Security and Cryptography

Welcome to the web page for security and cryptography research in the Department of Computer Science and Engineering at the University of California at San Diego. Our group conducts research in areas spanning from theory to practice: we work on the theoretical foundations of cryptography; the development and analysis of cryptographic protocols and algorithms; and on applied cryptography, systems security, and network security. In line with our broad security-related research interests, we are affiliated and actively collaborate with the Theory Group, Programming Systems and the Systems and Networking Group here at UCSD.

People  |   News  |   Publications  |   Sponsors
Faculty
Mihir Bellare
Nadia Heninger
Russell Impagliazzo
Daniele Micciancio
Stefan Savage
Aaron Schulman
Alex C. Snoeren
Deian Stefan
Geoffrey M. Voelker
Affiliated Faculty
kc claffy
Kamalika Chaudhuri
Ranjit Jhala
Ryan Kastner
Sorin Lerner
Nadia Polikarpova
Steven Swanson
Dean Tullsen
Yiying Zhang
Yuanyuan Zhou
Adjunct Faculty
Kirill Levchenko Hovav Shacham
Scientists, Postdocs and Research Staff
Klaus von Gleissenthall Cindy Moore
PhD Students
Gautam Akiwate
Vivek Arte
Nishant Bhaskar
Sunjay Cauligi
Sam Crow
Wei Dai
Hannah Davis
Craig Disselkoen
Alex Gamero-Garrido
Marcella Hastings
Evan Johnson
Baiyu Li
Enze Alex Liu
Ariana Mirian
Shravan Narayan
Ruth Ng
Audrey Randall
John Renner
Keegan Ryan
Mark Schultz
Laura Shea
Bingyu Shen
Mingyao Shen
Michael Smith
Jessica Sorrell
Igors Stepanovs
Adam Suhl
George Sullivan
David Thien
Alisha Ukani
Psi Vesely
Yudong Wu
Chengcheng Xiang
Recent Alumni
Guo "Vector" Li (Ph.D. 2020) Google

Felix Guenther (postdoc 2018-2019) ETH Zurich (postdoc)
Joseph Jaeger (Ph.D. 2019) University of Washington (postdoc)
Nicholas Genise (Ph.D. 2019) Rutgers University (postdoc)SRI
Zhaomo Yang (Ph.D. 2019) Google
Louis DeKoven (Ph.D. 2019) Facebook
Brown Farinholt (Ph.D. 2019) Facebook
Maxwell Bland (M.S. 2019) University of Illinois Ph.D. program
Gary Soeller Mason America
Brian Johannesmeyer Vrije Universiteit Ph.D. program

Joe DeBlasio (Ph.D. 2018) Google
Michael Walter (Ph.D. 2018) IST Vienna, Austria (postdoc)
Brian Kantor (retired 2018) ARDC
Liz Izhikevich (M.S. 2018) Stanford Ph.D. program
Evan Ronceivch (M.S. 2018) Sandia National Labs

Tianyin Xu (Ph.D. 2017) Facebook (Visiting Scientist)University of Illinois Urbana Champaign
Danny Huang (Ph.D. 2017) → Princeton (postdoc)NYU Poly
Xinxin Jin (Ph.D. 2017) Whova

[All Alumni]
Recent News

HASH(0x2fb92c0) August 24— They did it again! Nadia Polikarpova and Deian Stefan, and their collaborators Jean Yang, Shachar Itzhaky, Travis Hance, and Armando Solar-Lezama received a distinguished paper award at the 2020 International Conference on Functional Programming for their work on using liquid types for security.

August 12— Congratulations to Shravan Narayan, Craig Disselkoen, Sorin Lerner, Hovav Shacham, and Deian Stefan, and their Stanford and Mozilla collaborators Tal Garfinkel, Nathan Froyd, and Eric Rahm for receiving a distinguished paper award at the 2020 USENIX Security Symposium. Read more about their effort sandboxing third-party libraries in the production Firefox browser. HASH(0x2fbd618)

Vector June 10— Congrats to Guo "Vector" Li, who defended his dissertation today on "An Empirical Analysis on Threat Intelligence: Data Characteristic and Real-World Uses". Vector will be joining Google to work on cloud security with our old collaborator, Chris Grier.

