The security seminar at MIT CSAIL hosts talks on systems security,
applied cryptography, and other areas related to security.
Members come from a variety of groups within systems and cryptography, both from MIT
and other institutions. If you are interested in giving a talk, please contact Alexandra Henzinger (ahenz@).
Theophile will speak about verifying TreeSync. This work won a distinguished paper award and the 2023 Internet Defense prize at USENIX Security! Read abstract and more information
Talk/Information: DESIGNING PROTOCOLS THAT ACTUALLY GET DEPLOYED
Eric will discuss the factors that determine whether a new cryptographic protocol does or does not become widely used. Read abstract and more information
FEB 29 2024
Speaker(s): NICK SULLIVAN CFRG
Talk/Information: CRYPTOGRAPHIC THEORY INTO APPLIED TECHNOLOGY
Nick Sullivan is the former Head of Research and Cryptography at Cloudflare, and is the co-chair of the Crypto Forum Research Group. Read abstract and more information
Kat will speak about Google's Certificate Transparency (CT) project and how it helps make the web a more trustworthy place. Read abstract and more information
FEB 21 2019
Speaker(s): DANIEL GRUSS Graz University of Technology
Speaker(s): ETHAN CECCHETTI Cornell University - Initiative for CryptoCurrencies & Contracts (IC3)
Talk/Information: PUBLIC INCOMPRESSIBLE ENCODINGS (PIES)
Ethan will talk about Decentralized Storage Networks (DSNs) and Public Incompressible Encodings (PIEs), a core building block needed to verify that potentially-cheating servers are redundantly storing public data. Read abstract and more information
MAY 16 2018
Speaker(s): TRAMMELL HUDSON Two Sigma Investments
Talk/Information: LINUXBOOT
Trammel will talk about bringing Linux back to cloud servers' boot ROMs and the associated security implications. Read abstract and more information
MAY 09 2018
Speaker(s): MICHAEL SCHAPIRA Hebrew University of Jerusalem
Talk/Information: NETWORK TIME PROTOCOL
Michael will talk about preventing "time shifting attacks" in the presence of powerful man-in-the-middle attackers. Read abstract and more information
MAY 02 2018
Speaker(s): ILIA LEBEDEV MIT CSAIL
Talk/Information: TRUSTED EXECUTION ENVIRONMENTS
Ilia will talk about Sanctum, an extension of the RISC-IV architecture that provides a trusted execution environment (i.e., enclaves) for applications. Read abstract and more information
MAR 14 2018
Speaker(s): RADU SION Stony Brook University
Talk/Information: PRIVACY & DENIABILITY
Radu will talk about systems that offer plausible deniability against multi-snapshot state-level adversaries. Read abstract and more information
DEC 06 2017
Speaker(s): SERGEY GORBUNOV University of Waterloo
Speaker(s): BENJAMIN FULLER University of Connecticut
Talk/Information: SECURE COMPUTATION
Ben will talk about the problem of database search, the current state of the art, and attacks against these systems. Read abstract and more information
MAR 22 2017
Speaker(s): HENRY CORRIGAN-GIBBS Stanford University Department of Computer Science
Kostya will talk about sanitizing, fuzzing, and hardening C/C++ code for security and reliability. Note: This talk will happen at 11 am instead of the normal 4 pm slot. Read abstract and more information
OCT 12 2016
Speaker(s): BALAJI SRINIVASAN 21.co and a16z
Talk/Information: BITCOIN
Balaji will be speaking about How Bitcoin enables a Machine-Payable Web. This is a joint talk with MIT Media Lab Digital Currency Initiative. Read abstract and more information
Sergey Gorbunov is giving a practice job talk. Come and give feedback!
FEB 25 2015
Speaker(s): ANDREW BAUMANN Microsoft Research
Talk/Information: SYSTEMS SECURITY
Andrew will be speaking about Shielding applications from an untrusted cloud with Haven. NOTE: This talk will be at 3 pm. Read abstract and more information
Amir Rahmati will talk about TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks. Read abstract and more information
OCT 01 2012
Speaker(s): CHRIS FLETCHER MIT
Talk/Information: FULLY HOMOMORPHIC ENCRYPTION AND HARDWARE
Speaker(s): ROBERT GRIFFIN, RSA Security Division of EMC
Talk/Information: CLOUD SECURITY
Bob Griffin, Chief Security Architect at RSA, will talk about "Keys and Clouds: Searching for the Equilibrium". This is an industry talk co-organized with RSA Labs.
