UCSD CSE -- Security and Cryptography

Welcome to the web page for security and cryptography research in the Department of Computer Science and Engineering at the University of California at San Diego. Our group conducts research in areas spanning from theory to practice: we work on the theoretical foundations of cryptography; the development and analysis of cryptographic protocols and algorithms; and on applied cryptography, systems security, and network security. In line with our broad security-related research interests, we are affiliated and actively collaborate with the Theory Group, Programming Systems and the Systems and Networking Group here at UCSD.

Faculty

Mihir Bellare
Earlence Fernandes
Alex Gantman
Nadia Heninger
Deepak Kumar

Qipeng Liu
Daniele Micciancio
Imani Munyaka
Stefan Savage
Aaron Schulman

Hovav Shacham
Alex C. Snoeren
Deian Stefan
Geoffrey M. Voelker

Affiliated Faculty

kc claffy
Kamalika Chaudhuri
Christian Dameff
Ranjit Jhala

Ryan Kastner
Sorin Lerner
Nadia Polikarpova
Steven Swanson

Dean Tullsen
Yiying Zhang
Yuanyuan Zhou

Scientists, Postdocs and Research Staff

Cindy Moore

PhD Students

MS Students

Alexis Morales Flores

Recent Alumni

Keegan Ryan (Ph.D. 2025)
Evan Johnson (Ph.D. 2025) → NYU
Mark Schultz (Ph.D. 2024) → Fabric Cryptography
Nishant Bhaskar (Ph.D. 2023) → MQ Prime
Hannah Davis (Ph.D. 2023) → Seagate
Ariana Mirian (Ph.D. 2023) → Censys
Audrey Randall (Ph.D. 2023) → Google
Daniel Moghimi (postdoc 2020-2022) → Google
Shravan Narayan (Ph.D. 2022) → UT Austin
Sam Crow (Ph.D. 2022) → Meta
Bingyu Shen (Ph.D. 2022) → Meta
John Renner (Ph.D. 2022) → Cubist
Gautam Akiwate (Ph.D. 2022) → Stanford postdoc
Jessica Sorrell (Ph.D. 2022) → UPenn (postdoc) → JHU
Craig Disselkoen (Ph.D. 2022) → Amazon

Leo Cao (M.S. 2024) → University of Wisconsin Ph.D. program

Annie Dai (B.S. 2023) → University of Maryland Ph.D. program
Kaiwen He (B.S. 2023) → MIT Ph.D. program
Isabel Suizo (B.S. 2022) → Google → CMU Ph.D. program

Doreen Riepel (postdoc 2023-2024) → CISPA
Grant Ho (postdoc 2021-2023) → University of Chicago
Gabrielle De Micheli (postdoc 2021-2023) <\span> → LG
Alex Marder (postdoc 2019-2020, Res. Scientist 2020-2023) → Johns Hopkins University

[All Alumni]

Recent News

August 13— CSE alumni Stephen Checkoway, Damon McCoy, Danny Anderson, along with Brian Kantor, Hovav Shacham, and Stefan Savage at UCSD together with Yoshi Kohno, Karl Koscher, Alexei Czeskis and Franziska Roesner at UW received the 2025 USENIX Security Test of Time award today for their 2011 paper Comprehensive Experimental Analyses of Automotive Attack Surfaces. This paper, along with its predecessor (which also received the Test-of-time award at IEEE in 2020), is credited with helping to establish the field of modern automotive security. This body of work also received the AAAS Golden Goose Award in 2021. Congratulations to everyone on such an outstanding accomplishment!

August 11— Congratulations to Enze "Alex" Liu who defended his dissertation today, entitled "Security Vulnerabilities in Service Composition"! Alex has been a cornerstone of the sysnetsec groups, promoting community within the department, supporting and guiding many other students, and blazing trails with his research. Dr. Liu soon transitions to CMU as a postdoc. Congrats, Alex!

June 09— Congrats to Keegan Ryan, award-winning storyteller, for defending his dissertation, "Practical Lattice-based Algorithms for Cryptanalysis"!

June 04— Congrats to Evan Johnson for defending his dissertation, "Verifiably Secure Software Sandboxing"! Evan came to us from Illinois, refined his inner chill over six years here in SoCal, and is now off to try the other coast as an Asst Professor at NYU. Congrats and good luck Evan!

March 17— Welcome home to Hovav Shacham who, after seven years in the Lone Star state, has returned to become part of the UCSD constallation again. Hovav rejoins us officially in July and we're all super happy to have him back!

November 4— CSE alumni Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirilll Levchenko and Damon McCoy, along with Geoff Voelker and Stefan Savage received the ACM IMC Test of Time award today for their 2013 paper A Fistful of Bitcoins: Characterizing Payments Among Men with No Names which is credited with helping to establish the technique of cryptocurrency tracing (the core part of this story is told in Andy Greenberg's book, "Tracers in the Dark", as well as a summary article he wrote in Wired this year). Congrats to Sarah and all her collaborators!

October 17— Another press burst for Earlence Fernandes and collaborators, this time for work showing how malicious prompts can be used to exfiltrate user information. Read the Wired story or visit the paper website to learn more.

October 9— Congratulations to Keegan Ryan, George Sullivan, Nadia Heninger, and Kaiwen He for winning the 2024 CSAW Applied Research Award for "Most Notable Paper: Technical Impact" for their CCS 2023 paper, Passive SSH Key Compromise via Lattices.