HASH(0x2fbffb0) May 18— Congratulations to the all-star team of Steve Checkoway, Damon McCoy, Danny Anderson, Hovav Shacham, Stefan Savage, and the late Brian Kantor, and their University of Washington collaborators Karl Koscher, Alexei Czeskis, Franzi Roesner, Shwetak Patel, and Yoshi Kohno! Their landmark study of the vulnerability of modern automobiles was awarded the 2020 IEEE Security & Privacy Test of Time Award. Read more about their efforts around their seminal work. HASH(0x2fc0490)
[All News]
Recent Publications

Can Systems Explain Permissions Better? Understanding Users' Misperceptions under Smartphone Runtime Permission Model, Bingyu Shen, Lili Wei, Chengcheng Xiang, Yudong Wu, Mingyao Shen, Yuanyuan Zhou, and Xinxin Jin, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

Diogenes: Lightweight Scalable RSA Modulus Generation with a Dishonest Majority, Megan Chen, Carmit Hazay, Yuval Ishai, Yuriy Kashnikov, Daniele Micciancio, Tarik Riviere, Abhi Shelat, Muthuramakrishnan Venkitasubramaniam, and Ruihan Wang, Proceedings of the IEEE Symposium on Security and Privacy, San Francisco, CA, May 2021.

Доверя́й, но проверя́й: SFI safety for native-compiled Wasm, Evan Johnson, David Thien, Yousef Alhessi, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, and Deian Stefan, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2021.

Unresolved Issues: Prevalence, Persistence and Perils of Lame Nameservers, Gautam Akiwate, Raffaele Sommese, Mattijs Jonker, Ian Foster, Stefan Savage, Geoffrey M. Voelker, and kc Claffy, Proceedings of the ACM Internet Measurement Conference, Pittsburgh, Pennsylvania (via the Internet), October 2020.

Trufflehunter: Cache Sniffing Rare Domains at Large Public DNS Resolvers, Audrey Randall, Enze Liu, Gautam Akiwate, Ramakrishna Padmanabhan, Stefan Savage, Geoffrey M. Voelker, and Aaron Schulman, Proceedings of the ACM Internet Measurement Conference, Pittsburgh, Pennsylvania (via the Internet), October 2020.

Comparing the Difficulty of Factorization and Discrete Logarithm: A 240-Digit Experiment, Fabrice Boudot, Pierrick Gaudry, Aurore Guillevic, Nadia Heninger, Emmanuel Thom´e, and Paul Zimmermann, Proceedings of Crypto 2020, Santa Barbara, CA, August 2020.

Liquid Information Flow Control, Nadia Polikarpova, Deian Stefan, Jean Yang, Shachar Itzhaky, Travis Hance, and Armando Solar-Lezama, Proceedings of International Conference on Functional Programming, August 2020. (Distinguished paper).

TPM-FAIL: TPM meets Timing and Lattice Attacks, Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger, Proceedings of the USENIX Security Symposium, August 2020.

CopyCat: Controlled Instruction-Level Attacks on Enclaves, Daniel Moghimi, Jo Van Bulck, Nadia Heninger, Frank Piessens, and Berk Sunar, Proceedings of the USENIX Security Symposium, August 2020.

Sys: a Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code, Fraser Brown, Deian Stefan, and Dawson Engler, Proceedings of the USENIX Security Symposium, August 2020.

Retrofitting Fine Grain Isolation in the Firefox Renderer, Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, and Deian Stefan, Proceedings of the USENIX Security Symposium, August 2020. (Distinguished paper).

Exploring Connections Between Active Learning and Model Extraction, Varun Chandrasekaran, Kamalika Chaudhuri, Irene Giacomelli, Somesh Jha, and Songbai Yan, Proceedings of the USENIX Security Symposium, August 2020.

Towards a verified range analysis for JavaScript JITs, Fraser Brown, John Renner, Andres Nöetzli, Sorin Lerner, Hovav Shacham, and Deian Stefan, Proceedings of the ACM SIGPLAN Conference onProgramming Language Design and Implementation (PLDI), June 2020.

Constant-time foundations for the new Spectre era, Sunjay Cauligi, Craig Disselkoen, Klaus von Gleissenthall, Dean Tullsen, Deian Stefan, Tamara Rezk, and Gilles Barthe, Proceedings of the ACM SIGPLAN Conference onProgramming Language Design and Implementation (PLDI), June 2020.

