Abstract: An oblivious distributed file system is provided using an oblivious random access machine (ORAM), including an ORAM balanced tree structure, where each node in the tree is configured to store data blocks, the structure including at least two shares. The system also includes at least two ORAM servers, each of the servers configured to communicate with a client ORAM device, and programmed to facilitate storage of a different subset of the shares of the tree structure using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure, including a retrieval phase and an eviction phase. In the retrieval phase, the servers utilize an authenticated Private Information Retrieval (PIR) protocol to retrieve data blocks as requested from the client ORAM device. In the eviction phase, the servers utilize a linear secret sharing scheme.

Abstract: A system includes memory, a processor in communication with the memory. The processor is programmed to define a fingerprint that includes a baseline measurement of a physical attribute of at least a separate processor during an enrollment period of the system, wherein the enrollment period includes measuring the physical attribute of the processor prior to runtime operation, receiving a runtime measurement from a sensor regarding the physical attribute of at least the separate processor during runtime, comparing the runtime measurement of the physical attribute to the fingerprint, and outputting a multi-dimensional domain image in response to the runtime measurement.

Abstract: A star topology network comprises a user device, a central gateway, and one or more sensor nodes added to the existing network. A communication between the user device and the central gateway is secured either based on public-key cryptography, symmetric-key cryptography, or by the use of a secure channel such as a wired communication. A request from the user device to the central gateway can be transmitted over the internet.

Abstract: A method and system for authenticating a device is disclosed. The method includes the steps of: receiving a helper bit string and a first MAC; measuring a first response bit string of a physical unclonable function of the device with respect to a challenge bit string; subtracting the first response bit string from the helper bit string; decoding a result of the subtraction using a uniformly distributed random matrix, the shared secret bit string being provided from the decoding if the helper bit string was encoded using a previously measured second response bit string that is within a threshold level of similarity to the first response bit string, the decoding outputting an error value otherwise; determining a second MAC based on the shared secret bit string, the uniformly distributed random matrix, and the helper bit string; and determining whether the second MAC matches the first MAC.

Abstract: An electronic control unit (ECU) includes a processor, a Controller Area Network (CAN) controller, clock gating logic, and security gating logic. The CAN controller having a status and configured to receive data and control signals from the processor, and a clock signal, package the data to create a CAN protocol frame held in at least one transmit buffer, and shift the CAN protocol frame to a CAN transceiver that is configured to transmit the CAN protocol frame to a CAN bus. The clock gating logic may be configured to selectively disable a clock signal to the CAN controller based on a control signal from the processor. The security gating logic configured to, in response to the status of the CAN controller being active, inhibit disabling the clock signal.

Abstract: A method for implementing a secure multiparty computation protocol between a plurality of parties for a multiparty computation includes performing an offline phase of an SPDZ protocol for each of the parties participating in the multiparty computation. A secret share redistribution phase is then performed wherein the secret shares of the parties are redistributed to a subset of the parties. A secret share recombination phase is performed during which the subset of the parties recombines the redistributed secret shares to recover the secret shares of the parties not in the subset. An online phase of the SPDZ protocol is then performed during which the function is computed with respect to the private inputs of the parties and using the secret shares of all the parties.

Abstract: Training of a model is performed to minimize expected loss under noise (ELUN) while maintaining differential privacy. Noise is added to weights of a machine learning model as random samples drawn from a noise distribution, the noise being added in accordance with a privacy budget. The ELUN is minimized by using a loss function that anticipates noise added to the weights of the machine learning model, to find a point in the parameter space for which loss is robust to the noise in the weights. The addition of noise and the minimization of the ELUN are iterated until the weights converge and optimization constraints are satisfied. The model is utilized on arbitrary inputs while protecting the privacy of training data used to train the model.

Abstract: A method and system for authenticating a first device is disclosed. The method includes the steps of: measuring a first response bit string of a physical unclonable function of the first device with respect to a challenge bit string, the physical unclonable function being provided by one of the processor of the first device and a further physical component of the first device; deriving a shared secret bit string from a uniformly distributed random vector; encoding a helper bit string by multiplying a uniformly distributed random matrix with the uniformly distributed random vector and adding the first response bit string to a result of the multiplication; and transmitting the helper bit string to a second device that is remote from the first device.

Abstract: A method for authenticating a first device is disclosed. In one embodiment, the method includes the steps of: receiving a helper bit string from a second device that is remote from the first device; measuring a first response bit string of a physical unclonable function of the first device with respect to a challenge bit string; subtracting the first response bit string from the helper bit string; reconstructing a random matrix using a pseudo-random number generator initialized with a seed; and decoding a result of the subtraction using the random matrix, the shared secret bit string being provided from the decoding if the helper bit string was encoded using a previously measured second response bit string that is within a threshold level of similarity to the first response bit string, the decoding outputting an error value otherwise.

Abstract: An oblivious encrypted search and update method includes transmitting encrypted search queries and encrypted file update requests from a trusted client to at least two different untrusted servers, receiving encrypted search entries and encrypted file entries from the untrusted servers, and decrypting the encrypted search entries and encrypted file entries with the trusted client. The trusted client re-encrypts the decrypted entries and transmits re-encrypted entries that were received from a first untrusted server to a second untrusted server and vice versa to provide obliviousness for encrypted keyword searches and encrypted file updates from the trusted client.