[All News]

Recent Publications

✓Tock: Verified Isolation in a Production Embedded OS, Vivien Rindisbacher, Evan Johnson, Nico Lehmann, Tyler Potyondy, Pat Pannuto, Stefan Savage, Deian Stefan, and Ranjit Jhala, Proceedings of the 31st ACM Symposium on Operating Systems Principles (SOSP), Seoul, Republic of Korea, October 2025.

Under Embargo Until Oct 14, 2025, Wenyi Zhang, Annie Dai, Keegan Ryan, Dave Levin, Nadia Heninger, and Aaron Schulman, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Taipei, Taiwan, October 2025.

Local Frames: Exploiting Inherited Origins to Bypass Content Blockers, Alisha Ukani, Hamed Haddadi, Alex C. Snoeren, and Peter Snyder, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Taipei, Taiwan, October 2025.

Somesite I Used To Crawl: Awareness, Agency and Efficacy in Protecting Content Creators From AI Crawlers, Enze Liu, Elisa Luo, Shawn Shan, Geoffrey M. Voelker, Ben Y. Zhao, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference (IMC), Madison, Wisconsin, October 2025.

No Key, No Problem: Vulnerabilities in Master Lock Smart Locks, Chengsong Diao, Danielle Dang, Sierra Lira, Angela Tsai, Miro Haller, and Nadia Heninger, Proceedings of the USENIX WOOT Conference on Offensive Technologies (WOOT), Seattle, WA, August 2025.

Characterizing the MrDeepFakes Sexual Deepfake Marketplace, Catherine Han, Anne Li, Deepak Kumar, and Zakir Durumeric, Proceedings of the USENIX Security Symposium, Seattle, WA, August 2025.

Patient Care Technology Disruptions Associated With the CrowdStrike Outage, Jeffrey L. Tully, Sumanth Rao, Isabel Straw, Rodney A. Gabriel, Chris Longhurst, Stefan Savage, Geoffrey M. Voelker, and Christian J. Dameff, JAMA Network Open 8(7):e2530226-e2530226, July 2025.

From Scarcity to Opportunity: Examining Abuse of the IPv4 Leasing Market, Bernhard Degen, Ben Du, Ricky K. P. Mok, Raffaele Sommese, Mattijs Jonker, Roland van Rijswijk-Deij, and kc claffy., Proceedings of the 6th Network Traffic Measurement and Analysis Conference (TMA), June 2025.

Understanding the Efficacy of Phishing Training in Practice, Grant Ho, Ariana Mirian, Elisa Luo, Khang Tong, Euyhyun Lee, Lin Liu, Christopher A. Longhurst, Christian Dameff, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the IEEE Symposium on Security and Privacy, May 2025.

Intermundium-DL: Assessing the Resilience of Current Schemes to Discrete-Log-Computation Attacks on Public Parameters, Mihir Bellare, Doreen Riepel, and Laura Shea, Proceedings of PKC 2025, May 2025.

Public-Algorithm Substitution Attacks: Subverting Hashing and Verification, Mihir Bellare, Doreen Riepel, and Laura Shea, Proceedings of PKC 2025, May 2025.

An Empirical Analysis on the Use and Reporting of National Security Letters, Alex Bellon, Miro Haller, Andrey Labunets, Enze Liu, and Stefan Savage, Proceedings of ACM Sympoisum on Computer Science and Law (CSLAW), Munich, Germany, March 2025.

Characterizing the Networks Sending Enterprise Phishing Emails, Elisa Luo, Liane Young, Grant Ho, M. H. Afifi, Marco Schweighauser, Ethan Katz-Bassett, and Asaf Cidon, Proceedings of the Passive and Active Measurement Conference (PAM), Virtual, March 2025.

On the Semidirect Discrete Logarithm Problem in Finite Groups, Christopher Battarbee, Giacomo Borin, Ryann Cartor, Nadia Heninger, David Jao, Laura Maddison, Edoardo Persichetti, Angela Robinson, Daniel Smith-Tone, and Rainer Steinwandt, Proceedings of Asiacrypt 2024, Kolkata, India, December 2024.

The Concrete Security of Two-Party Computation: Simple Definitions, and Tight Proofs for PSI and OPRFs, Mihir Bellare, Rishabh Ranjan, Doreen Riepel, and Ali Aldakheel, Proceedings of Asiacrypt 2024, Kolkata, India, December 2024.

Count Corruptions, Not Users: Improved Tightness for Signatures, Encryption and Authenticated Key Exchange, Mihir Bellare, Doreen Riepel, Stefano Tessaro, and Yizhao Zhang, Proceedings of Asiacrypt 2024, Kolkata, India, December 2024.

Symmetric and Dual PRFs from Standard Assumptions: A Generic Validation of a Prevailing Assumption, Mihir Bellare and Anna Lysyanskaya, IACR Journal of Cryptology 37(4), December 2024.

Give and Take: An End-To-End Investigation of Giveaway Scam Conversion Rates, Enze Liu, George Kappos, Eric Mugnier, Luca Invernizzi, Stefan Savage, David Tao, Kurt Thomas, Geoffrey M. Voelker, and Sarah Meiklejohn, Proceedings of the ACM Internet Measurement Conference (IMC), Madrid, Spain, November 2024.

Sublet Your Subnet: Inferring IP Leasing in the Wild, Ben Du, Romain Fontugne, Cecilia Testart, Alex C. Snoeren, and kc Claffy, Proceedings of the ACM Internet Measurement Conference (IMC), Madrid, Spain, November 2024.

PressProtect: Helping Journalists Navigate Social Media in the Face of Online Harassment, Catherine Han, Anne Li, Deepak Kumar, and Zakir Durumeric, Proceedings of the ACM Conference on Computer Supported Cooperative Work and Social Computing, October 2024.

[All Publications]