Security and Cryptography

Welcome to the web page for security and cryptography research in the Department of Computer Science and Engineering at the University of California at San Diego. Our group conducts research in areas spanning from theory to practice: we work on the theoretical foundations of cryptography; the development and analysis of cryptographic protocols and algorithms; and on applied cryptography, systems security, and network security. In line with our broad security-related research interests, we are affiliated and actively collaborate with the Theory Group, Programming Systems and the Systems and Networking Group here at UCSD.

People  |   News  |   Publications  |   Sponsors
Faculty
Mihir Bellare
Earlence Fernandes
Nadia Heninger
Russell Impagliazzo
Daniele Micciancio
Imani Munyaka
Stefan Savage
Aaron Schulman
Alex C. Snoeren
Deian Stefan
Geoffrey M. Voelker
Affiliated Faculty
kc claffy
Kamalika Chaudhuri
Christian Dameff
Ranjit Jhala
Ryan Kastner
Sorin Lerner
Nadia Polikarpova
Steven Swanson
Dean Tullsen
Yiying Zhang
Yuanyuan Zhou
Scientists, Postdocs and Research Staff
Daniel Moghimi Cindy Moore
PhD Students
Nishant Bhaskar
Alex Bellon
Hannah Davis
Evan Johnson
Enze Alex Liu
Elisa Luo
Luoxi Meng
Ariana Mirian
Nishit Pandya
Audrey Randall
Keegan Ryan
Mark Schultz
Laura Shea
Mingyao Shen
Michael Smith
Adam Suhl
George Sullivan
David Thien
Alisha Ukani
Psi Vesely
Recent Alumni

Shravan Narayan (Ph.D. 2022) UT Austin
Sam Crow (Ph.D. 2022)
Bingyu Shen (Ph.D. 2022) Meta
John Renner (Ph.D. 2022)
Gautam Akiwate (Ph.D. 2022) Stanford postdoc
Jessica Sorrell (Ph.D. 2022) UPenn postdoc
Craig Disselkoen (Ph.D. 2022) → Amazon
Alex Gamero-Garrido (Ph.D. 2021)NEU postdoc
Ruth Ng (Ph.D. 2021) DSO National Laboratories
Baiyu Li (Ph.D. 2021) Google
Chengcheng Xiang (Ph.D. 2021) Meta
Wei Dai (Ph.D. 2021) Bain Capital Crypto
Marcella Hastings (Ph.D. 2021, UPenn) Bolt Labs
Vivek Arte (M.S. 2021)QEDIT

[All Alumni]
Recent News

Audrey Randall December 1— Congratulations to Audrey Randall (and her co-authors) for winning the Best Student Paper award at the 2022 APWG eCrime Symposium for her work examining the issues around malware use of blockchain naming systems.

October 31— Congrats to Daniele Miccancio whose paper "Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions from Worst-Case Complexity Assumptions" has won the 2022 FOCS Test of Time Award!

September 14— Yet more celebration! Congrats to Deian Stefan for his 2012 paper "Addressing Covert Termination and Timing Channels in Concurrent Information Flow Systems", which has received the ICFP "Most Influential Paper" award (aka Test of Time award). Congrats Deian! ICFP Most Influential Paper Award

August 19— Today we celebrate Shravan Narayan's successful defense of his thesis, "Retrofitting Sandboxing in Real Systems", elements of which are now in wide-spread use. Shravan will soon be starting in his new role as a faculty member at UT Austin. Congrats Shravan!

August 10— Congrats to Nadia Heninger for winning the USENIX Security Test-of-Time Award for her 2012 paper: Mining Your P's and Q's: Detection of Widespread Weak Keys in Network Devices, which also won the best paper award the year it was published! Clearly there was something special in the San Diego water a decade ago, as this is the third "test of time" award for members of the security group this year, and the sixth in the last four years.

Earlence Fernandes July 12— Welcome to Earlence Fernandes who is joining us at UCSD! Earlence got his Ph.D. at UMich and has spent the last few years as an Assisstant Professor at the University of Wisconsin. We are looking forward to working with him!

July 8— Congrats to Sam Crow who successfully defended his thesis today, "Security Testing Tools for Complex Cyber-Physical Systems". No doubt the only Ph.D. we've seen that involved significant chunks of a 737 in their home. Congrats! Sam Crow
[All News]
Recent Publications

Understanding the viability of e-mail origin indicators for identifying the sender, Enze Liu, Lu Sun, Alex Bellon, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Imani N. S. Munyaka, Proceedings of the Sympsoium on Useable Privacy and Security, Anaheim, CA, August 2023.

Access Denied: Assessing Physical Risks to Internet Access Networks, Alexander Marder, Zesen Zhang, Ricky Mok, Ramakrishna Padmanabhan, Bradley Huffaker, Matthew Luckie, Alberto Dainotti, kc claffy, Alex C. Snoeren, and Aaron Schulman, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

Improving Logging to Reduce Permission Over-Granting Mistakes, Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

MultiView: Finding Blind Spotsin Access-Deny Issues, Bingyu Shen, Tianyi Shan, and Yuanyuan Zhou, Proceedings of the USENIX Security Symposium, Anaheim, CA, August 2023.