Abstract: Instruction classification and software intrusion detection is performed. Program instruction execution of a processor of a microcontroller unit (MCU) is monitored via side-channel signal analysis, the monitoring including capturing a signal trace of a physical property of the MCU that leaks information correlated with the program instruction execution of the MCU, the signal trace indicating a value of the physical property over time. From the signal trace, time domain features, frequency domain features, and Mel Frequency Cepstral Coefficients (MFCC) features are extracted. A model is utilized for instruction detection to identify an execution signature based on the time domain features, frequency domain features, and MFCC features. The execution signature is compared to one or more reference instruction signatures. A remedial action is performed responsive to the execution signature failing to match to the one or more reference instruction signatures.

Abstract: A method for operating an aggregator in an electronic commerce system includes receiving ciphertexts and signatures transmitted from multiple clients, each ciphertext encrypting noisy plaintext data of a category of information for a user that purchased a product, generating sums of the ciphertexts and the signatures, verifying the sum of the ciphertexts with a homomorphic signature system based on the sum of the signatures and homomorphic verification data, decrypting the sum of the ciphertexts in a private stream aggregation (PSA) process based on homomorphic decryption data to generate a sum of noisy plaintext data in response to a success of the verification, and identifying aggregate statistical information transmitted from the clients based on the sum of noisy plaintext data while preserving differential privacy of the clients.

Abstract: A system includes a memory and a processor in communication with the memory. The processor is programmed to receive a runtime measurement from a sensor regarding the physical attribute of at least the separate processor during runtime; compare the runtime measurement of the physical attribute to a fingerprint that includes a baseline measurement of a physical attribute of at least a separate processor during an evaluation period of the system, and in response to the measurement exceeding a threshold, executing a countermeasure operation against software ran by the separate processor.

Abstract: An electronic control unit (ECU) includes a processor, a Controller Area Network (CAN) controller, clock gating logic, and security gating logic. The CAN controller having a status and configured to receive data and control signals from the processor, and a clock signal, package the data to create a CAN protocol frame held in at least one transmit buffer, and shift the CAN protocol frame to a CAN transceiver that is configured to transmit the CAN protocol frame to a CAN bus. The clock gating logic may be configured to selectively disable a clock signal to the CAN controller based on a control signal from the processor. The security gating logic configured to, in response to the status of the CAN controller being active, inhibit disabling the clock signal.

Abstract: An oblivious distributed file system is provided using an oblivious random access machine (ORAM), including an ORAM balanced tree structure, where each node in the tree is configured to store data blocks, the structure including at least two shares. The system also includes at least two ORAM servers, each of the servers configured to communicate with a client ORAM device, and programmed to facilitate storage of a different subset of the shares of the tree structure using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure, including a retrieval phase and an eviction phase. In the retrieval phase, the servers utilize an authenticated Private Information Retrieval (PIR) protocol to retrieve data blocks as requested from the client ORAM device. In the eviction phase, the servers utilize a linear secret sharing scheme.

Abstract: A method of operating at least one node in a communication network that uses a shared communication medium has been developed. The method includes adjusting, with a controller in a first node, a resistance of a first potentiometer in the first node to a first resistance level that the controller in the first node determines randomly, the first potentiometer in the first node being connected to an output of a transceiver in the first node and to a shared communication medium, and transmitting, with the transceiver in the first node, a first data bit through the output that is connected to the shared communication medium with the first potentiometer producing the first resistance level.

Abstract: A computer system for performing control of an electronic control unit (ECU) having a processor for executing computer-readable instructions and a memory for maintaining the computer-executable instructions, the computer-executable instructions when executed by the processor perform the following functions by a processor. The functions include configuring a communication controller to while operating in a secure mode, transiting to an unsecure mode, executing a program in the unsecure mode that utilizes the communication controller; and in response to detecting a clock off request while a transmit buffer of the communication controller is not empty, inhibiting the clock off request until the transmit buffer is empty.

Abstract: A method for network-connected tool operation with user anonymity includes generating a first cryptographic key that is stored in a memory in the power tool, generating a first encrypted serial number for the power tool based on an output of an encryption function using the first cryptographic key applied to a non-encrypted serial number for the power tool stored in the memory, and generating usage data based on data received from at least one sensor in the power tool during operation of the power tool. The method further includes transmitting the usage data in association only with the first encrypted serial number from the power tool to a maintenance system to enable usage data collection that prevents identification of the power tool as being associated with the usage data.

Abstract: A method for shared secret agreement with forward secrecy includes generating a first plurality of bits of data using a cryptographically secure pseudo-random number generator applied to a node seed value and at least one index value, transmitting the first plurality of bits of data through a shared communication medium simultaneously to transmission of a second plurality of bits of data from a second node, identifying shared secret data with the second node using a portion of the first plurality of bits of data that are logical complements of the second plurality of bits of data, generating a shared seed value using a cryptographically secure one-way function applied to the shared secret data, and generating an updated node seed value using the cryptographically secure one-way function applied to the node seed value to replace the node seed value.

Abstract: A method of operating at least one node in a communication network that uses a shared communication medium has been developed to reduce or eliminate timing side-channel attacks performed by an adversary that is connected to the shared communication medium. The method includes generating, with a controller in a first node, a first jitter time offset randomly generated from within a predetermined time range, and transmitting, with a transceiver in the first node, a first data bit through an output of the transceiver that is connected to a shared communication medium, the first data bit being transmitted at a first time corresponding to the first jitter time offset added to a first predetermined transmission time.