Security and Cryptography

Welcome to the web page for security and cryptography research in the Department of Computer Science and Engineering at the University of California at San Diego. Our group conducts research in areas spanning from theory to practice: we work on the theoretical foundations of cryptography; the development and analysis of cryptographic protocols and algorithms; and on applied cryptography, systems security, and network security. In line with our broad security-related research interests, we are affiliated and actively collaborate with the Theory Group, Programming Systems and the Systems and Networking Group here at UCSD.

People  |   News  |   Publications  |   Sponsors
Mihir Bellare
Earlence Fernandes
Nadia Heninger
Russell Impagliazzo
Daniele Micciancio
Imani Munyaka
Stefan Savage
Aaron Schulman
Alex C. Snoeren
Deian Stefan
Geoffrey M. Voelker
Affiliated Faculty
kc claffy
Kamalika Chaudhuri
Ranjit Jhala
Ryan Kastner
Sorin Lerner
Nadia Polikarpova
Steven Swanson
Dean Tullsen
Yiying Zhang
Yuanyuan Zhou
Adjunct Faculty
Kirill Levchenko Hovav Shacham
Scientists, Postdocs and Research Staff
Daniel Moghimi Cindy Moore
PhD Students
Gautam Akiwate
Vivek Arte
Nishant Bhaskar
Alex Bellon
Sam Crow
Wei Dai
Hannah Davis
Craig Disselkoen
Alex Gamero-Garrido
Marcella Hastings
Evan Johnson
Baiyu Li
Enze Alex Liu
Ariana Mirian
Shravan Narayan
Ruth Ng
Audrey Randall
John Renner
Keegan Ryan
Mark Schultz
Laura Shea
Bingyu Shen
Mingyao Shen
Michael Smith
Jessica Sorrell
Igors Stepanovs
Adam Suhl
George Sullivan
David Thien
Alisha Ukani
Psi Vesely
Yudong Wu
Chengcheng Xiang
Recent Alumni

Sunjay Cauligi (Ph.D. 2021)
MPI Security and Privacy (postdoc)
Klaus von Gleissenthall (postdoc 2016-2020) VU Amsterdam (assistant professor)
Guo "Vector" Li (Ph.D. 2020) Google
Felix Guenther (postdoc 2018-2019) ETH Zurich (postdoc)
Joseph Jaeger (Ph.D. 2019) University of Washington (postdoc)
Nicholas Genise (Ph.D. 2019) Rutgers University (postdoc)SRI
Zhaomo Yang (Ph.D. 2019) Google
Louis DeKoven (Ph.D. 2019) Facebook
Brown Farinholt (Ph.D. 2019) Facebook

Maxwell Bland (M.S. 2019) University of Illinois Ph.D. program
Gary Soeller Mason America
Brian Johannesmeyer Vrije Universiteit Ph.D. program
Joe DeBlasio (Ph.D. 2018) Google
Michael Walter (Ph.D. 2018) IST Vienna, Austria (postdoc)
Brian Kantor (retired 2018) ARDC
Liz Izhikevich (M.S. 2018) Stanford Ph.D. program
Evan Ronceivch (M.S. 2018) Sandia National Labs
Tianyin Xu (Ph.D. 2017) Facebook (Visiting Scientist)University of Illinois Urbana Champaign
Danny Huang (Ph.D. 2017) → Princeton (postdoc)NYU Poly
Xinxin Jin (Ph.D. 2017) Whova

[All Alumni]
Recent News

August 10— Congrats to Nadia Heninger for winning the USENIX Security Test-of-Time Award for her 2012 paper: Mining Your P's and Q's: Detection of Widespread Weak Keys in Network Devices, which also won the best paper award the year it was published! Clearly there was something special in the San Diego water a decade ago, as this is the third "test of time" award for members of the security group this year, and the sixth in the last four years.

Earlence Fernandes July 12— Welcome to Earlence Fernandes who is joining us at UCSD! Earlence got his Ph.D. at UMich and has spent the last few years as an Assisstant Professor at the University of Wisconsin. We are looking forward to working with him!

July 8— Congrats to Sam Crow who successfully defended his thesis today, "Security Testing Tools for Complex Cyber-Physical Systems". No doubt the only Ph.D. we've seen that involved significant chunks of a 737 in their home. Congrats! Sam Crow

Gautam Akiwate June 1— Congrats to Gautam Akiwate who successfully defended his thesis today, "Identifying DNS Infrastructure Hijacks using Large Scale Measurements". Gautam will be starting a Postdoc with Zakir Durumeric at Stanford. Gautam has been a force for good in the department for longer than he will admit -- supporting Chez Bob, the holiday parties, sysnet outings, etc -- and we will all miss him.

