, electrical power, bandwidth, etc. also impact our ability to provide cyber security. For example, non-computational resources such as memory, bandwidth and electrical power limitations also provide protection against compromising encryption-based technologies in distributed environments, such as for Secure Multi-party Computation (SMC) and signature systems. Additionally, because verification of system-level properties is computationally intensive, requiring the use of high-performance computation, this invoking similarly imposes resource constraints on the ability to give "proofs" of system security.

Recent improvements in security and privacy algorithms have resulted in "orders of magnitude" reductions in the computation required to ensure properties; similar results exist for more efficient methods to compromise security and privacy properties. While computational efficiency is required, evidence suggests that energy is the fundamental limitation in practical large-scale computations, especially where the computations need to be completed in a reasonable amount of time (for a fixed-rate of computation). 1

Finding: With power, space, and cooling as forcing functions, computational power efficiency will become ever more important. Application-specific solutions, on which the IC has historically relied for a leg up, will be even more important for the computationally hard problems of the future. Maximum efficiencies will come from the right choice of computational style and platform.

Of particular interest is energy that dominates costs in large computations. Some parallel algorithms might be very poor at non-computational resource allocation due to data movement and communications. Open questions include whether considering non-computational resources change the balance of security enough to justify traditional security assumptions or, are additional investments in energy efficient computation justified for verifying cyber-security?

This workshop will consider these problems and tradeoffs from a system design point of view. We will also consider whether energy-optimization techniques create side channels or limit verification of cyber-security and -privacy. Previous DIMACS workshops have shown that computation on meta-data can reveal sensitive information. From a hardware/infrastructure perspective, many of field-deployable lower-level energy efficiency techniques make a floating point assumption (like on GPU's or even some HDL designs). Even for massive Hadoop/MapReduce-focused datacenters, there's a comparable assumption that not all bits need to be accounted for, because "real" data is messy. Again, this doesn't hold for crypto and cryptanalysis. The goal of this workshop is to consider how the results from these two communities can be combined and extended to create energy-efficient algorithms that enable cyber security and privacy theoretically, algorithmically, and practically.


1. L.Joneckis, D.Koester, J.Alspector. "An Initial Look at Alternative Computing Technologies for the Intelligence Community." www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA610103.
Next: Call for Participation
Workshop Index
DIMACS Homepage
Contacting the Center
Document last modified on May 15, 2015.