My research is in computer security. My collaborators and I seek to answer basic questions about how to improve the status quo of keeping data and computations secure, while simultaneously providing insights and tools that help practitioners in the near term. Click on the links below to read brief descriptions of some example research projects or check out my full list of publications.


Papers: USENIX Security 2015, Oakland 2016

Awards: IEEE Oakland 2016 paper won Distinguished Student Paper Award

Media coverage: Technology Review - Threatpost - Slashdot

Description: We have developed improvements to the usability and security of password-based authentication. Our hardening service Pythia renders stored password hashes uncrackable by offline brute-force attacks using a new cryptographic primitive called a partially oblivious pseudorandom function. More recently, we investigated typo-tolerant password authentication that will automatically correct, on behalf of the user, frequently made typographical errors. In collaboration with Dropbox, we showed that deploying typo-tolerance would help users log in without degrading security.

Papers: USENIX Security 2014, CCS 2015

Awards: Best Paper Award for USENIX Security 2014 paper.

Description: We have been investigating machine learning privacy and confidentiality issues. We performed a case study of privacy in pharmacogenetics, wherein doctors use machine learning models to help guide clinical assessments. We show that machine learning models can be abused by a clever attacker to infer genetic information about a person via a technique that we call model inversion. We show that previously suggested countermeasures based on the principle of differential privacy would prevent the attacks, but only while prohibitively increasing risk of negative patient outcomes. In follow-up work, we showed that model inversion works against facial recognition and lifestyle surveys because one can take advantage of real-valued confidence information released by machine learning prediction APIs

Papers: Eurocrypt 2014, Oakland 2015

Media Coverage: MIT Technology Review - Slashdot - Reddit - Business Week - Boston Globe - Threatpost - Daily Mail - Info Security Magazine - Gizmodo

Description: We introduce honey encryption, a form of password-based encryption in which decrypting with incorrect passwords yields fake, but realistic-looking, plaintexts.


Papers:
CCS 2009, CCS 2012(a), CCS 2012(b), USENIX Security 2014, CCS 2014
Media Coverage (2012):
MIT Technology Review - MIT Technology Review (2) - MIT Technology Review (3) - The New York Times - Network World - Network World (2) - Computer World - Data Center Knowledge - IT Business Edge - Cloudsecurity.org - Infoworld
Media coverage (2012):
InformationWeek - MIT Technology Review - Arstechnica - Slashdot - Threatpost - Dark Reading - Hacker News

Practical impact: Our work is helping inform industry best practices. For example, we are referenced in the Cloud Security Alliance's cloud security guide and the European Network and Information Security Agency's report on cloud security. The CCS 2009 paper on new threats in public compute clouds is fortunate to be the second most-cited security paper of those published between 2008 and 2013. More recently, we have shown how side-channel attacks are possible on platform-as-a-service (PaaS) clouds, see our CCS 2014 paper.


Papers:
CCS 2013, USENIX Security 2014, CCS 2014
Awards:
My collaborators at Portland State University received a "New Digital Age" grant for our work on FTE. These awards are funded by a generous donation by Google Executive Chairman Eric Schmidt. News articles: ZDnet - Bloomberg

Our CCS 2013 paper was runner up for the Award for Outstanding Research in Privacy Enhancing Technologies.

Practical impact: We introduce format-transforming encryption (FTE), and build particular encryption schemes whose ciphertexts are guaranteed to match against a regular expression of one's choosing. This proves useful in a variety of settings: we show in particular how it can be used to force protocol misclassification by the kinds of deep-packet inspection (DPI) systems used to detect and block censorship circumvention tools such as Tor. Check out the FTE webpage for source code and more details.


Papers:
Eurocrypt 2013, USENIX Security 2013
Description:
We introduce new encryption mechanisms for which ciphertexts can be usefully deduplicated by a storage service (without the keys). A prototype of our system, DupLESS, that can be used by organizations to perform encryption on client side but take advantage of cloud storage that is deduplicated, can be downloaded here.

Papers:
WOOT 2012, USENIX Security 2013
Practical impact:
We discovered (and helped fix) security vulnerabilities in a widely used smartphone-based point-of-sale system (used to process credit card transactions). See the vulnerability report here. In subsequent work, we built a tool Fie for analyzing embedded firmware to find such vulnerabilities and even verify their absence in some cases.


Papers:
Asiacrypt 2011, Crypto 2012(a), Crypto 2012(b)
Practical impact:
We uncovered a new attack against the TLS record layer, uncovered weak key pairs in HMAC, and provided the first formal security analysis for PKCS#5 (password-based cryptography).


Papers:
ICALP 2007, Asiacrypt 2007, Eurocrypt 2009, Eurocrypt 2011
Practical impact:
Our design and analysis techniques are being used by contenders (such as Skein) for NIST's new cryptographic hash function standard SHA-3.