From the Winter 2021 Issue

Zero-Knowledge Proofs, D-Day, and the Promise of Trustable Software

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

ZKP image

An old proverb tells us, “You know nothing until another knows you know it.” Sometimes, though, you don’t want that someone to know sensitive details – just the “fact of.” For example, take April 1942. In two months’, Operation Overlord would invade Germany’s “Fortress Europe.” The Allies’ deception operation, Fortitude South – following a strategy … Read more

From the Spring 2018 Issue

Architectural Security, the Ardennes, and Alfred the Great

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

archer-feature-image

Much of cyber defense today relies on the same approach used in kinetic defense over the last few thousand years. We use hard perimeters (firewalls) to repel attacks, sentries (IDSs) to trigger incident response, and carefully guarded entry points (VPNs, websites) to meet functional requirements (wait…security is still a non-functional requirement?). It is both a … Read more

From the Summer 2017 Issue

REVOLUTION and EVOLUTION: Fully Homomorphic Encryption

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

More and more computation is being outsourced to public clouds. Cloud computers can be just as vulnerable as any other computer, putting the privacy of sensitive data at risk. As nation-state cyber weapons become increasingly available to amateur and low-level professional cyber criminals, the external threats against those cloud-based systems continue to grow. In addition, … Read more