MIT CSAIL SECURITY SEMINAR
The security seminar at MIT CSAIL hosts talks on systems security, cryptography with potential for applications, or other areas related to security. Members come from a variety of groups within systems and cryptography, both from MIT and other institutions. A summary of the talks can be found on this blog.

All the talks are open to the public unless stated otherwise!

WHEN
WHERE
4pm on Wednesdays
MIT Stata Center G882
SIGN UP
OR
Security Seminar Schedule
VIEW IN GOOGLE CALENDAR VIEW IN ICAL FORMAT
Upcoming Talks
MAR
22
2017
Speaker(s):
HENRY CORRIGAN-GIBBS
Stanford University Department of Computer Science
Talk/Information:
SECURE COMPUTATION

Henry will talk about a system which privately computes aggregate statistics.   Read abstract and more information
APR
26
2017
Speaker(s):
BENJAMIN FULLER
University of Connecticut
Talk/Information:
SECURE COMPUTATION

Ben will talk about the problem of database search, the current state of the art, and attacks against these systems.   Read abstract and more information
MAY
03
2017
Speaker(s):
DHINAKARAN VINAYAGAMURTHY
University of Waterloo
Talk/Information:
SECURE COMPUTATION

Dhinakaran will talk about Iron, a system implementing functional encryption with Intel SGX.   Read abstract and more information



Past Talks
MAR
15
2017
Speaker(s):
SHAILESHH BOJJA VENKATAKRISHNAN
University of Illinois Urbana-Champaign
Talk/Information:
NETWORK SECURITY

Shaileshh will present a Bitcoin P2P networking policy providing provable anonymity guarantees.   Read abstract and more information
FEB
15
2017
Speaker(s):
DOMENIC PUZIO
CapitalOne
Talk/Information:
NETWORK SECURITY

Domenic will be speaking about Detecting Malware Callouts in Realtime Network Traffic.   Read abstract and more information
NOV
02
2016
Speaker(s):
KOSTYA SEREBRYANY
Google
Talk/Information:
OS SECURITY

Kostya will talk about sanitizing, fuzzing, and hardening C/C++ code for security and reliability. Note: This talk will happen at 11 am instead of the normal 4 pm slot.   Read abstract and more information
OCT
12
2016
Speaker(s):
BALAJI SRINIVASAN
21.co and a16z
Talk/Information:
BITCOIN

Balaji will be speaking about How Bitcoin enables a Machine-Payable Web. This is a joint talk with MIT Media Lab Digital Currency Initiative.   Read abstract and more information
SEP
28
2016
Speaker(s):
ETHAN HEILMAN
BU
Talk/Information:
BITCOIN

Ethan will be speaking about TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub.   Read abstract and more information
SEP
14
2016
Speaker(s):
MUNEEB ALI
Princeton and Blockstack
Talk/Information:
NETWORK SECURITY

Muneeb will be speaking about Blockstack: A Global Naming and Storage System Secured by Blockchains.   Read abstract and more information
APR
20
2016
Speaker(s):
ENGIN KIRDA
Northeastern University
Talk/Information:
NETWORK SECURITY

Engin will be speaking about CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities.   Read abstract and more information
APR
13
2016
Speaker(s):
YOSSI GILAD
MIT/BU
Talk/Information:
NETWORK SECURITY

Yossi will be speaking about CDN on Demand: An Affordable DDoS Defense over Untrusted IaaS Clouds.   Read abstract and more information
MAR
09
2016
Speaker(s):
ROXANA GEAMBASU
Columbia University
Talk/Information:
PRIVACY

Roxana will be speaking about Privacy in a Data-Driven World.   Read abstract and more information
MAR
02
2016
Speaker(s):
AANCHAL MALHOTRA
Boston Universitiy
Talk/Information:
NETWORK SECURITY

Anachal will be speaking about Attacking the Network Time Protocol.   Read abstract and more information
FEB
10
2016
Speaker(s):
TRAMMELL HUDSON
Two Sigma
Talk/Information:
HARDWARE SECURITY

Trammel will be speaking about Thunderstrike: EFI firmware bootkits for Apple MacBooks.   Read abstract and more information
DEC
09
2015
Speaker(s):
RANJIT KUMARESAN
MIT
Talk/Information:
BITCOIN

