In the age of cyber-attacks and credit card fraud over the Internet, Dr. Osnat Keren says there is another “Achilles heel” that we overlook at our peril: the vulnerability of our hardware devices.
With enormous amounts of information traveling between telephones, computers and even tiny components within a single device, Dr. Keren says, “This moving data constitutes a security risk, because attackers can maliciously inject errors in order to break the underlying code that keeps data safe.”
Keren, of the Bar-Ilan School of Engineering, adds, “In my work I use mathematical methods to design codes that ensure data security by making sure that all maliciously injected errors are detected — before the damage is done.”
According to Keren, smart cards — a hardware-based encryption platform designed to promote data security and privacy — have actually increased our vulnerability. “Today, we all carry credit cards, or cards that contain our health and insurance information, and we use cellphones with SIM cards in which all our private information is stored,” says Keren, who teaches Coding Theory and Advanced Logic Design.
She adds, “These devices contain processors that, like any computer, can be hacked. One of the most effective ways to crack a security code is to introduce faults, then analyze the erroneous operation of the device that results. Much of my work involves creating structures of error detecting codes that limit this vulnerability.”
Dr. Keren is an industry-savvy academic who began her career at National-Semiconductor in 1998. She helped develop a voice-processing technology now embedded in all mobile phone products before she joined Bar-Ilan University in 2004.
According to Keren, hardware security is becoming a rising concern because “the linear code that underlies the functionality of today’s hardware devices makes it relatively easy for hackers to introduce error patterns that go undetected.” She explains, “Because these codes leave a door open for tampering, our challenge is to create a mathematics-based coding standard that closes that door.”
In addition, Keren is working on the design of mathematical models for combatting cyber-threats maliciously built into the hardware itself. She says this type of threat is growing because the process of chip manufacturing is increasingly being outsourced.
Karen and her colleagues at Tel Aviv University and Boston University are working together on coding protocol that will reveal the presence of cyber-attackers. “We’re preparing for the worst case scenario — an attacker who can inject every possible error in a hardware based system,” she says. “With a smart coding approach, we can guarantee that no attacker can initiate an attack without being noticed. That’s the mathematics behind the story — and the first step in catching a cyber-criminal.
To learn more about Dr. Keren’s research to defeat cyber-threats, call Howard Charish at 212-906-3900.