Winner: NSA Best Cyber Security Research Paper

Uploaded on 2022-02-02 in TECHNOLOGY--Developments, INTELLIGENCE--USA, FREE TO VIEW

The US National Security Agency has announced the winning paper in the 9th annual Best Cybersecurity Research Paper Competition.

This year’s winning paper advances a theorem that relates the existence of one-way functions (OWF) by relating them to the problem of computing “Time-bound Kolmogorov complexity" which is a way to measure the complexity of a string of text. 

Written by Yanyi Liu from Cornell University and Rafael Pass from Cornell Tech, the paper titled “On One-way Functions and Kolmogorov Complexity” was published at the 2020 IEEE Symposium on Foundations of Computer Science.

Established in 2013, the competition encourages the development of scientific foundations in cyber security and supports cybersecurity improvements within devices, computers, and systems through rigorous research, solid scientific methodology, documentation and publishing. 

The winning paper was chosen by the Chief of NSA’s Laboratory for Advanced Cybersecurity Research. The decision was informed by reviews from 10 international cybersecurity distinguished experts who independently reviewed the best papers among 34 nominations.

One-way functions (OWF) are a key underpinning in many modern cryptography systems and were first proposed in 1976 by Whitfield Diffie and Martin Hellman. OWFs are vital components of modern symmetric encryptions, digital signatures, authentic schemes and more. Until now, it has been assumed that OWF functions exist even though research shows that they are both necessary and sufficient for much of the security provided by cryptography.

These functions can be efficiently computed but are difficult to reverse, as determining the input based on the output is computationally expensive. 

Receiving honorable mention was the paper “Retrofitting Fine Grain Isolation in the Firefox Renderer” written by Shravan Narayan, Craig Disselhoen, Tal Garfinkel, Nathan Froyd, Sorin Lerner Hovav Shacham and Deian Stefan.  This paper was originally published at the USENIX Security Conference 2020 and provides a security solution for use in the Firefox web browser while also demonstrating that that technology can be utilized for other situations.  The solution, RLBox, is a culmination of many advances that enable software to securely use software components, such as libraries, which have not been verified as trustworthy. RLBox has been incorporated into Firefox 95.

The NSA has opened the nomination process for the 10th Annual Best Scientific Cybersecurity Paper Competition for  papers published during 2021 in peer-reviewed journals, magazines, or technical conferences that show an outstanding contribution to cyber security science. The nomination period closes on 15 April 2022.

Visit the Best Scientific Cybersecurity Paper webpage for more information on the paper competition and to nominate a paper for the 10th completion.

NSA

You Might Also Read: 

NCSC Aims To Inspire Young Female Code-Breakers:

 

« North Korea's Internet Is Faltering
Google Sued over 'Deceptive' Location Tracking »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

Evok

Evok

EVOK is an IT Service provider specialized in installing, maintaining and supporting IT infrastructures for SMB's in Switzerland.

Center for Internet Security (CIS)

Center for Internet Security (CIS)

CIS is a nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Sift

Sift

The Sift Digital Trust Platform protects your business and customers from all vectors of fraud and abuse through our Live Machine Learning, global trust network and automation technologies.

ERNW

ERNW

ERNW is an independent IT Security service provider with a focus on consulting and testing in all areas of IT security.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

ITRenew

ITRenew

ITRenew is a leading global IT lifecycle management solutions company, specializing in onsite data center decommissioning and data erasure services.

BrandProtections.Online

BrandProtections.Online

BrandProtections.online offer end-to-end customer support solutions to help protect against threats which may affect your brand online.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Pelion

Pelion

Pelion Connected Device Services are the easiest way to securely connect and manage your devices, allowing you to focus on forging your future.

Cyber Intelligence House (CIH)

Cyber Intelligence House (CIH)

Cyber Intelligence House provides risk exposure solutions for a wide range of audiences including companies, government agencies, regulators, investors, law enforcement and consumers.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

BitLyft

BitLyft

BitLyft is a managed detection and response provider that is dedicated to delivering unparalleled protection from cyber attacks for organizations of all sizes.