Papers: Crypto 2017, Crypto 2018, Crypto 2019, CCS 2019, USENIX Security 2021, USENIX Security 2022, USENIX Security 2022, Asiacrypt 2022, Eurocrypt 2023, Oakland 2024

Description: We have been exploring committing authenticated encryption, which refers to schemes for which adversaries cannot find multiple secret keys that decrypt the same ciphertext. This proves important in applications like message franking, a cryptographic technique used by Facebook to enable securely reporting of abusive end-to-end encrypted messages. We have also explored new cryptographic constructions for enabling message franking in anonymous communications, providing the ability to trace the source of a forwarded abusive message, rich governance policies such as voting for moderators in group messaging, and more - all without sacrificing end-to-end encryption guarantees.

This line of work discovered subtle vulnerabilities in Facebook's message franking scheme (subsequently fixed due to a responsible disclosure process), a whole new class of confidentiality attacks exploiting lack of commitment called partitioning oracle attacks, and calls by practitioners and others to build a new generation of encryption schemes that enjoy commitment.

Papers: See IPV research group website

Awards: CHI 2018, 2022 Best Paper Awards, CSCW 2019 Honorable Mention award, CSCW 2020 Best Paper Award, USENIX Security 2020, 2023 Distinguished Paper Awards, Internet Defense Prize 2020 (third place), ENGDBV Advocate of New York City Award 2019

Media coverage: See IPV research group website

Description: Abusers are increasingly exploiting digital technologies in the course of intimate partner violence. In partnership with the New York City Mayor's Office to Combat Domestic Violence, we have conducted qualitative studies of the IPV ecosystem in NYC to help understand how technology arises in abuse situations. We also have explored the spyware as used in intimate partner violence, surfacing the wide variety of apps that can be used as spyware by abusers. Google has already made changes to their policies as a result of our work, and we are working with Google and Symantec on the tricky challenges that "dual-use" apps represent.

Our research team's webpage is here. Our research introduced clinical computer security, a new approach to provide personalized face-to-face interventions to assist IPV survivors. Our research led to founding the Clinic to End Tech Abuse (CETA), which you can read about here.

Papers: USENIX Security 2015, Oakland 2016, CCS 2017, Oakland 2019, CCS 2019 Eurocrypt 2022 USENIX Security 2022 USENIX Security 2022 USENIX Security 2023 USENIX Security 2023

Awards: Oakland 2016 Distinguished Student Paper Award, USENIX Security 2023 Distinguished Paper Award

Media coverage: Technology Review - Threatpost - Slashdot

Description: We have developed improvements to the usability and security of password-based authentication. Our hardening service Pythia renders stored password hashes uncrackable by offline brute-force attacks using a new cryptographic primitive called a partially oblivious pseudorandom function (PO-PRF). A follow-up paper introduced a new, fast PO-PRF built solely from standard elliptic curves.

We investigated typo-tolerant password authentication that will automatically correct, on behalf of the user, frequently made typographical errors. In collaboration with Dropbox, we showed that deploying typo-tolerance would help users log in without degrading security.

We have explored the implications of password breaches in terms of improving targeted guessing attacks, as well as helped design privacy-preserving breach detection systems. Our research helped motivate a security improvement to Google's protocol, and I helped design, build, and launch a password breach alerting service at Cloudflare.

In a long-running collaboration with university IT security offices, we have ran measurement studies to build better tools for detecting real-world password guessing attacks.

Papers: USENIX Security 2014, CCS 2015, USENIX Security 2016, CCS 2017

Awards: USENIX Security 2014 Best Paper Award

Description: We have been investigating the privacy and confidentiality of machine learning systems. We performed a case study of privacy in pharmacogenetics, wherein doctors use machine learning models to help guide clinical assessments. We show that machine learning models can be abused by a clever attacker to infer genetic information about a person via a technique that we call model inversion. In follow-up work, we showed that model inversion works against facial recognition and lifestyle surveys because one can take advantage of real-valued confidence information released by machine learning prediction APIs.

