Information flow tracking (IFT) is a frequently used technique for enforcing IFC. IFT associates a label with data, and monitors the propagation of this label through the system to check if sensitive data leaks to an unclassified domain or if integrity-critical components are affected by untrusted data. With more functional units, such as security primitives, being built into hardware to meet performance and power constraints, it is required that embedded security be enforced from the underlying hardware up. In this process, hardware assisted IFT methods have been deployed to capture harmful flows of information including those through hardware specific timing channels. Implicit flows resulting from these timing channels have been shown to leak secret keys in stateful elements such as caches and branch predictors. In addition, such timing flows can cause violations in real-time constraints, hindering real-time operations of a system or even rendering the critical system useless. Further, these channels are so hard to detect that they are usually identified only after operational critical security policies have been violated.Critical embedded systems such as those found in the military, industrial infrastructures and medical devices all require strict guarantees on information flow security because of the extremely high cost of a failure. These systems require rigorous design and testing to ensure that untrusted information never affects trusted computation or that secret information never leaks to unclassified domains. The requirements, for both integrity and confidentiality, can be captured by the formal model of information flow security. (more...)

With the cost of sequencing the human genome dropping exponentially it will soon be economical for individuals to get the results of paternity tests, personal medicine analyses and even genetic matching or compatibility tests without the expense or trouble of elaborate laboratory procedures. Additionally, researchers from UCI’s Genomics and Computer Science departments have developed a safe and secure methodology and infrastructure to conduct these tests, safely and securely and all done via mobile devices. (more...)

A novel method for visualizing and classifying malware using image processing techniques, applicable to malware detection and anti-virus software. (more...)

UC San Diego inventors have come up with a new method for improving pseudo-random number generators. Based on new theoretical achievements in algebraic theory of quasigroups, it can work over alphabets of n-bit letters for every n>1, and can enlarge the period of the pseudo random string of numbers and pass every known statistical test of randomness. The method is easy to implement in software or hardware in less than 1 kilobyte of memory space. The method can also be used as an improver of biased truly random number generators. (more...)

HDRL (Homogeneous Dual-Rail Logic) is a standard cell level DPA (Differential Power Analysis) attack countermeasure that theoretically guarantees fully-balanced power consumption and has been shown to significantly improve the DPA attack resistivity of hardware with low energy overhead and no delay overhead over conventional countermeasures. (more...)

In its simplest form this invention consists of a novel software-only approach to malicious code detection and repair in real time. However by including a minute extra component (< 0.001% total transistor count) to a standard commercial processor this process can enable fully automatic repair of malicious code injections. (more...)

A new RFID reader authentication protocol that allows efficient and timely check of revocation status of the reader’s certificate. (more...)

The present invention is an apparatus and a method for generation of random numbers. The apparatus comprises an alpha-radiation source, such as Am 241, for which the decay product produces no secondary radiation with the energy equal or higher than that of the prime alpha radiation. The alpha particles emitted by the isotope and having reached the detector have a narrow energy spectrum and, hence, produce identical electrical pulses in a detector. An alpha-particle detection system is provided which includes a differential discriminator in combination with a logical selector. This combination of elements allows a positive identification of individual events of alpha-decay in the alpha-radiation source to be made and filters out any other signals produced by different radiation sources both inside and outside the apparatus. An electronic unit processes the stream of identical electric pulses into a stream of random numbers. (more...)

Recent years have seen a huge growth in online social networking sites such as Facebook, Myspace, and Friendster. Given the huge amount of personal data and social relationships available in online social networks, protecting ones personal privacy is a growing problem. Since private information can be inferred via social relationships, it is possible to infer private information even when such information is not shared. (more...)

Security chips leak information through power consumption, timing, and electro-magnetic radiation although they are secure against mathematical attacks. One of the most effective side channel attacks to the encryption ICs is the differential power analysis attack. In DPA, the attacker measures the power consumption of the chip while it encrypts and by doing a statistical analysis he can extract the secret-key. This is due to the asymmetry of the power consumption in the standard CMOS logic gates since they have power characteristic that is dependent on the input signals. Different techniques have been proposed to prevent this information leakage: interleaved dummy instructions, random power consumption, duplicate logic, etc.; however, all of these methods have been circumvented. (more...)

The invention is a new technique for people to engage in behavior modification (smoking cessation, dieting, etc.) or explore mutual interests in a secure fashion via the Internet. A working prototype exists and is showing efficacy similar to chemical means for certain behavior modifications. Prototype exhibits the secure and interactive nature of the invention. (more...)