Back to Events

Seminar Series

May 10

Opaque: An Oblivious and Encrypted Distributed Analytics Platform

Raluca Ada Popa
Berkeley

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-05-10 16:00:00 2017-05-10 17:00:00 America/New_York Opaque: An Oblivious and Encrypted Distributed Analytics Platform Abstract Many systems run rich data analytics on sensitive data in the cloud, but are prone to data breaches. A recent hardware enclave architecture promises data confidentiality and isolated execution of arbitrary computations, yet still suffers from leakage due to memory and network accesses patterns. In this talk, I will describe Opaque, a distributed data analytics platform supporting a wide range of queries while protecting the data. Even a compromised operating system sees only encrypted data. Opaque also protects against leakage from memory and network accesses outside of the enclave (a property called obliviousness). To accomplish this goal, Opaque introduces new distributed oblivious relational operators, as well as new query planning techniques to optimize these new operators. Opaque is implemented on Spark SQL with few changes to the underlying system. Opaque provides data encryption, authentication, and computation verification with a performance ranging from 52% faster to 3.3x slower than vanilla Spark SQL; obliviousness comes with a 1.6–46x overhead. At the same time, Opaque provides an improvement of three orders of magnitude over state-of-the-art oblivious protocols. Joint work with W. Zheng, A. Dave, J. G. Beekman, J. E. Gonzalez, and I. Stoica.Bio Raluca Ada Popa is an assistant professor of computer science at UC Berkeley working in computer security, systems, and applied cryptography. She is a co-director of the RISELab at UC Berkeley, as well as a co-founder and CTO of a cybersecurity startup called PreVeil. Raluca has received her PhD in computer science as well as her Masters and two BS degrees, in computer science and in mathematics, from MIT. She is the recipient of an Intel Early Career Faculty Honor award and a George M. Sprowls Award for best MIT CS doctoral thesis. 32-G882

May 03

Iron: Functional Encryption using Intel SGX

Dhinakaran Vinayagamurthy
University of Waterloo

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-05-03 16:00:00 2017-05-03 17:00:00 America/New_York Iron: Functional Encryption using Intel SGX "Iron: Functional Encryption using Intel SGX" Ben A Fisch , Dhinakaran Vinayagamurthy , Dan Boneh , and Sergey GorbunovFunctional encryption (FE) is an extremely powerful cryptographic mechanism that lets an authorized entity compute on encrypted data, and learn the results in the clear. However, all current cryptographic instantiations for general FE are too impractical to be implemented. We build Iron, a practical and usable FE system using Intel’s recent Software Guard Extensions (SGX). We show that Iron can be applied to complex functionalities, and even for simple functions, outperforms the best known cryptographic schemes. We argue security by modeling FE in the context of hardware elements, and prove that Iron satisfies the security model.Dhinakaran Vinayagamurthy is a PhD student in computer science at University of Waterloo, advised by Sergey Gorbunov and David Jao. His current interests are in designing systems with provable security guarantees to perform computations over encrypted data. Dhinakaran is a recipient of David R. Cheriton Graduate Scholarship, and holds an MSc from University of Toronto and a BE from College of Engineering, Guindy. 32-G882

April 26

Cryptographically Protected Database Search

Benjamin Fuller
University of Connecticut

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-04-26 16:00:00 2017-04-26 17:00:00 America/New_York Cryptographically Protected Database Search Title: Cryptographically Protected Database SearchAbstract: Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly; systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. In this talk, we survey the range of tradeoffs between security and privacy. In particular, we 1) identify of the important primitive operations across database paradigms,2) evaluate of the current state of protected search systems in implementing these base operations, and 3) analyze of attacks against protected search for different base queries. Bio: Benjamin Fuller is an Assistant Professor of Computer Science and Engineering at the University of Connecticut. His research focuses on driving cryptography to use in practice. His primary interests are authentication and searchable encryption. He has worked on a variety of problems from testing broadcast encryption while flying to scanning his iris for cryptographic key derivation. Prior to joining UConn, Ben was a research scientist at MIT Lincoln Laboratory from 2007-2016 working on searchable encryption. He received his PhD and MA from Boston University in 2015 and 2011 respectively. 32-G882

March 22

Prio: Private, Robust, and Scalable Computation of Aggregate Statistics

Henry Corrigan-Gibbs
Dept. of Computer Science, Stanford University

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-03-22 16:00:00 2017-03-22 17:00:00 America/New_York Prio: Private, Robust, and Scalable Computation of Aggregate Statistics TITLE"Prio: Private, Robust, and Scalable Computation of Aggregate Statistics"ABSTRACTThis talk will present Prio, a privacy-preserving system for the collection of aggregate statistics. Each Prio client holds a private data value (e.g., its current location), and a small set of servers compute statistical functions over the values of all clients (e.g., the most popular location). As long as at least one server is honest, the Prio servers learn nearly nothing about the clients' private data, except what they can infer from the aggregate statistics that the system computes. To protect functionality in the face of faulty or malicious clients, Prio uses secret-shared non-interactive proofs (SNIPs), a new cryptographic technique that yields a hundred-fold performance improvement over conventional zero-knowledge approaches. Prio extends classic private aggregation techniques to enable the collection of large class of useful statistics. For example, Prio can perform a least-squares regression on high-dimensional client-provided data without ever seeing the data in the clear.This is joint work with Dan Boneh. Our paper on Prio is to appear at NSDI 2017.BIOHenry Corrigan-Gibbs is a fourth-year PhD student in computer science at Stanford, advised by Dan Boneh. His work uses cryptographic techniques to bring rigorous privacy properties to large-scale computer systems. For these research efforts, Henry and his co-authors have received the 2015 IEEE Security and Privacy Distinguished Paper Award and the 2016 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies. He is the recipient of an NSF Graduate Research Fellowship and an NDSEG Fellowship. 32-G882

