Security and Cryptography

Welcome to the web page for security and cryptography research in the Department of Computer Science and Engineering at the University of California at San Diego. Our group conducts research in areas spanning from theory to practice: we work on the theoretical foundations of cryptography; the development and analysis of cryptographic protocols and algorithms; and on applied cryptography, systems security, and network security. In line with our broad security-related research interests, we are affiliated and actively collaborate with the Theory Group, Programming Systems and the Systems and Networking Group here at UCSD.

People  |   News  |   Publications  |   Sponsors
Faculty
Mihir Bellare
Earlence Fernandes
Alex Gantman
Nadia Heninger
Russell Impagliazzo
 Deepak Kumar
Daniele Micciancio
Imani Munyaka
Stefan Savage
 Aaron Schulman
Alex C. Snoeren
Deian Stefan
Geoffrey M. Voelker
Affiliated Faculty
kc claffy
Kamalika Chaudhuri
Christian Dameff
Ranjit Jhala
 Ryan Kastner
Sorin Lerner
Nadia Polikarpova
Steven Swanson
 Dean Tullsen
Yiying Zhang
Yuanyuan Zhou
Scientists, Postdocs and Research Staff
Cindy Moore
 Gabrielle De Micheli
 Doreen Riepel
PhD Students
Arshia Arya
Alex Bellon
Andrey Bozhko
Paul Chung
Miro Haller
Katherine Izhikevich
Evan Johnson
Seoyoung Kweon
Andrey Labunets
 Enze Alex Liu
Elisa Luo
Luoxi Meng
Nishit Pandya
Rishabh Ranjan
Sumanth Rao
Keegan Ryan
Mark Schultz
 Laura Shea
Ye Shu
Michael Smith
Adam Suhl
George Sullivan
David Thien
Alisha Ukani
Haodi Zou
MS Students
Alexis Morales Flores
Recent Alumni

Nishant Bhaskar (Ph.D. 2023) MQ Prime
Hannah Davis (Ph.D. 2023) Seagate
Ariana Mirian (Ph.D. 2023) Censys
Audrey Randall (Ph.D. 2023) Google
Daniel Moghimi (postdoc 2020-2022) UT Austin
Shravan Narayan (Ph.D. 2022) UT Austin
Sam Crow (Ph.D. 2022) Meta
Bingyu Shen (Ph.D. 2022) Meta
John Renner (Ph.D. 2022) Cubist
Gautam Akiwate (Ph.D. 2022) Stanford postdoc
Jessica Sorrell (Ph.D. 2022) UPenn postdoc
Craig Disselkoen (Ph.D. 2022) → Amazon

 Leo Cao (M.S. 2024) University of Wisconsin Ph.D. program

Annie Dai (B.S. 2023) University of Maryland Ph.D. program
Kaiwen He (B.S. 2023) MIT Ph.D. program
Isabel Suizo (B.S. 2022) GoogleCMU Ph.D. program

Grant Ho (postdoc 2021-2023) University of Chicago
Alex Marder (postdoc 2019-2020, Res. Scientist 2020-2023)Johns Hopkins University
[All Alumni]
Recent News

Stefan Savage January 31— Congrats to Stefan Savage, Taylor Berg-Kirkpatick (and Geoff Voelker, the application form only allowed two names) and their students for receiving one of the first Google "Trust and Safety" Research Awards for their work focused on using Large Language Models in scam honeypots. And we hear they wrote the proposal without any help from AI! Taylor Berg-Kirkpatick

December 9— As the year draws to a close, we'd like to reflect and recognize all the success this year: six best paper awards (almost a quarter of our papers won awards this year), four completed dissertations, a new faculty member (welcome Deepak!), an NSF Career award and a $9.5M ARPA-H grant -- not too bad for a year. Congrats everyone!

Christian Dameff and Jeff Tulley October 2— The Advanced Research Projects Agency for Health (ARPA-H) has announced a $9.5 dollar award to UC San Diego to develop new ways to mitigate ransomware attacks on hospitals. This effort, led by Christian Dameff and Jeff Tulley, is joint between UCSD Health and the UCSD School of Engineering (notably our own Aaron Schulman, Geoff Voelker, and Stefan Savage) and is just the latest to come out of a long standing collaboration in this space. Congrats everyone!

August 29— Congrats to our own Aaron Schulman for his recent NSF CAREER grant and for his promotion to tenured associate professor. Congrats! Aaron Schulman

August 22— Congrats (again) to Keegan Ryan and Nadia Heninger for their Best Paper award at the 2023 Crypto for Fast Practical Lattice Reduction through Iterated Compression!!

Nishant Bhaskar July 24— Congratulations to Nishant Bhaskar for defending his dissertation, "An Empirical Approach to Securing Wireless Access Links in Urban Areas". Nishant's unique research had him driving across Souther California and brought him in touch with both industry and government (special thanks to the folks from USSS who attended the defense). He'll next be doing crazy wireless things at MQ Prime. Congrats Nishant!

July 4— Congratulations to Enze "Alex" Liu (and co-authors) for winning the Best Paper award at the 2023 IEEE Symposium on Security and Privacy (Euro S&P) for their work on insecurities in e-mail forwarding frameworks and implimentations. UCSD put out a nice summary of the work here. Euro Security and Privacy award for
[All News]
Recent Publications

Using Honeybuckets to Characterize Cloud Storage Scanning in the Wild, Katherine Izhikevich, Geoffrey M. Voelker, Stefan Savage, and Liz Izhikevich, Proceedings of the IEEE European Symposium on Security and Privacy, Vienna, Austria, July 2024.