No Privacy Among Spies: Assessing the Functionality and Insecurity of Consumer Android Spyware Apps, Enze Liu, Sumanth Rao, Sam Havron, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Damon McCoy, Proceedings on Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, July 2023.

Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy, Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE European Symposium on Security and Privacy, Delft, The Netherlands, July 2023.

WaVe: a Verifiably Secure WebAssembly Sandboxing Runtime, Evan Johnson, Evan Laufer, Zijie Zhao, Shravan Narayan, Stefan Savage, Deian Stefan, and Fraser Brown, Proceedings of the IEEE Symposium on Security and Privacy, May 2023.

Half&Half: Demystifying Intel’s Directional Branch Predictors for Fast, Secure Partitioned Execution, Hosein Yavarzadeh, Mohammadkazem Taram, Shravan Narayan, Deian Stefan, and Dean Tullsen, Proceedings of the IEEE Symposium on Security and Privacy, May 2023.

Ransomware Attack Associated With Disruptions at Adjacent Emergency Departments in the US, Christian Dameff, Jeffrey Tully, Theodore C. Chan, Edward M. Castillo, Stefan Savage, Patricia Maysent, Thomas M. Hemmen, Brian J. Clay, and Christopher A. Longhurst, JAMA Network Open 6(5):e2312270-e2312270, 2023.

Going Beyond the Limits of SFI: Flexible Hardware-Assisted In-Process Isolation with HFI, Shravan Naryan, Tal Garfinkel, Mohammadkazem Taram, Joey Rudek, Daniel Moghimi, Evan Johnson, Chris Fallin, Anjo Vahldiek-Oberwagner, Michael LeMay, Ravi Sahita, Dean Tullsen, and Deian Stefan, Proceedings of the 28th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Vancouver, Canada, March 2023.

MSWasm: Soundly Enforcing Memory-Safe Execution of Unsafe Code, Alexandra E. Michael, Anitha Gollamudi, Jay Bosamiya, Evan Johnson, Aidan Denlinger, Craig Disselkoen, Conrad Watt, Bryan Parno, Marco Patrignani, Marco Vassena, and Deian Stefan, Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, Boston, MA, January 2023.

The Challenges of Blockchain-based Naming Systems for Malware Defenders, Audrey Randall, Wes Hardaker, Aaron Schulman, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), November 2022. (Best Student Paper).

Open to a fault: On the passive compromise of TLS keys via transient errors, George Arnold Sullivan, Jackson Sippe, Nadia Heninger, and Eric Wustrow, Proceedings of the USENIX Security Symposium, Boston, MA, August 2022.

Retroactive Identification of Targeted DNS Infrastructure Hijacking, Gautam Akiwate, Raffaele Sommese, Mattijs Jonker, Zakir Durumeric, kc Claffy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022.

Where .ru? Assessing the Impact of Conflict on Russian Domain Infrastructure, Mattijs Jonker, Gautam Akiwate, Antonia Affinito, kc Claffy, Alessio Botta, Geoffrey M. Voelker, Rolan van Rijswijk-Deij, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022.

Measuring UID Smuggling in the Wild, Audrey Randall, Peter Snyder, Alisha Ukani, Alex C. Snoeren, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022.

Stop, DROP, and ROA: Effectiveness of Defenses through the lens of DROP, Leo Oliver, Gautam Akiwate, Matthew Luckie, Ben Du, and kc Claffy, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022.

Mind Your MANRS: Measuring the MANRS Ecosystem, Ben Du, Cecilia Testart, Romain Fontugne, Gautam Akiwate, Alex C. Snoeren, and kc Claffy, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022.

EVAX: Towards a Practical, Pro-active & Adaptive Architecture for High Performance & Security, Samira Ajorpaz, Daniel Moghimi, Jamison Collins, Nael Abu-Ghazaleh, Gilles Pokam, and Dean Tullsen, Proceedings of the Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), Chicago, IL, October 2022.

Measuring Security Practices, Louis F. DeKoven, Audrey Randall, Ariana Mirian, Gautam Akiwate, Ansel Blume, Lawrence K. Saul, Aaron Schulman, Geoffrey M. Voelker, and Stefan Savage, Communications of the Association for Computing Machinery 65(9):93-102, September 2022.

Blocked or Broken? Automatically Detecting When Privacy Interventions Break Websites, Michael Smith, Peter Snyder, Moritz Haller, Ben Livshits, Deian Stefan, and Hamed Haddadi, Proceedings on Privacy Enhancing Technologies Symposium, Sydney, Australia, July 2022.

Domain Name Lifetimes: Baseline and Threats, Antonia Affinito, Raffaele Sommese, Gautam Akiwate, Stefan Savage, KC Claffy, Geoffrey M. Voelker, Alessio Botta, and Mattijs Jonker, Proceedings of Network Traffic Measurement and Analysis Conference (TMA), June 2022.

[All Publications]
Affiliations
Center for Networked Systems (CNS)         Cooperative Association for Internet Data Analysis (CAIDA)       San Diego Super Computer Center (SDSC)        California Institute for Telecommunications and Information Technology (Cal-IT2) CalIT(2)
Sponsors