March 15

Dandelion: Redesigning the Bitcoin Network for Anonymity

Shaileshh Bojja Venkatakrishnan
Department of Electrical and Computer Engineering, University of Illinois Urbana-Champaign

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-03-15 16:00:00 2017-03-15 17:00:00 America/New_York Dandelion: Redesigning the Bitcoin Network for Anonymity Speaker: Shaileshh Bojja VenkatakrishnanPh.D. StudentDepartment of Electrical and Computer EngineeringUniversity of Illinois Urbana-ChampaignTitle: Dandelion: Redesigning the Bitcoin Network for AnonymityAbstract: Bitcoin and other cryptocurrencies have surged in popularity over the last decade. Although Bitcoin does not claim to provide anonymity for its users, it enjoys a public perception of being a ‘privacy-preserving’ financial system. In reality, cryptocurrencies publish users’ entire transaction histories in plaintext, albeit under a pseudonym; this is required for transaction validation. Therefore, if a user’s pseudonym can be linked to their human identity, the privacy fallout can be significant. Recently, researchers have demonstrated deanonymization attacks that exploit weaknesses in the Bitcoin network’s peer-to-peer (P2P) networking protocols. In particular, the P2P network currently forwards content in a structured way that allows observers to deanonymize users. In this work, we redesign the P2P network from first principles with the goal of providing strong, provable anonymity guarantees. We propose a simple networking policy called Dandelion, which achieves nearly-optimal anonymity guarantees at minimal cost to the network’s utility. We also provide a practical implementation of Dandelion for deployment. Biography:Shaileshh Bojja Venkatakrishnan is a Ph.D. student in ECE under the supervision of Prof. Pramod Viswanath at the University of Illinois Urbana-Champaign. He received the B.Tech. degree from the Indian Institute of Technology Madras in 2012 and the M.S. degree from UIUC in 2014. His research interests lie primarily in the broad area of distributed algorithms for networks. Specific topics he has worked on include scheduling algorithms for data center networks, peer-to-peer networks and anonymity in cryptocurrency networks. He is also interested in information theory and wireless communication. During the summer of 2016 he interned at Google, where he worked on congestion control for Google’s data centers. He is also a recipient of the Joan and Lalit Bahl fellowship at UIUC. 32-G882

February 22

Sophos - Forward Secure Searchable Encryption

Raphael Bost

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-02-22 16:00:00 2017-02-22 17:00:00 America/New_York Sophos - Forward Secure Searchable Encryption Abstract Searchable Symmetric Encryption (SSE) aims at making possible searching over an encrypted database stored on an untrusted server while keeping privacy of both the queries and the data, by allowing some small controlled leakage to the server. Recent work shows that dynamic schemes – in which the data is efficiently updatable – leaking some information on updated keywords are subject to devastating adaptative attacks breaking the privacy of the queries. The only way to thwart this attack is to design forward private schemes whose update procedure does not leak if a newly inserted element matches previous search queries. This work proposes Sophos as a forward private SSE scheme with performance similar to existing but less secure schemes, and that is conceptually simpler (and also more efficient) than previous forward private constructions. In particular, it only relies on trapdoor permutations and does not use an ORAM-like construction. I will also explain why Sophos is an optimal point of the security/performance tradeoff for SSE. Finally, I will try to give insights into important and interesting problems about SSE.Bio Raphael Bost is an engineer in the 'Cryptographic Algorithms' lab at the Direction Générale pour l'Armement (the French defense procurement agency), and a PhD student at Université de Rennes 1 (France).His research interests cover applied and 'real world' cryptography, in particular secure outsourced storage and searchable encryption, and more generally computer security. Raphael graduated from Ecole Polytechnique (France) and received his M.Sc. from Brown University. He also visited the MIT in 2013. 32-G882

February 15

Detecting Malware Callouts in Realtime Network Traffic

Domenic Puzio
CapitalOne

Part Of

4:00P
- 5:00P

Location

32-G882
Add to Calendar 2017-02-15 16:00:00 2017-02-15 17:00:00 America/New_York Detecting Malware Callouts in Realtime Network Traffic Abstract Domain generation algorithm (DGA) malware makes callouts to unique web addresses to avoid detection by static rules engines. To counter this type of malware, we created an ensemble model that analyzes domains and evaluates if they were generated by a machine and thus potentially malicious. The model works entirely on the URL being accessed, thereby eliminating the need for DNS data, which can be difficult to access in large organizations. The ensemble consists of a transliteration pipeline to handle non-English language domains, a highly advanced NLP-based linguistic entropy algorithm, and a collocation and linear word embeddings algorithm to identify dictionary DGAs. We are also researching sequence-based machine learning analysis to detect dictionary DGAs. Our system analyzes enterprise-scale network traffic in real time, renders predictions, and raises alerts for cyber security analysts to evaluate. This talk will discuss the machine learning algorithms that were used to build the model, the features that we found to be informative, and the tools used in model testing and creation. We will then present the tools leveraged in building our model-as-a-service architecture for low-latency stream processing of high velocity and high volume traffic.Bio Domenic Puzio is a Data Engineer with Capital One. He graduated from the University of Virginia with degrees in Mathematics and Computer Science. On his current project - code-named Purple Rain - he is a core developer of a custom platform for ingesting, processing, and analyzing Capital One's cyber-security data sources. Built entirely from open-source tools (NiFi, Kafka, Storm, Elasticsearch, Kibana), this framework processes hundreds of millions of events per hour. Currently, his focus is on the creation and productionization of machine learning models that provide enrichment to the data being streamed through the system. He is a contributor to two Apache projects, and his research interests include natural language processing and deep learning. 32-G882