My research is in computer security. My collaborators and I seek
to answer basic questions about how to improve the status quo of keeping
data and computations secure, while simultaneously providing insights
and tools that help practitioners in the near term. Click on the links below to read brief
descriptions of some example research
projects or check out my full list of
publications.
Papers:
Crypto 2017,
Crypto 2018,
Crypto 2019,
CCS 2019,
USENIX Security 2021,
USENIX Security 2022,
USENIX Security 2022,
Asiacrypt 2022,
Eurocrypt 2023,
Oakland 2024
Description:
We have been exploring committing authenticated encryption,
which refers to schemes for which adversaries cannot find
multiple secret keys that decrypt the same ciphertext. This
proves important in applications like message franking, a
cryptographic technique used by Facebook to
enable securely reporting of abusive end-to-end encrypted
messages. We have also explored new cryptographic
constructions for enabling message franking in anonymous
communications, providing the ability to trace the source
of a forwarded abusive message, rich governance policies such
as voting for moderators in group messaging, and more - all without sacrificing
end-to-end encryption guarantees.
This line of work discovered subtle vulnerabilities in
Facebook's message franking scheme (subsequently fixed due to
a responsible disclosure process), a whole new class of
confidentiality attacks exploiting lack of commitment called
partitioning oracle attacks, and calls by practitioners and
others to build a new generation of encryption schemes that
enjoy commitment.
Papers: See IPV research group website
Awards: CHI 2018, 2022 Best Paper Awards, CSCW
2019 Honorable Mention award, CSCW 2020 Best Paper Award,
USENIX Security 2020, 2023 Distinguished Paper Awards,
Internet Defense Prize 2020 (third place),
ENGDBV Advocate of New York City Award 2019
Media coverage: See IPV research group website
Description:
Abusers are increasingly exploiting digital technologies in
the course of intimate partner violence. In partnership with
the New York City Mayor's Office to Combat Domestic Violence,
we have conducted qualitative studies of the IPV ecosystem in
NYC to help understand how technology arises in abuse
situations. We also have explored the spyware as used in
intimate partner violence, surfacing the wide variety of apps
that can be used as spyware by abusers. Google has already
made changes to their policies as a result of our work, and
we are working with Google and Symantec on the tricky
challenges that "dual-use" apps represent.
Our research team's webpage is here. Our research
introduced clinical computer security, a new approach to
provide personalized face-to-face interventions to assist IPV
survivors. Our research
led to founding the Clinic to End Tech Abuse (CETA), which
you can read about here.
Papers:
USENIX Security 2015,
Oakland 2016,
CCS 2017,
Oakland 2019,
CCS 2019
Eurocrypt 2022
USENIX Security 2022
USENIX Security 2022
USENIX Security 2023
USENIX Security 2023
Awards: Oakland 2016 Distinguished Student Paper
Award, USENIX Security 2023 Distinguished Paper Award
Media coverage: Technology
Review - Threatpost
- Slashdot
Description:
We have developed improvements to the usability and
security of password-based authentication. Our hardening service
Pythia renders stored password hashes uncrackable by
offline brute-force attacks using
a new cryptographic primitive
called a partially oblivious
pseudorandom function (PO-PRF). A follow-up paper introduced
a new, fast PO-PRF built solely from standard elliptic
curves.
We investigated
typo-tolerant password authentication that will
automatically correct, on behalf of the user,
frequently made typographical errors. In
collaboration with Dropbox, we showed that deploying
typo-tolerance would help users log in without degrading
security.
We have explored the implications of password breaches in
terms of improving targeted guessing attacks, as well as
helped design privacy-preserving breach detection systems.
Our research helped motivate a security improvement to
Google's protocol, and I helped design, build, and launch a
password breach alerting service at Cloudflare.
In a long-running collaboration with university IT security
offices, we have ran measurement studies to build better
tools for detecting real-world password guessing attacks.
Papers: USENIX
Security 2014, CCS 2015,
USENIX Security
2016, CCS 2017
Awards: USENIX Security 2014 Best Paper Award
Description: We have been investigating the privacy and
confidentiality of machine learning systems.
We performed a case study of privacy in pharmacogenetics,
wherein doctors use machine learning models to help guide
clinical assessments. We show that machine learning models can
be abused by a clever attacker to infer genetic information
about a person via a technique that we call model inversion.