Ranjit will be speaking about How to Use Bitcoin to Play Decentralized Poker.   Read abstract and more information
NOV
18
2015
Speaker(s):
ANDRE DEHON
University of Pennsylvania
Talk/Information:
HARDWARE SECURITY

Andre will be speaking about Software-Defined Metadata Processing.   Read abstract and more information
NOV
11
2015
Speaker(s):
YONATAN SOMPOLINSKY
The Hebrew University of Jerusalem
Talk/Information:
BITCOIN

Yonatan will speak about Bitcoin's future: scalability and protocol modifications.   Read abstract and more information
NOV
04
2015
Speaker(s):
ZAKIR DURUMERIC
University of Michigan
Talk/Information:
NETWORK SECURITY

Zakir will be speaking about Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice.   Read abstract and more information
OCT
28
2015
Speaker(s):
CRISTINA NITA-ROTARU
Northeastern University
Talk/Information:
NETWORK SECURITY

Cristina will be speaking about On the trade-offs between performance and security in network protocols design.   Read abstract and more information
OCT
21
2015
Speaker(s):
PETER Y A RYAN
University of Luxembourg
Talk/Information:
APPLIED CRYPTO

Peter will be speaking about Selene: Voter-Friendly, Receipt Free, Verifiable Voting.   Read abstract and more information
SEP
30
2015
Speaker(s):
ETHAN HEILMAN
Boston University
Talk/Information:
NETWORK SECURITY

Ethan will be speaking about Eclipse attacks on Bitcoin's Peer-to-Peer Network.   Read abstract and more information
MAY
20
2015
Speaker(s):
SHARON GOLDBERG
Boston University
Talk/Information:
NETWORK SECURITY

Sharon will be speaking about On the Risk of Misbehaving RPKI Authorities.   Read abstract and more information
MAY
06
2015
Speaker(s):
BRYAN FORD
EPFL
Talk/Information:
DECENTRALIZED SYSTEMS

Bryan will be speaking about Decentralizing Authorities into Scalable Strongest-Link Cothorities.   Read abstract and more information
APR
29
2015
Speaker(s):
RANJIT KUMARESAN
MIT
Talk/Information:
CRYPTOGRAPHY

Ranjit will be speaking about How to Use Bitcoin to Incentivize Correct Computations.   Read abstract and more information
MAR
04
2015
Speaker(s):
SERGEY GORBUNOV
MIT
Talk/Information:
CRYPTOGRAPHY

Sergey Gorbunov is giving a practice job talk. Come and give feedback!  
FEB
25
2015
Speaker(s):
ANDREW BAUMANN
Microsoft Research
Talk/Information:
SYSTEMS SECURITY

Andrew will be speaking about Shielding applications from an untrusted cloud with Haven. NOTE: This talk will be at 3 pm.   Read abstract and more information
FEB
18
2015
Speaker(s):
MUHAMMAD NAVEED
UIUC
Talk/Information:
APPLIED CRYPTO

Muhammad will talk about Controlled Functional Encryption.   Read abstract and more information
FEB
11
2015
Speaker(s):
FARINAZ KOUSHANFAR
Rice University
Talk/Information:
HARDWARE SECURITY

Farinaz will talk about Secure Computation by Superfolding Garbled Circuits.   Read abstract and more information
JAN
14
2015
Speaker(s):
JEAN YANG
MIT
Talk/Information:
PROGRAMMING LANGUAGE SECURITY

Jean Yang will be giving a practice faculty talk. Come and give her feedback!  
NOV
13
2014
Speaker(s):
JAMES MICKENS
Microsoft Research
Talk/Information:
WEB SECURITY

James will talk about Fast, Synchronous Mashup Isolation in Web Applications.   Read abstract and more information
OCT
01
2014
Speaker(s):
VOLODYMYR KUZNETSOV AND GEORGE CANDEA
EPFL
Talk/Information:
SYSTEMS SECURITY

Volodymyr and George will talk about Code-Pointer Integrity .   Read abstract and more information
SEP
24
2014
Speaker(s):
JULIAN BANGERT
MIT
Talk/Information:
SYSTEMS SECURITY

Julian will give his OSDI practice talk on Nail: A Practical Tool for Parsing and Generating Data Formats.   Read abstract and more information
SEP
10
2014
Speaker(s):
HAKIM WEATHERSPOON
Cornell
Talk/Information:
NETWORK SECURITY

Hakim will talk about Chupja--PHY Covert Channels: Can you see the Idles?   Read abstract and more information
MAY
15
2014
Speaker(s):
BRYAN FORD
Yale
Talk/Information:
WEB SECURITY

