From the Fall 2021 Issue

The Ardennes, Again

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

Thin Red Line

Zero-Day, Zero Trust, and the 99th Infantry Division  Zero Day December 16, 1944. Unexpected Allied success after D-Day led to a thin defensive line in the Ardennes forest. Armed with that knowledge and suspecting weakness in the Allies’ resolve, Hitler swung his last big hammer in an attempt to shatter the alliance and force a truce. … Read more

From the Winter 2021 Issue

Zero-Knowledge Proofs, D-Day, and the Promise of Trustable Software

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

ZKP image

An old proverb tells us, “You know nothing until another knows you know it.” Sometimes, though, you don’t want that someone to know sensitive details – just the “fact of.” For example, take April 1942. In two months’, Operation Overlord would invade Germany’s “Fortress Europe.” The Allies’ deception operation, Fortitude South – following a strategy … Read more

From the Spring 2018 Issue

Architectural Security, the Ardennes, and Alfred the Great

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

archer-feature-image

Much of cyber defense today relies on the same approach used in kinetic defense over the last few thousand years. We use hard perimeters (firewalls) to repel attacks, sentries (IDSs) to trigger incident response, and carefully guarded entry points (VPNs, websites) to meet functional requirements (wait…security is still a non-functional requirement?). It is both a … Read more

From the Summer 2017 Issue

REVOLUTION and EVOLUTION: Fully Homomorphic Encryption

Author(s):

David W. Archer, PhD, Principal Scientist, Galois, Inc.

More and more computation is being outsourced to public clouds. Cloud computers can be just as vulnerable as any other computer, putting the privacy of sensitive data at risk. As nation-state cyber weapons become increasingly available to amateur and low-level professional cyber criminals, the external threats against those cloud-based systems continue to grow. In addition, … Read more