Understanding Memory and Thread Safety Practices and Issues in Real-World Rust Programs, Boqin Qin, Yilun Chen, Zeming Yu, Linhai Song, and Yiying Zhang, Proceedings of the ACM SIGPLAN Conference onProgramming Language Design and Implementation (PLDI), June 2020. (The first two authors contributed equally.).

Properties of constacyclic codes under the Schur product, Brett Hemenway Falk, Nadia Heninger, and Michael Rudow, Designs, Codes, and Cryptography 88(6), June 2020.

Improved Discrete Gaussian and Subgaussian Analysis for Lattice Cryptography, Nicholas Genise, Daniele Micciancio, Chris Peikert, and Michael Walter, Proceedings of PKC 2020, June 2020.

Pseudorandom Black Swans: Cache Attacks on CTRDRBG, Shaanan Cohney, Andrew Kwong, Shahar Paz, Daniel Genkin, Nadia Heninger, Eyal Ronen, and Yuval Yarom, Proceedings of the IEEE Symposium on Security and Privacy, May 2020.

Packet Chasing: Spying on Network Packets over a Cache Side-Channel, Mohammadkazem Taram, Ashish Venkat, and Dean M. Tullsen, Proceedings of ACM/IEEE Annual International Symposium on Computer Architecture, ISCA 2020, May 2020.

Separate Your Domains: NIST PQC KEMs, Oracle Cloning and Read-Only Indifferentiability, Mihir Bellare, Hannah Davis, and Felix Günther, Proceedings of Eurocrypt 2020, Virtual, May 2020.

Security Under Message-Derived Keys: Signcryption in iMessage, Mihir Bellare and Igors Stepanovs, Proceedings of Eurocrypt 2020, Virtual, May 2020.

Shredder: Learning Noise Distributions to Protect Inference Privacy, Fatemehsadat Mireshghallah, Mohammadkazem Taram, Prakash Ramrakhyani, Ali Jalali, Dean M. Tullsen, and Hadi Esmaeilzadeh, Proceedings of Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2020, April 2020.

Dark Matter: Uncovering the DarkComet RAT Ecosystem, Brown Farinholt, Mohammad Rezaeirad, Damon McCoy, and Kirill Levchenko, Proceedings of The Web Conference (WWW), Taipei, Taiwan, April 2020.

The Local Forking Lemma and Its Application to Deterministic Encryption, Mihir Bellare, Wei Dai, and Lucy Li, Proceedings of ASIACRYPT 2019, December 2019.

Homomorphic Encryption for Finite Automata, Nicholas Genise, Craig Gentry, Shai Halevi, Baiyu Li, and Daniele Micciancio, Proceedings of ASIACRYPT 2019, 2019.

Hack for Hire, Ariana Mirian, Communications of the Association for Computing Machinery 62(12):32-37, December 2019.

Towards Continuous Access Control Validation and Forensics, Chengcheng Xiang, Yudong Wu, Bingyu Shen, Mingyao Shen, Haochen Huang, Tianyin Xu, Yuanyuan Zhou, Cindy Moore, Xinxin Jin, and Tianwei Sheng, Proceedings of the ACM Conference on Computer and Communications Security (CCS), London, UK, November 2019.

VeriSketch: Synthesizing Secure Hardware Designs with Timing-Sensitive Information Flow Properties, Armaiti Ardeshiricham, Yoshiki Takashima, Sicun Gao, and Ryan Kastner, Proceedings of the ACM Conference on Computer and Communications Security (CCS), London, UK, November 2019.

Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the Internet, Matthew J. Luckie, Robert Beverly, Ryan Koga, Ken Keys, Joshua A. Kroll, and kc claffy, Proceedings of the ACM Conference on Computer and Communications Security (CCS), London, UK, November 2019.

Interactive proofs for lattice problems, Daniele Micciancio, In Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali. Oded Goldreich, editor. ACM, 2019.

[All Publications]
Affiliations
Center for Networked Systems (CNS)         Cooperative Association for Internet Data Analysis (CAIDA)       San Diego Super Computer Center (SDSC)        California Institute for Telecommunications and Information Technology (Cal-IT2) CalIT(2)
Sponsors