Bryan will talk about Can You Hide in an Internet Panopticon?   Read abstract and more information
APR
23
2014
Speaker(s):
ALLEY STOUGHTON
Lincoln Labs
Talk/Information:
CRYPTO

Alley will talk about Proving the Security of a Simple Private Information Retrieval Protocol using EasyCrypt.   Read abstract and more information
APR
16
2014
Speaker(s):
WILLIAM YOUNG AND NANCY LEVESON
MIT
Talk/Information:
SYSTEMS SECURITY

William and Nancy will talk about Integrating Safety and Security using Systems Theory.   Read abstract and more information
APR
09
2014
Speaker(s):
NICK FEAMSTER
Georgia Tech
Talk/Information:
WEB SECURITY

Nick will talk about Bots, Bubbles, and Bottleneck: Safeguarding the User's Internet Experience.   Read abstract and more information
MAR
19
2014
Speaker(s):
JIM GETTYS
Bell Labs
Talk/Information:
HARDWARE SECURITY

Jim will talk about (In)Security in Home Embedded Devices.   Read abstract and more information
FEB
19
2014
Speaker(s):
THOMAS HARDJONO
MIT
Talk/Information:
WEB SECURITY

Thomas will talk about Consent Management using User Managed Access (UMA) protocol.   Read abstract and more information
DEC
11
2013
Speaker(s):
EMIL STEFANOV
Berkeley
Talk/Information:
APPLIED CRYPTOGRAPHY

Emil will talk about A Practical System for Verifying Recoverability of Big Data.   Read abstract and more information
NOV
20
2013
Speaker(s):
PROF. STEPHEN CHONG
Harvard University
Talk/Information:
LANGUAGE-LEVEL SECURITY

Stephen will talk about Shill: A Secure Shell Scripting Language.   Read abstract and more information
NOV
14
2013
Speaker(s):
PROF. ENGIN KIRDA
Northeastern University
Talk/Information:
MALWARE

Engin will talk about Experiences and Challenges in Automated Malware Analysis: Quo Vadis Sandboxes?   Read abstract and more information
OCT
23
2013
Speaker(s):
PROF. WILLIAM ROBERTSON
Northeastern University
Talk/Information:
OS-BASED PRIVACY

Wil will talk about PrivExec: Private Execution as an Operating System Service.   Read abstract and more information
OCT
09
2013
Speaker(s):
JOEL REARDON
ETH Zurich
Talk/Information:
DATA DELETION

Joel will talk about Secure Data Deletion from Persistent Media.   Read abstract and more information
OCT
02
2013
Speaker(s):
XI WANG
MIT
Talk/Information:
SOFTWARE SECURITY

Xi will talk about Towards Optimization-Safe Systems: Analyzing the Impact of Undefined Behavior.   Read abstract and more information
SEP
18
2013
Speaker(s):
DR. SENY KAMARA
Microsoft Research Redmond
Talk/Information:
SEARCH OVER ENCRYPTED DATA

Seny will talk about How to search over encrypted data.   Read abstract and more information
SEP
11
2013
Speaker(s):
PROF. YEVGENIY DODIS
New York University
Talk/Information:
BETTER RANDOM NUMBER GENERATION

Yevgeniy will talk about improving /dev/(u)random: Random Number Generation, Revisited.   Read abstract and more information
AUG
28
2013
Speaker(s):
PROF. TAL MORAN
Interdisciplinary Center Herzliya Israel
Talk/Information:
VOTING SECURITY

Tal will talk about Verifiable Anonymous Polling.   Read abstract and more information
JUN
19
2013
Speaker(s):
AMIT LEVY AND DEIAN STEFAN
Stanford
Talk/Information:
WEB SECURITY

Amit and Deian will talk about Hails: Protecting Data Privacy in Untrusted Web Applications.   Read abstract and more information
MAY
22
2013
Speaker(s):
DR. ROBERT N. M. WATSON
University of Cambridge
Talk/Information:
OS SECURITY

Robert will talk about A Decade of Access-Control Extensibility.   Read abstract and more information
MAY
01
2013
Speaker(s):
GAVIN ANDRESEN, BITCOIN FOUNDATION
Chief Scientist
Talk/Information:
BITCOIN'S SECURITY

