Secure computation enables users to compute some result without revealing the inputs. Privacy schemes that are shown to only reveal outputs are said to have input privacy. However, learning these outputs still tells you something about the private inputs. The important question is: “how much?” The Defense Advanced Research Projects Agency (DARPA) Brandeis program aims […]
Projections based on data models for COVID-19 are serving as a critical foundation for Federal, state and local government policy makers charged with making rapid and informed decisions to fight the spread of the novel coronavirus. Data models like the model presented by researchers at Imperial College London on March 16, which many believe led […]
2019 marked another eventful year for Galois, publishing 15 papers, sharing 26 talks, and announcing several large project awards. It seems cliche, but it’s true: our partners and collaborators play a central role in all of our work. We’re very grateful to be part of such a great community. Below, we highlight some of the […]
Today, Microsoft announced our joint work on ElectionGuard and the upcoming release of the software development kit. This SDK will be freely available, and can be used to enable end-to-end verifiable (E2E-V) elections around the world. An E2E-V election uses cryptography to produce proofs that an election has been run correctly. In a properly implemented […]
2018 was a year of growth and impact at Galois. We furthered our work from cryptography to software and hardware assurance through both our R&D efforts and our spin-out companies. Our team grew significantly, and like most everyone in this industry, we continue to hire. We’ve been fortunate to work with many great partners and […]
This article originally appeared in the Fall 2018 edition of the U.S. Cybersecurity Magazine When obdurate isolationist Woodrow Wilson won 1916 re-election under the slogan, “He kept us out of the war!”, he hadn’t anticipated a simple act of data sharing. On January 17, 1917, Room 40 (British Naval Intelligence) finally decrypted the infamous German “Zimmerman […]
This is a followup to our previous post, which introduces our research exploring new strategies for protecting legacy applications on the DARPA CFAR program. Briefly, our approach is to generate variants of a target application that behave the same when given benign input but different when given malicious input. Then we run a set of […]
On the DARPA CFAR program, the Galois “RADSS” team is developing new ways to mitigate memory corruption attacks against legacy C/C++ systems without requiring finding and fixing each individual bug. CFAR is about “Cyber Fault-tolerant Attack Recovery” and our general approach is: Given some application to defend, generate multiple variants of that application such that […]
Motivation The c2rust project exists to help bridge the fact that there is a lot of valuable software written in C and that there have been great strides in making safer and more-reliable programming languages since C was designed. Rust offers many modern improvements for C while still preserving the low-level control that makes it […]
This article originally appeared in the Spring 2018 edition of the U.S. Cybersecurity Magazine Much of cyber defense today relies on the same approach used in kinetic defense over the last few thousand years. We use hard perimeters (firewalls) to repel attacks, sentries (IDSs) to trigger incident response, and carefully guarded entry points (VPNs, websites) to […]
We take pride in personally connecting with all interested partners, collaborators and potential clients. Please email us with a brief description of how you would like to be connected with Galois and we will do our best to respond within one business day.