Winner: NSA Best Cyber Security Research Paper

The US National Security Agency has announced the winning paper in the 9th annual Best Cybersecurity Research Paper Competition.

This year’s winning paper advances a theorem that relates the existence of one-way functions (OWF) by relating them to the problem of computing “Time-bound Kolmogorov complexity" which is a way to measure the complexity of a string of text. 

Written by Yanyi Liu from Cornell University and Rafael Pass from Cornell Tech, the paper titled “On One-way Functions and Kolmogorov Complexity” was published at the 2020 IEEE Symposium on Foundations of Computer Science.

Established in 2013, the competition encourages the development of scientific foundations in cyber security and supports cybersecurity improvements within devices, computers, and systems through rigorous research, solid scientific methodology, documentation and publishing. 

The winning paper was chosen by the Chief of NSA’s Laboratory for Advanced Cybersecurity Research. The decision was informed by reviews from 10 international cybersecurity distinguished experts who independently reviewed the best papers among 34 nominations.

One-way functions (OWF) are a key underpinning in many modern cryptography systems and were first proposed in 1976 by Whitfield Diffie and Martin Hellman. OWFs are vital components of modern symmetric encryptions, digital signatures, authentic schemes and more. Until now, it has been assumed that OWF functions exist even though research shows that they are both necessary and sufficient for much of the security provided by cryptography.

These functions can be efficiently computed but are difficult to reverse, as determining the input based on the output is computationally expensive. 

Receiving honorable mention was the paper “Retrofitting Fine Grain Isolation in the Firefox Renderer” written by Shravan Narayan, Craig Disselhoen, Tal Garfinkel, Nathan Froyd, Sorin Lerner Hovav Shacham and Deian Stefan.  This paper was originally published at the USENIX Security Conference 2020 and provides a security solution for use in the Firefox web browser while also demonstrating that that technology can be utilized for other situations.  The solution, RLBox, is a culmination of many advances that enable software to securely use software components, such as libraries, which have not been verified as trustworthy. RLBox has been incorporated into Firefox 95.

The NSA has opened the nomination process for the 10th Annual Best Scientific Cybersecurity Paper Competition for  papers published during 2021 in peer-reviewed journals, magazines, or technical conferences that show an outstanding contribution to cyber security science. The nomination period closes on 15 April 2022.

Visit the Best Scientific Cybersecurity Paper webpage for more information on the paper competition and to nominate a paper for the 10th completion.

NSA

You Might Also Read: 

NCSC Aims To Inspire Young Female Code-Breakers:

 

« North Korea's Internet Is Faltering
Google Sued over 'Deceptive' Location Tracking »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

OneLogin

OneLogin

OneLogin simplifies identity management with secure, one-click access,for employees, customers and partners, through all device types, to all enterprise cloud and on-premise applications.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

Shadowserver Foundation

Shadowserver Foundation

Shadowserver Foundation aims to improve internet security by raising awareness of compromised servers, malicious attackers and the spread of malware.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

Beame.io

Beame.io

Beame.io is an information security company that distributes open source authentication infrastructure based on encryption.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

URS Certification

URS Certification

United Registrar of Systems (URS Certification) is an independent certification body operating in more than 30 countries within the multinational URS Holdings.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

Talion

Talion

Talion aim to reduce the complexity involved in securing your organisation and to give security teams unrivalled visibility into their security operations, so they can make optimal decisions, fast.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

Chestnut Hill Technologies (CHT)

Chestnut Hill Technologies (CHT)

CHT provide Best Practices IT Cybersecurity and Technology Solutions and Consulting Support to the Mid Cap through Fortune 1000 Nationwide.

Ventum Consulting

Ventum Consulting

Ventum Consulting stands for digitalization, networking and agilization. We take this up on the strategic, professional and technical side and support our customers in the digital transformation.