Gavin will talk about the security protocol of Bitcoin.   Read abstract and more information
APR
03
2013
Speaker(s):
PROF. SANJIT A. SESHIA
UC Berkeley
Talk/Information:
LANGUAGE-BASED SECURITY

Sanjit will talk about "Verification with Small and Short Worlds".   Read abstract and more information
MAR
20
2013
Speaker(s):
DR. DAVID CHISNALL
University of Cambridge UK
Talk/Information:
CHERI ARCHITECTURE

David will talk about "Language Interoperability without Sacrificing Safety".   Read abstract and more information
MAR
19
2013
Speaker(s):
PROF. SIMHA SETHUMADHAVAN
Columbia University
Talk/Information:
SIDE-CHANNEL ATTACKS

Simha will talk about Measuring Side Channel Vulnerability using SVF.   Read abstract and more information
MAR
13
2013
Speaker(s):
JUSTIN THALER
Harvard University
Talk/Information:
APPLIED CRYPTOGRAPHY

Justin will talk about Time-Optimal Interactive Proofs for Circuit Evaluation.   Read abstract and more information
FEB
11
2013
Speaker(s):
HAOHUI MAI
University of Illinois at Urbana-Champaign
Talk/Information:
MOBILE SYSTEMS SECURITY

Haohui Mai will talk about Building a Secure Foundation for Mobile Apps.   Read abstract and more information
DEC
10
2012
Speaker(s):
CHRIS ENG
Veracode - industry talk
Talk/Information:
BINARY STATIC ANALYSIS

Chris Eng will talk about their binary static analysis work at Veracode.   Read abstract and more information
DEC
03
2012
Speaker(s):
DR. NADIA HENINGER
Microsoft Research New England
Talk/Information:
CRYPTANALYSIS, NETWORK SECURITY

Nadia Heninger will talk about Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices.   Read abstract and more information
NOV
26
2012
Speaker(s):
EUNSUK KANG
MIT
Talk/Information:
SYSTEMS SECURITY

Eunsuk will talk about Automating End User Security Task.   Read abstract and more information
NOV
19
2012
Speaker(s):
PROF. MIKE WALFISH
UT Austin
Talk/Information:
PRACTICAL VERIFIABLE COMPUTATION

Mike Walfish will talk about Making proof-based verified computation almost practical.   Read abstract and more information
NOV
05
2012
Speaker(s):
DR. ARI JUELS
RSA the Security Division of EMC
Talk/Information:
CLOUD SECURITY

Ari will talk about Breaks in the Cloud.   Read abstract and more information
OCT
22
2012
Speaker(s):
AMIR RAHMATI
UMass Amherst
Talk/Information:
EMBEDDED DEVICES SECURITY

Amir Rahmati will talk about TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks.   Read abstract and more information
OCT
01
2012
Speaker(s):
CHRIS FLETCHER
MIT
Talk/Information:
FULLY HOMOMORPHIC ENCRYPTION AND HARDWARE

Chris Fletcher will talk about Techniques for performing secure computation on encrypted data.   Read abstract and more information
SEP
24
2012
Speaker(s):
XI WANG
MIT
Talk/Information:
OPERATING SYSTEMS SECURITY

Xi Wang will talk about Improving integer security for systems.   Read abstract and more information
SEP
17
2012
Speaker(s):
PROF. GREG MORRISETT
Harvard University
Talk/Information:
SOFTWARE FAULT ISOLATION

Greg Morrisett will talk about RockSalt: Better, Faster, Stronger Software Fault Isolation for the x86.   Read abstract and more information
MAY
07
2012
Speaker(s):
JEAN YANG
MIT
Talk/Information:
LANGUAGE-BASED PRIVACY

Jean Yang, MIT, will talk about Jeeves, a language for enforcing privacy.   Read abstract and more information
APR
23
2012
Speaker(s):
EMIL STEFANOV
Berkeley
Talk/Information:
STORAGE SECURITY

Emil Stefanov from Berkeley will talk about Concealing Access Patterns to Cloud Storage for Privacy.   Read abstract and more information
APR
09
2012
Speaker(s):
ROBERT GRIFFIN, RSA
Security Division of EMC
Talk/Information:
CLOUD SECURITY

Bob Griffin, Chief Security Architect at RSA, will talk about "Keys and Clouds: Searching for the Equilibrium". This is an industry talk co-organized with RSA Labs.  
APR
02
2012
Speaker(s):
DR. ALINA OPREA
RSA Labs
Talk/Information:
CLOUD COMPUTING SECURITY

