2018-annual-report
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Security
and Privacy
25
The ever-increasing interconnection, data processing, and
storage capabilities enabled by technological advances
open up tremendous opportunities for society, the economy,
and individuals. At the same time, the digital world
is threatened by many kinds of cyberattacks that aim to
undermine the security and privacy of digital interactions
such as communications, payments, computations,
and data storage. These cyberattacks may endanger the
economy of our society, but also target important values
such as privacy and democracy. Indeed, if the privacy of
citizens, governments, and corporations is threatened,
this can also impact people’s freedom, ultimately creating
an imbalance in power relations, which in turn may
damage our democratic society.
The research on security and privacy at the IMDEA Software
Institute aims to deliver technology that enables
computation, communication, and storage in open,
untrusted, and possibly malicious environments, such
as the Internet. Our research results include novel cryptographic
protocols and privacy-enhancing technologies,
as well as cutting-edge techniques and tools for detecting
and analyzing vulnerabilities and malicious activities in
software, hardware, and network traffic.
Systems and networks security
• Defending against malware, cybercrime, and targeted
attacks.
• Enhancing software security (e.g., automated testing,
vulnerability detection).
• Privacy in the mobile application ecosystem.
Side-channel attacks and countermeasures
• Detection and analysis of micro-architectural sidechannels.
• Compilation and verification of constant-time software
defenses.
• Protecting against privacy leaks based on side-channels.
annual report
20
More specifically, our security and privacy research
includes:
Cryptography
• Privacy-preserving computation (e.g., homomorphic
encryption, functional encryption, multiparty computation).
• Secure outsourcing of data and computation (e.g., verifiable
computation, zero-knowledge proofs, homomorphic
authentication).
• Privacy in blockchains.