May 23— Eleven years ago, UCSD alumns Kirill Levchenko, Andreas Pitsillidis, Neha Chachra, Brandon Enright, Tristan Halvorson, Chris Kanich, He Liu, and Damon McCoy, along with UCSD faculty Geoff Voelker, Stefan Savage and their colleagues from Berkeley and Budapest, Mark Felegyhazi, Chris Grier, Christian Kreibich, Nicholas Weaver and Vern Paxson, published a comprehensive analysis of the spam criminal value chain. Today that paper, Click Trajectories: End-to-End Analysis of the Spam Value Chain and its impact was celebrated with the Test-of-Time award, presented at the 2022 IEEE Security and Privacy conference. Congrats all!

March 18— Congrats to Mihir Bellare for again receiving the IACR Test of Time award (he also won it last year), this time for his Crypto 2007 paper "Deterministic and Efficiently Searchable Encryption", published jointly with then UCSD Ph.D. student Alexandra Bodyreva (now faculty at GA Tech) and then UCSD undergrad Adam O'Neil (now faculty at UMass Amherst).
[All News]
Recent Publications

Access Denied: Assessing Physical Risks to Internet Access Networks, Alexander Marder, Zesen Zhang, Ricky Mok, Ramakrishna Padmanabhan, Bradley Huffaker, Matthew Luckie, Alberto Dainotti, kc claffy, Alex C. Snoeren, and Aaron Schulman, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices, Hadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, and Aaron Schulman, Proceedings of the IEEE Symposium on Security and Privacy, May 2022.

Risky BIZness: Risks Derived from Registrar Name Management, Gautam Akiwate, Stefan Savage, Geoffrey M. Voelker, and kc Claffy, Proceedings of the ACM Internet Measurement Conference (IMC), Virtual, November 2021.

Who’s Got Your Mail? Characterizing Mail Service Provider Usage, Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the ACM Internet Measurement Conference (IMC), Virtual, November 2021.

Home is Where the Hijacking is: Understanding DNS Interception by Residential Routers, Audrey Randall, Enze Liu, Ramakrishna Padmanabhan, Gautam Akiwate, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman, Proceedings of the ACM Internet Measurement Conference (IMC), Virtual, November 2021.

SugarCoat: Programmatically generating privacy-Preserving, Web-compatible resource replacements for content blocking, Michael Smith, Peter Snyder, Ben Livshits, and Deian Stefan, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Seoul, Korea, November 2021.

On Bounded Distance Decoding with Predicate: Breaking the "Lattice Barrier" for the Hidden Number Problem, Martin R Albrecht and Nadia Heninger, Proceedings of Eurocrypt 2021, Zagreb, Croatia, October 2021.

On the Security of Homomorphic Encryption on Approximate Numbers, Baiyu Li and Daniele Micciancio, Proceedings of Eurocrypt 2021, Zagreb, Croatia, October 2021.

Hopper: Modeling and Detecting Lateral Movement, Grant Ho, Mayank Dhiman, Devdatta Akhawe, Vern Paxson, Stefan Savage, Geoffrey M. Voelker, and David Wagner, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

Driving 2FA Adoption at Scale: Optimizing Two-Factor Authentication Notification Design Patterns, Maximillian Golla, Grant Ho, Marika Lohmus, Monica Pulluri, and Elissa M. Redmiles, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

Swivel: Hardening WebAssembly against Spectre, Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, and Deian Stefan, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

Jetset: Targeted Firmware Rehosting for Embedded Systems, Evan Johnson, Maxwell Bland, Yifei Zhu, Joshua Mason, Stephen Checkoway, Stefan Savage, and Kirill Levchenko, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

Can Systems Explain Permissions Better? Understanding Users' Misperceptions under Smartphone Runtime Permission Model, Bingyu Shen, Lili Wei, Chengcheng Xiang, Yudong Wu, Mingyao Shen, Yuanyuan Zhou, and Xinxin Jin, Proceedings of the USENIX Security Symposium, Vancouver, B.C., Canada, August 2021.

[All Publications]
Center for Networked Systems (CNS)         Cooperative Association for Internet Data Analysis (CAIDA)       San Diego Super Computer Center (SDSC)        California Institute for Telecommunications and Information Technology (Cal-IT2) CalIT(2)