New approaches to securing cloud data: Alina will talk about some of the research RSA Labs has done on extending the trust perimeter from the enterprise data center into public clouds.   Read abstract and more information
FEB
27
2012
Speaker(s):
ARIEL J. FELDMAN
Princeton
Talk/Information:
CLOUD SECURITY

Ari will talk about Privacy and Integrity in the Untrusted Cloud.   Read abstract and more information
FEB
13
2012
Speaker(s):
DR. SHAI HALEVI
IBM T. J. Watson Research Center
Talk/Information:
HOMOMORPHIC ENCRYPTION

Shai will talk about Recent advances in homomorphic encryption. Here are Shai's slides.   Read abstract and more information
JAN
30
2012
Speaker(s):
EMILY STARK
MIT
Talk/Information:
BROWSER SECURITY

Emily will talk about The Case for Prefetching and Prevalidating TLS Server Certificates.   Read abstract and more information
JAN
23
2012
Speaker(s):
NIKOS TRIANDOPOULOS
RSA Labs & Boston University
Talk/Information:
INTEGRITY FOR OUTSOURCED DATABASES

Nikos will talk about Verifying Keyword and Database Search in the Cloud .   Read abstract and more information
DEC
19
2011
Speaker(s):
DR. DENNIS MOREAU
EMC Corporation
Talk/Information:
CLOUD COMPUTING SECURITY

Dennis will talk about Focused Threat Response and Forensic Information Sharing: Current Challenges and Limits in Cloud Computing Scenarios. This talk was jointly organized with the RSA Labs.   Read abstract and more information
DEC
12
2011
Speaker(s):
PROF. ROXANA GEAMBASU
Columbia University
Talk/Information:
CLOUD AND MOBILE SECURITY

Roxana will talk about Regaining control over cloud and mobile data.   Read abstract and more information
NOV
28
2011
Speaker(s):
PROF. ADAM CHLIPALA
MIT
Talk/Information:
WEB SECURITY

Adam will talk about Web Security via Types and Theorem-Proving in the Ur/Web Programming Language.   Read abstract and more information
NOV
21
2011
Speaker(s):
PROF. STEPHEN CHONG
Harvard University
Talk/Information:
LANGUAGE-BASED SECURITY

Stephen will talk about Inference of Expressive Information Security Policies. This talk is joint with the PL seminar.   Read abstract and more information
NOV
14
2011
Speaker(s):
DR. JAD NAOUS
MIT
Talk/Information:
ROUTING SECURITY

Jad will talk about Verifying and Enforcing Network Paths with ICING .   Read abstract and more information
OCT
31
2011
Speaker(s):
KEVIN BOWERS
RSA Labs
Talk/Information:
CLOUD COMPUTING SECURITY

Kevin will talk about How to Tell If Your Files Are Vulnerable to Drive Crashes.   Read abstract and more information
OCT
17
2011
Speaker(s):
RALUCA ADA POPA
MIT
Talk/Information:
APPLICATION AND DATABASE CONFIDENTIALITY

Raluca will talk about CryptDB: Protecting Confidentiality with Encrypted Query Processing.   Read abstract and more information
OCT
03
2011
Speaker(s):
DR. BEN LIVSHITS
Microsoft Research Redmond
Talk/Information:
BROWSER PRIVACY

Ben will talk about RePriv: Re-Imagining Content Personalization and In-Browser Privacy.   Read abstract and more information
AUG
04
2011
Speaker(s):
DR. ÚLFAR ERLINGSSON
security researcher at Google
Talk/Information:
CLOUD COMPUTING SECURITY

Úlfar will briefly outline some issues and potential research topics in cloud security, with examples from Google's past and current technology efforts used to give context.   Read abstract and more information
APR
14
2011
Speaker(s):
DR. ALINA OPREA
RSA Labs
Talk/Information:
CLOUD SECURITY

Alina will talk about recent work: A Scalable Cloud File System with Efficient Integrity Checks.   Read abstract and more information
APR
07
2011
Speaker(s):
PROF. LEONID REYZIN
Boston University
Talk/Information:
BGP SECURITY

Leo will talk about recent work: Sequential Aggregate Signatures with Lazy Verification for S-BGP.   Read abstract and more information
MAR
31
2011
Speaker(s):
RON ROTHBLUM
Weizmann Institute
Talk/Information:
HOMOMORPHIC ENCRYPTION