We also explored model extraction attacks in which attackers seek to steal an ML model given black-box query access to it, as well as a form of backdooring that can be used to leak sensitive training data from a deployed model.

Papers: Eurocrypt 2014, Oakland 2015

Media Coverage: MIT Technology Review - Slashdot - Reddit - Business Week - Boston Globe - Threatpost - Daily Mail - Info Security Magazine - Gizmodo

Description: We introduce honey encryption, a form of password-based encryption in which decrypting with incorrect passwords yields fake, but realistic-looking, plaintexts.

Awards: ACM CCS 2009 and 2012 Test of Time Awards

Papers:
CCS 2009, CCS 2012(a), CCS 2012(b), USENIX Security 2014, CCS 2014

Media Coverage (2009):
MIT Technology Review - MIT Technology Review (2) - MIT Technology Review (3) - The New York Times - Network World - Network World (2) - Computer World - Data Center Knowledge - IT Business Edge - Cloudsecurity.org - Infoworld
Media coverage (2012):
InformationWeek - MIT Technology Review - Arstechnica - Slashdot - Threatpost - Dark Reading - Hacker News

Practical impact: Our work is helping inform industry best practices. For example, we are referenced in the Cloud Security Alliance's cloud security guide and the European Network and Information Security Agency's report on cloud security. The CCS 2009 paper on new threats in public compute clouds is fortunate to be the second most-cited security paper of those published between 2008 and 2013. More recently, we have shown how side-channel attacks are possible on platform-as-a-service (PaaS) clouds, see our CCS 2014 paper.

Papers:
CCS 2013, USENIX Security 2014, CCS 2014
Awards:
My collaborators at Portland State University received a "New Digital Age" grant for our work on FTE. These awards are funded by a generous donation by Google Executive Chairman Eric Schmidt. News articles: ZDnet - Bloomberg

Our CCS 2013 paper was runner up for the Award for Outstanding Research in Privacy Enhancing Technologies.

Practical impact: We introduce format-transforming encryption (FTE), and build particular encryption schemes whose ciphertexts are guaranteed to match against a regular expression of one's choosing. This proves useful in a variety of settings: we show in particular how it can be used to force protocol misclassification by the kinds of deep-packet inspection (DPI) systems used to detect and block censorship circumvention tools such as Tor. Check out the FTE webpage for source code and more details.

Papers:
Eurocrypt 2013, USENIX Security 2013
Description:
We introduce new encryption mechanisms for which ciphertexts can be usefully deduplicated by a storage service (without the keys). A prototype of our system, DupLESS, that can be used by organizations to perform encryption on client side but take advantage of cloud storage that is deduplicated, can be downloaded here.

Papers:
WOOT 2012, USENIX Security 2013
Practical impact:
We discovered (and helped fix) security vulnerabilities in a widely used smartphone-based point-of-sale system (used to process credit card transactions). See the vulnerability report here. In subsequent work, we built a tool Fie for analyzing embedded firmware to find such vulnerabilities and even verify their absence in some cases.

Papers:
Asiacrypt 2011, Crypto 2012(a), Crypto 2012(b)
Practical impact:
We uncovered a new attack against the TLS record layer, uncovered weak key pairs in HMAC, and provided the first formal security analysis for PKCS#5 (password-based cryptography).

Papers:
Slashdot - PC World - The New York Times - The New York Times (2) - CNET News - Linux.com - Linux Magazine - Reader's Digest - ABC News - MIT Technology Review - more...
Practical impact:
Check out Adeona's web page for the open source software.

Papers:
ICALP 2007, Asiacrypt 2007, Eurocrypt 2009, Eurocrypt 2011
Practical impact:
Our design and analysis techniques are being used by contenders (such as Skein) for NIST's new cryptographic hash function standard SHA-3.