Trading group theory for randomness
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
A note on efficient zero-knowledge proofs and arguments (extended abstract)
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Stanford FLASH multiprocessor
ISCA '94 Proceedings of the 21st annual international symposium on Computer architecture
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Reflection as a mechanism for software integrity verification
ACM Transactions on Information and System Security (TISSEC)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
ACM Transactions on Computer Systems (TOCS)
SETI@home: an experiment in public-resource computing
Communications of the ACM
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Uncheatable Distributed Computations
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Identification Tokens - or: Solving the Chess Grandmaster Problem
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Improved Efficient Arguments (Preliminary Version)
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Computer
New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice
ACM Transactions on Computer Systems (TOCS)
Securing Web Servers against Insider Attack
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Access control for ad-hoc collaboration
Access control for ad-hoc collaboration
The click modular router
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Design, Implementation and Test of an Email Virus Throttle
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Secure object identification: or: solving the Chess Grandmaster Problem
Proceedings of the 2003 workshop on New security paradigms
The IBM PCIXCC: a new cryptographic coprocessor for the IBM eServer
IBM Journal of Research and Development
Hardware assisted control flow obfuscation for embedded processors
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
Web tap: detecting covert web traffic
Proceedings of the 11th ACM conference on Computer and communications security
Proceedings of the 11th ACM conference on Computer and communications security
BOINC: A System for Public-Resource Computing and Storage
GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Trusted Computing Platforms: Design and Applications
Trusted Computing Platforms: Design and Applications
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
A Generic Attack on Checksumming-Based Software Tamper Resistance
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems
Proceedings of the twentieth ACM symposium on Operating systems principles
Proceedings of the 12th ACM conference on Computer and communications security
Strengthening Software Self-Checksumming via Self-Modifying Code
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Replay Attack in TCG Specification and Solution
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Secure Device Pairing based on a Visual Channel (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
TCG inside?: a note on TPM specification compliance
Proceedings of the first ACM workshop on Scalable trusted computing
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Certifying program execution with secure processors
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Flexible OS support and applications for trusted computing
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Secure coprocessor integration with kerberos V5
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Establishing the genuinity of remote computer systems
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Trusting trusted hardware: towards a formal model for programmable secure coprocessors
WOEC'98 Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce - Volume 3
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Splitting interfaces: making trust between applications and operating systems configurable
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Cryptographic support for secure logs on untrusted machines
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Portcullis: protecting connection setup from denial-of-capability attacks
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
A distributed content independent method for spam detection
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
How low can you go?: recommendations for hardware-supported minimal TCB code execution
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
OSLO: improving the security of trusted computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Delegating computation: interactive proofs for muggles
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trustworthy and personalized computing on public kiosks
Proceedings of the 6th international conference on Mobile systems, applications, and services
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Phalanx: withstanding multimillion-node botnets
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Incentivizing outsourced computation
Proceedings of the 3rd international workshop on Economics of networked systems
A practical guide to trusted computing
A practical guide to trusted computing
On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA)
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
HAPADEP: Human-Assisted Pure Audio Device Pairing
ISC '08 Proceedings of the 11th international conference on Information Security
Bootstrapping trust in a "trusted" platform
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Secure pairing of interface constrained devices
International Journal of Security and Networks
A Proof of Security of Yao’s Protocol for Two-Party Computation
Journal of Cryptology
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices
IEEE Transactions on Mobile Computing
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Not-a-Bot: improving service availability in the face of botnet attacks
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Are PCPs Inherent in Efficient Arguments?
CCC '09 Proceedings of the 2009 24th Annual IEEE Conference on Computational Complexity
A Logic of Secure Systems and its Application to Trusted Computing
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Dynamics of a Trusted Platform: A Building Block Approach
Dynamics of a Trusted Platform: A Building Block Approach
Probabilistically Checkable Arguments
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Reducing the trusted computing base for applications on commodity systems
Reducing the trusted computing base for applications on commodity systems
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
Scalable Web Content Attestation
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartI
A fully homomorphic encryption scheme
A fully homomorphic encryption scheme
TrustVisor: Efficient TCB Reduction and Attestation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
Leveraging legacy code to deploy desktop applications on the web
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Detecting spammers with SNARE: spatio-temporal network-level automatic reputation engine
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Trust extension for commodity computers
Communications of the ACM
Street-Level trust semantics for attribute authentication (transcript of discussion)
SP'12 Proceedings of the 20th international conference on Security Protocols
Hi-index | 0.02 |
As society rushes to digitize sensitive information and services, it is imperative to adopt adequate security protections. However, such protections fundamentally conflict with the benefits we expect from commodity computers. In other words, consumers and businesses value commodity computers because they provide good performance and an abundance of features at relatively low costs. Meanwhile, attempts to build secure systems fromthe ground up typically abandon such goals, and hence are seldom adopted. In this dissertation, I argue that we can resolve the tension between security and features by leveraging the trust a user has in one device to enable her to securely use another commodity device or service, without sacrificing the performance and features expected of commodity systems. At a high level, we support this premise by developing techniques to allow a user to employ a small, trusted, portable device to securely learn what code is executing on her local computer. Rather than entrusting her data to themountain of buggy code likely running on her computer, we construct an on-demand secure execution environment which can perform security-sensitive tasks and handle private data in complete isolation from all other software (and most hardware) on the system. Meanwhile, non-security-sensitive software retains the same abundance of features and performance it enjoys today. Having established an environment for secure code execution on an individual computer, we then show how to extend trust in this environment to network elements in a secure and efficient manner. This allows us to reexamine the design of network protocols and defenses, since we can now execute code on endhosts and trust the results within the network. Lastly, we extend the user's trust onemore step to encompass computations performed on a remote host (e.g., in the cloud). We design, analyze, and prove secure a protocol that allows a user to outsource arbitrary computations to commodity computers run by an untrusted remote party (or parties) who may subject the computers to both software and hardware attacks. Our protocol guarantees that the user can both verify that the results returned are indeed the correct results of the specified computations on the inputs provided, and protect the secrecy of both the inputs and outputs of the computations. These guarantees are provided in a non-interactive, asymptotically optimal (with respect to CPU and bandwidth) manner. Thus, extending a user's trust, via software, hardware, and cryptographic techniques, allows us to provide strong security protections for both local and remote computations on sensitive data, while still preserving the performance and features of commodity computers.