Ron Rothblum will give a talk for the CIS seminar: "Homomorphic Encryption: from Private-Key to Public-Key"  
FEB
24
2011
Speaker(s):
PROF. SHARON GOLDBERG
Boston University
Talk/Information:
BGP SECURITY

Sharon will talk about recent work: Let the Market Drive Deployment: A Strategy for Transitioning to BGP Security. Joint work with Phillipa Gill and Michael Schapira.   Read abstract and more information
DEC
02
2010
Speaker(s):
DR. ASLAN ASKAROV
Cornell University
Talk/Information:
PREDICTIVE BLACK-BOX MITIGATION OF TIMING CHANNELS

We investigate techniques for general black-box mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of timing mitigators that can achieve any given bound on timing channel leakage, with a tradeoff in system performance. We show these mitigators compose well with other mechanisms for information flow control, and demonstrate they are effective against some known timing attacks.  
NOV
03
2010
Speaker(s):
DR. FRANK MCSHERRY
Microsoft Research
Talk/Information:
DIFFERENTIAL PRIVACY

Frank will present his work on Privacy Integrated Queries: A Programming Language for Differentially-Private Computation.   Read abstract and more information
OCT
28
2010
Speaker(s):
PROF. ANDREW MYERS
Cornell University
Talk/Information:
LANGUAGE-BASED SECURITY FOR DISTRIBUTED SYSTEMS

Andrew will talk about Fabric: Using language-based security to build secure distributed systems.   Read abstract and more information
OCT
21
2010
Speaker(s):
TAESOO KIM
MIT
Talk/Information:
PREVENTING SIDE CHANNEL ATTACKS EXPLOITING MEMORY LATENCY FOR CLOUD COMPUTING

Taesoo will talk about his work on preventing side channel attacks exploiting memory latency in cloud computing environments such as Amazon EC2 and Microsoft Azure. He will present his new protection mechanism (against RSA/AES cache attacks) that he developed together with Marcus Peinado from Microsoft Research.  
OCT
15
2010
Speaker(s):
DR. MICHAEL CLARKSON
Cornell University
Talk/Information:
QUANTIFICATION OF INTEGRITY

  Read abstract and more information
SEP
30
2010
Speaker(s):
NADIA HENINGER
Princeton University
Talk/Information:
COLD BOOT ATTACKS

Nadia Heninger from Princeton University will present her work on "Lest We Remember: Cold Boot Attacks on Encryption Keys" (Usenix Security, 2008, Best Student Paper Award) and "Reconstructing RSA Private Keys from Random Key Bits" (Crypto 2009).  
SEP
20
2010
Speaker(s):
DAVID SCHULTZ
MIT
Talk/Information:
CLOUD SECURITY

We will discuss the paper  Depot: Cloud Storage with Minimal Trust, which will be presented at the upcoming OSDI, Oct 4-6, 2010.  
AUG
02
2010
Speaker(s):
ETHAN HEILMAN
MIT
Talk/Information:
SIDE-CHANNEL LEAKS IN WEB APPLICATIONS

We will discuss the paper Side-Channel Leaks in Web Applications: a Reality Today, a Challenge
Tomorrow
, from Oakland 2010.
 
JUL
26
2010
Speaker(s):
TAESOO KIM
MIT
Talk/Information:
MAKING LINUX PROTECTION MECHANISMS EGALITARIAN WITH USERFS

Taesoo will be giving us a practice talk of his paper "Making Linux Protection Mechanisms Egalitarian with UserFS". The paper will be presented at USENIX Security 2010 (August 11).  
JUL
19
2010
Speaker(s):
PABLO AZAR
MIT
Talk/Information:
PRIVACY

We will discuss the paper Practical Privacy: The SuLQ framework by Avrim Blum, Cynthia Dwork, Frank McSherry and Kobbi Nissim; this paper appeared in SIGMOD/PODS 2005.    
JUL
12
2010
Speaker(s):
VICTOR COSTAN
MIT
Talk/Information:
TRUSTVISOR: EFFICIENT TCB REDUCTION AND ATTESTATION

TrustVisor is a paper from Oakland 2010 (IEEE Symposium on Security and Privacy). Also, here is a list of all the papers from Oakland and Usenix Security 2010 to consider for discussion at the reading group this summer.  
MAY
24
2010
Speaker(s):
VICTOR COSTAN
MIT
Talk/Information:
TRUSTED HARDWARE

