One of our previous projects explored how flaws in the design and implementation of systems can introduce “weird machines” that make them vulnerable to exploitation. Now we have begun a follow-up project, Synthesizing Evidence of Emergent Computation (SEEC). SEEC is part of DARPA’s Artificial Intelligence Mitigations of Emergent Execution (AIMEE) program, whose goal is to […]
A zero-knowledge proof (ZKP) is a mathematical tool that provides irrefutable proof of a claim’s validity, without revealing anything else about the claim or the data used to prove it. Today, the application of ZKPs often gravitates towards cryptocurrency transactions, where they can be used to prove that a transaction is valid without revealing details […]
Machine learning has revolutionized cyber-physical systems (CPS) in multiple industries – in the air, on land, and in the deep sea. And yet, verifying and assuring the safety of advanced machine learning is difficult because of the following reasons: State-Space Explosion: Autonomous systems are characteristically adaptive, intelligent, and/or may incorporate learning capabilities. Unpredictable Environments: The […]
In 2019, Galois and its spinout Tangram Flex were awarded a $5 million contract for the DARPA I2O Cyber Assured Systems Engineering (CASE) program. We wanted to present an update for the project’s progress. Introducing Cyber-Assured Plugins to embedded computer systems “The problem is not in our stars … but in ourselves,” is a paraphrase […]
Document and protocol formats are the languages in which computing systems exchange information. The notion of a “document-format” certainly isn’t foreign to most computer users: everyday, vast swaths of users directly create, edit, and share documents and media in formats such as PDF, JPEG, and Word. But in principle, the concept of a “format” is […]
I’m excited to announce we’ve been awarded a $7.5 million contract by the Defense Advanced Research Projects Agency (DARPA) to work on PIRATE, a set of software development tools for designing and building high-performance, physically-partitioned applications that protect sensitive information. PIRATE stands for Partitioning Information via Resource-Aware Transformations for Everyone. The project is part of […]
Secure computation enables users to compute some result without revealing the inputs. Privacy schemes that are shown to only reveal outputs are said to have input privacy. However, learning these outputs still tells you something about the private inputs. The important question is: “how much?” The Defense Advanced Research Projects Agency (DARPA) Brandeis program aims […]
Today, Microsoft announced our joint work on ElectionGuard and the upcoming release of the software development kit. This SDK will be freely available, and can be used to enable end-to-end verifiable (E2E-V) elections around the world. An E2E-V election uses cryptography to produce proofs that an election has been run correctly. In a properly implemented […]
This article originally appeared in the Fall 2018 edition of the U.S. Cybersecurity Magazine When obdurate isolationist Woodrow Wilson won 1916 re-election under the slogan, “He kept us out of the war!”, he hadn’t anticipated a simple act of data sharing. On January 17, 1917, Room 40 (British Naval Intelligence) finally decrypted the infamous German “Zimmerman […]
This is a followup to our previous post, which introduces our research exploring new strategies for protecting legacy applications on the DARPA CFAR program. Briefly, our approach is to generate variants of a target application that behave the same when given benign input but different when given malicious input. Then we run a set of […]
We take pride in personally connecting with all interested partners, collaborators and potential clients. Please email us with a brief description of how you would like to be connected with Galois and we will do our best to respond within one business day.