Experimental Security Analysis of Sensitive Data Access by Browser Extensions, Rishabh Khandelwal, Asmit Nayak, Earlence Fernandes, and Kassem Fawaz, Proceedings of the Web Conference (WWW), Singapore, May 2024.

Unfiltered: Measuring Cloud-based Email Filtering Bypasses, Sumanth Rao, Enze Liu, Grant Ho, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the Web Conference (WWW), Singapore, May 2024.

The Double Edged Sword: Identifying Authentication Pages and their Fingerprinting Behavior, Asuman Senol, Alisha Ukani, Dylan Cutler, and Igor Bilogrevic, Proceedings of the Web Conference (WWW), Singapore, May 2024.

Practical Obfuscation of BLE Physical-Layer Fingerprints on Mobile Devices, Hadi Givehchian, Nishant Bhaskar, Alexender Redding, Han Zhao, Aaron Schulman, and Dinesh Bharadia, Proceedings of the IEEE Symposium on Security and Privacy, May 2024.

Architecting Trigger-Action Platforms for Security, Performance and Functionality, Deepak Siron Jegan, Michael Swift, and Earlence Fernandes, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2024.

On Precisely Detecting Censorship Circumvention in Real-World Networks, Ryan Wails, George Arnold Sullivan, Micah Sherr, and Rob Jansen, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2024.

Experimental Analyses of the Physical Surveillance Risks in Client-Side Content Scanning, Ashish Hooda, Andrey Labunets, Tadayoshi Kohno, and Earlence Fernandes, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2024.

An Empirical Analysis of Enterprise-Wide Mandatory Password Updates, Ariana Mirian, Grant Ho, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Annual Computer Security Applications Conference (ACSAC), Austin, TX, December 2023.

Fast Practical Lattice Reduction through Iterated Compression, Keegan Ryan and Nadia Heninger, Proceedings of Crypto 2023, Santa Barbara, CA, August 2023. (Best paper award).

When Messages are Keys: Is HMAC a Dual-PRF?, Matilda Backendal, Mihir Bellare, Felix Gunther, and Matteo Scarlata, Proceedings of Crypto 2023, Santa Barbara, CA, August 2023.

Reductions from Module Lattices to Free Module Lattices, and Application to Dequantizing Module-LLL, Gabrielle De Micheli, Daniele Micciancio, Alice Pellet-Mary, and Nam Tran, Proceedings of Crypto 2023, Santa Barbara, CA, August 2023.

Error Correction and Ciphertext Quantization in Lattice Cryptography, Daniele Micciancio and Mark Schultz, Proceedings of Crypto 2023, Santa Barbara, CA, August 2023.

Access Denied: Assessing Physical Risks to Internet Access Networks, Alexander Marder, Zesen Zhang, Ricky Mok, Ramakrishna Padmanabhan, Bradley Huffaker, Matthew Luckie, Alberto Dainotti, kc claffy, Alex C. Snoeren, and Aaron Schulman, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

Improving Logging to Reduce Permission Over-Granting Mistakes, Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

HECO: Fully Homomorphic Encryption Compiler, Alexander Viand, Patrick Jattke, Miro Haller, and Anwar Hithnawi, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

MultiView: Finding Blind Spotsin Access-Deny Issues, Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

Understanding the Viability of Gmail’s Origin Indicator for Identifying the Sender, Enze Liu, Lu Sun, Alex Bellon, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Imani N. S. Munyaka, Proceedings of the Sympsoium on Useable Privacy and Security, Anaheim, CA, August 2023.

In the Line of Fire: Risks of DPI-triggered Data Collection, Ariana Mirian, Alisha Ukani, Ian Foster, Gautam Akiwate, Taner Halicioglu, Cindy Moore, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), Marina del Rey, CA, August 2023.

No Privacy Among Spies: Assessing the Functionality and Insecurity of Consumer Android Spyware Apps, Enze Liu, Sumanth Rao, Sam Havron, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Damon McCoy, Proceedings on Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, July 2023.

Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy, Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE European Symposium on Security and Privacy, Delft, The Netherlands, July 2023. (Best paper award).

Ransomware Attack Associated With Disruptions at Adjacent Emergency Departments in the US, Christian Dameff, Jeffrey Tully, Theodore C. Chan, Edward M. Castillo, Stefan Savage, Patricia Maysent, Thomas M. Hemmen, Brian J. Clay, and Christopher A. Longhurst, JAMA Network Open 6(5):e2312270-e2312270, 2023.

TagAlong: Free, Wide-Area Data-Muling and Services, Alex Bellon, Alex Yen, and Pat Pannuto, Proceedings of International Workshop on Mobile Computing Systems and Applications (HotMobile), Newport Beach, CA, 2023.

[All Publications]
Affiliations
Center for Networked Systems (CNS)         Cooperative Association for Internet Data Analysis (CAIDA)       San Diego Super Computer Center (SDSC)        California Institute for Telecommunications and Information Technology (Cal-IT2) CalIT(2)
Sponsors