Winner: NSA Best Cyber Security Research Paper

The US National Security Agency has announced the winning paper in the 9th annual Best Cybersecurity Research Paper Competition.

This year’s winning paper advances a theorem that relates the existence of one-way functions (OWF) by relating them to the problem of computing “Time-bound Kolmogorov complexity" which is a way to measure the complexity of a string of text. 

Written by Yanyi Liu from Cornell University and Rafael Pass from Cornell Tech, the paper titled “On One-way Functions and Kolmogorov Complexity” was published at the 2020 IEEE Symposium on Foundations of Computer Science.

Established in 2013, the competition encourages the development of scientific foundations in cyber security and supports cybersecurity improvements within devices, computers, and systems through rigorous research, solid scientific methodology, documentation and publishing. 

The winning paper was chosen by the Chief of NSA’s Laboratory for Advanced Cybersecurity Research. The decision was informed by reviews from 10 international cybersecurity distinguished experts who independently reviewed the best papers among 34 nominations.

One-way functions (OWF) are a key underpinning in many modern cryptography systems and were first proposed in 1976 by Whitfield Diffie and Martin Hellman. OWFs are vital components of modern symmetric encryptions, digital signatures, authentic schemes and more. Until now, it has been assumed that OWF functions exist even though research shows that they are both necessary and sufficient for much of the security provided by cryptography.

These functions can be efficiently computed but are difficult to reverse, as determining the input based on the output is computationally expensive. 

Receiving honorable mention was the paper “Retrofitting Fine Grain Isolation in the Firefox Renderer” written by Shravan Narayan, Craig Disselhoen, Tal Garfinkel, Nathan Froyd, Sorin Lerner Hovav Shacham and Deian Stefan.  This paper was originally published at the USENIX Security Conference 2020 and provides a security solution for use in the Firefox web browser while also demonstrating that that technology can be utilized for other situations.  The solution, RLBox, is a culmination of many advances that enable software to securely use software components, such as libraries, which have not been verified as trustworthy. RLBox has been incorporated into Firefox 95.

The NSA has opened the nomination process for the 10th Annual Best Scientific Cybersecurity Paper Competition for  papers published during 2021 in peer-reviewed journals, magazines, or technical conferences that show an outstanding contribution to cyber security science. The nomination period closes on 15 April 2022.

Visit the Best Scientific Cybersecurity Paper webpage for more information on the paper competition and to nominate a paper for the 10th completion.

NSA

You Might Also Read: 

NCSC Aims To Inspire Young Female Code-Breakers:

 

« North Korea's Internet Is Faltering
Google Sued over 'Deceptive' Location Tracking »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

Optimal Risk

Optimal Risk

Optimal Risk is a specialist risk and security consultancy. Services include information security, cyber security and advanced cyber defence.

Resource Centre for Cyber Forensics (RCCF)

Resource Centre for Cyber Forensics (RCCF)

RCCF is a pioneering institute, pursuing research activities in the area of Cyber Forensics.

IT Association of Slovakia (ITAS)

IT Association of Slovakia (ITAS)

ITAS is a professional association of domestic and foreign companies operating in the field of information and communication technologies

Picasso

Picasso

The Picasso project is focused on ICT Policy, Research and Innovation for a Smart Society: towards new avenues in EU-US ICT collaboration.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

Secnology

Secnology

Secnology is dedicated to developing and providing the most powerful and user friendly event analysis and security management solution.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

KOVRR

KOVRR

Kovrr enables (re)insurers to transparently predict and price cyber risk.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Ecubel

Ecubel

Ecubel is the market leader in Belgium in buying and selling used IT harware guaranteed by a certified data erasure.

BoldCloud

BoldCloud

BoldCloud's award winning Cybersecurity Advisory services and Layered Security approach adds new critical layers of protection for your data and your business.

Samurai Digital Consulting

Samurai Digital Consulting

Samurai Digital Security are a cyber and Information security services provider, specialising in penetration testing, incident response, user awareness and information governance solutions.

Security Limits

Security Limits

Security Limits is a full-service technology, engineering, architecture, and consulting solutions firm.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Responsive Technology Partners

Responsive Technology Partners

Responsive Technology Partners provides superior IT support services including cybersecurity and compliance, telephony, cloud services, cabling, access control, and camera systems.