Victor will talk about TPMs (Trusted Platform Modules). These are trusted hardware devices that are gaining popularity with cloud security: under the assumption that the TPM is not attacked physically, some recent papers have shown how to provide confidential execution of programs on the cloud as well as how to check that the right software ran on the cloud.  
MAY
17
2010
Speaker(s):
PROF. NICKOLAI ZELDOVICH
MIT
Talk/Information:
MAY
10
2010
Speaker(s):
CHRIS LESNIEWSKI-LAAS
MIT
Talk/Information:
SECURE DHTS

Chris will give a talk on his recent NSDI paper that tries to solve the hard problem of faking identities in a DHT: Whānau: A Sybil-proof Distributed Hash Table. FYI, the abstract and paper can be found here.  
MAY
03
2010
Speaker(s):
DR. TAL MORAN
Harvard University
Talk/Information:
IDENTITY-BASED ENCRYPTION (IBE) INSTEAD OF PKI?

Can IBE obviate the need for PK infrastructure or facilitate key revocation? What is the tradeoff? These questions came up when discussing ICING last week.  Tal will give a short survey of IBE, concentrating on limitations for practical uses. The following papers are relevant (the introductions suffice to give you a good overview). A classical paper:  Identity based encryption from the Weil paring (Dan Boneh and Matt Franklin)  and a fairly recent survey: A tapestry of identity-based encryption: practical frameworks compared (Xavier Boyen).  
APR
26
2010
Speaker(s):
PROF. SHARON GOLDBERG
Boston University
Talk/Information:
SECURING A FUTURE INTERNET

We will discuss ICING: Defining and enforcing transit policies in a future Internet. FYI, here is ICING's website.  
APR
19
2010
Speaker(s):

Talk/Information:
PATRIOTS' DAY

No meeting.  
APR
12
2010
Speaker(s):
EMILY SHEN, DAVID WILSON, MARTEN VAN DIJK, RALUCA ADA POPA
MIT
Talk/Information:
TUTORIAL OF RECENT CRYPTO ADVANCES FOR SYSTEMS PEOPLE

Some of us will give an overview of a variety of cryptographic tools/concepts that are efficient and of practical use to systems. There is no reading. We will cover the following topics at a high level: efficient homomorphic encryption schemes, proofs of retrievability/possession, attribute-based encryption, hidden vector encryption, predicate encryption, identity-based encryption, zero knowledge, proofs of knowledge, short signatures, broadcast encryption, and private information retrieval. Slides from the presentation are here [ppt] [pdf].  
APR
05
2010
Speaker(s):
DR. CRAIG GENTRY
IBM T. J. Watson
Talk/Information:
SECURE DELEGATION OF COMPUTATION

We will discuss Craig's cryptographic breakthrough and its implications to cloud security as well as the general problem of securely delegating computation to the cloud. Paper and details are here.  
MAR
29
2010
Speaker(s):
TAESOO KIM
MIT
Talk/Information:
PROGRAM BINARY OBFUSCATION

The importance of program obfuscation goes without saying. We will discuss Binary obfuscation using signals. Taesoo will present an overview of the paper and then some of his research ideas to improve binary obfuscation. However, cryptographic results show that it is impossible to obfuscate programs. Is there a way to come close to this goal by making the adversary's job harder? This is an example where crypto knowledge and systems mechanisms work together.  
MAR
22
2010
Speaker(s):

Talk/Information:
SPRING BREAK

No meeting.  
MAR
15
2010
Speaker(s):
EUGENE WU
MIT
Talk/Information:
DISCUSSION OF THE PAPER VANISH: ENHANCING THE PRIVACY OF THE WEB WITH SELF-DESTRUCTING DATA

Vanish aims to ensure destruction of private data after some timeout. Is it possible to provide data destruction/deletion guarantees? (Some researchers from Princeton/UTexas/Michigan apparently found a vulnerability in Vanish and called their attack unVanish. Vanish's authors wrote a reply paper attempting to fix various DHT vulnerabilities including those exploited by unVanish.)  
MAR
08
2010
Speaker(s):
RALUCA ADA POPA
MIT
Talk/Information:
FIRST MEETING

Around the table introduction and discussion of the paper Spamalytics: An Empirical Analysis of Spam Marketing Conversion  




Site designed by Lisa Feng