In follow-up work, we showed that model
inversion works against facial recognition and lifestyle
surveys because one can take advantage of real-valued
confidence information released by machine learning prediction
APIs.
We also explored model extraction attacks
in which attackers seek to steal an ML model given black-box
query access to it, as well as a form of backdooring that can
be used to leak sensitive training data from a deployed model.
Papers: Eurocrypt
2014, Oakland
2015
Media Coverage:
MIT Technology Review -
Slashdot -
Reddit -
Business
Week -
Boston
Globe -
Threatpost
-
Daily
Mail -
Info
Security Magazine -
Gizmodo
Description: We introduce honey encryption, a form of password-based encryption in which
decrypting with incorrect passwords yields fake, but realistic-looking,
plaintexts.
Awards: ACM CCS 2009 and 2012 Test of Time Awards
Papers:
CCS 2009, CCS 2012(a), CCS
2012(b), USENIX Security 2014, CCS 2014
Media Coverage (2009):
MIT Technology Review -
MIT Technology Review (2) -
MIT Technology Review (3) -
The New York Times -
Network World -
Network World (2) -
Computer World -
Data Center Knowledge -
IT Business Edge -
Cloudsecurity.org -
Infoworld
Media coverage (2012):
InformationWeek -
MIT Technology Review -
Arstechnica -
Slashdot -
Threatpost -
Dark Reading -
Hacker
News
Practical impact:
Our work is helping inform industry best practices. For example, we are referenced in the Cloud Security Alliance's cloud security guide
and the European Network and Information Security Agency's report on cloud security.
The CCS 2009 paper on new threats in public compute
clouds is fortunate to be the second most-cited security paper
of those published between 2008 and 2013. More recently, we have shown
how side-channel attacks are possible on platform-as-a-service (PaaS)
clouds, see our CCS 2014 paper.
Papers:
CCS 2013,
USENIX Security 2014,
CCS 2014
Awards:
My collaborators at Portland State University received a "New Digital
Age" grant for our work on FTE. These awards are funded by a generous
donation by Google Executive Chairman Eric Schmidt. News articles: ZDnet
- Bloomberg
Our CCS 2013 paper was runner up for the Award for Outstanding
Research in Privacy Enhancing Technologies.
Practical impact:
We introduce format-transforming encryption (FTE), and build particular encryption schemes
whose ciphertexts are guaranteed to match against a regular expression of one's choosing.
This proves useful in a variety of
settings: we show in particular how it can be used to force protocol
misclassification by the kinds of deep-packet inspection (DPI) systems used to detect and block
censorship circumvention tools such as Tor.
Check out the FTE webpage
for source code and more details.
Papers:
Eurocrypt 2013,
USENIX Security 2013
Description:
We introduce new encryption mechanisms for which ciphertexts
can be usefully deduplicated by a storage service (without the keys). A prototype of our system, DupLESS, that can be used by organizations
to perform encryption on client side but take advantage of cloud storage that is deduplicated,
can be downloaded here.
Papers:
WOOT 2012,
USENIX Security 2013
Practical impact:
We discovered (and helped fix) security vulnerabilities in a widely used smartphone-based point-of-sale system (used to process credit card transactions).
See the vulnerability report here. In subsequent
work, we built a tool Fie for analyzing embedded firmware to find such vulnerabilities and even verify their absence in some cases.
Papers:
Asiacrypt 2011, Crypto 2012(a), Crypto 2012(b)
Practical impact:
We uncovered a new attack against the TLS record layer, uncovered weak key pairs in HMAC, and provided the first formal security analysis for PKCS#5 (password-based
cryptography).
Papers:
Slashdot -
PC World -
The New York Times -
The New York Times (2) -
CNET News -
Linux.com -
Linux Magazine -
Reader's Digest -
ABC News -
MIT Technology Review -
more...
Practical impact:
Check out Adeona's web page for the
open source software.
Papers:
ICALP 2007,
Asiacrypt 2007,
Eurocrypt 2009,
Eurocrypt 2011
Practical impact:
Our design and analysis techniques are being used by contenders (such as Skein)
for NIST's new cryptographic hash function standard SHA-3.