APR 02 2012
Speaker(s): DR. ALINA OPREA RSA Labs
Talk/Information: CLOUD COMPUTING SECURITY
New approaches to securing cloud data: Alina will talk about some of the research RSA Labs has done on extending the trust perimeter from the enterprise data center into public clouds. Read abstract and more information
Dennis will talk about Focused Threat Response and Forensic Information Sharing: Current Challenges and Limits in Cloud Computing Scenarios. This talk was jointly organized with the RSA Labs. Read abstract and more information
DEC 12 2011
Speaker(s): PROF. ROXANA GEAMBASU Columbia University
Speaker(s): PROF. STEPHEN CHONG Harvard University
Talk/Information: LANGUAGE-BASED SECURITY
Stephen will talk about Inference of Expressive Information Security Policies. This talk is joint with the PL seminar. Read abstract and more information
Speaker(s): DR. ÚLFAR ERLINGSSON security researcher at Google
Talk/Information: CLOUD COMPUTING SECURITY
Úlfar will briefly outline some issues and potential research topics in cloud security, with examples from Google's past and current technology efforts used to give context. Read abstract and more information
Ron Rothblum will give a talk for the CIS seminar: "Homomorphic Encryption: from Private-Key to Public-Key"
FEB 24 2011
Speaker(s): PROF. SHARON GOLDBERG Boston University
Talk/Information: BGP SECURITY
Sharon will talk about recent work: Let the Market Drive Deployment: A Strategy for Transitioning to BGP Security. Joint work with Phillipa Gill and Michael Schapira. Read abstract and more information
DEC 02 2010
Speaker(s): DR. ASLAN ASKAROV Cornell University
Talk/Information: PREDICTIVE BLACK-BOX MITIGATION OF TIMING CHANNELS
We investigate techniques for general black-box mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of timing mitigators that can achieve any given bound on timing channel leakage, with a tradeoff in system performance. We show these mitigators compose well with other mechanisms for information flow control, and demonstrate they are effective against some known timing attacks.
NOV 03 2010
Speaker(s): DR. FRANK MCSHERRY Microsoft Research
Talk/Information: DIFFERENTIAL PRIVACY
Frank will present his work on Privacy Integrated Queries: A Programming Language for Differentially-Private Computation. Read abstract and more information
OCT 28 2010
Speaker(s): PROF. ANDREW MYERS Cornell University
Talk/Information: LANGUAGE-BASED SECURITY FOR DISTRIBUTED SYSTEMS
Talk/Information: PREVENTING SIDE CHANNEL ATTACKS EXPLOITING MEMORY LATENCY FOR CLOUD COMPUTING
Taesoo will talk about his work on preventing side channel attacks exploiting memory latency in cloud computing environments such as Amazon EC2 and Microsoft Azure. He will present his new protection mechanism (against RSA/AES cache attacks) that he developed together with Marcus Peinado from Microsoft Research.
OCT 15 2010
Speaker(s): DR. MICHAEL CLARKSON Cornell University
We will discuss the paper Practical Privacy: The SuLQ framework by Avrim Blum, Cynthia Dwork, Frank McSherry and Kobbi Nissim; this paper appeared in SIGMOD/PODS 2005.
JUL 12 2010
Speaker(s): VICTOR COSTAN MIT
Talk/Information: TRUSTVISOR: EFFICIENT TCB REDUCTION AND ATTESTATION
TrustVisor is a paper from Oakland 2010 (IEEE Symposium on Security and Privacy). Also, here is a list of all the papers from Oakland and Usenix Security 2010 to consider for discussion at the reading group this summer.
MAY 24 2010
Speaker(s): VICTOR COSTAN MIT
Talk/Information: TRUSTED HARDWARE
Victor will talk about TPMs (Trusted Platform Modules). These are trusted hardware devices that are gaining popularity with cloud security: under the assumption that the TPM is not attacked physically, some recent papers have shown how to provide confidential execution of programs on the cloud as well as how to check that the right software ran on the cloud.
MAY 17 2010
Speaker(s): PROF. NICKOLAI ZELDOVICH MIT
Talk/Information:
MAY 10 2010
Speaker(s): CHRIS LESNIEWSKI-LAAS MIT
Talk/Information: SECURE DHTS
Chris will give a talk on his recent NSDI paper that tries to solve the hard problem of faking identities in a DHT: Whānau: A Sybil-proof Distributed Hash Table. FYI, the abstract and paper can be found here.
MAY 03 2010
Speaker(s): DR. TAL MORAN Harvard University
Talk/Information: IDENTITY-BASED ENCRYPTION (IBE) INSTEAD OF PKI?
Can IBE obviate the need for PK infrastructure or facilitate key revocation? What is the tradeoff? These questions came up when discussing ICING last week. Tal will give a short survey of IBE, concentrating on limitations for practical uses. The following papers are relevant (the introductions suffice to give you a good overview). A classical paper: Identity based encryption from the Weil paring (Dan Boneh and Matt Franklin) and a fairly recent survey: A tapestry of identity-based encryption: practical frameworks compared (Xavier Boyen).
APR 26 2010
Speaker(s): PROF. SHARON GOLDBERG Boston University
Speaker(s): EMILY SHEN, DAVID WILSON, MARTEN VAN DIJK, RALUCA ADA POPA MIT
Talk/Information: TUTORIAL OF RECENT CRYPTO ADVANCES FOR SYSTEMS PEOPLE
Some of us will give an overview of a variety of cryptographic tools/concepts that are efficient and of practical use to systems. There is no reading. We will cover the following topics at a high level: efficient homomorphic encryption schemes, proofs of retrievability/possession, attribute-based encryption, hidden vector encryption, predicate encryption, identity-based encryption, zero knowledge, proofs of knowledge, short signatures, broadcast encryption, and private information retrieval. Slides from the presentation are here [ppt][pdf].
APR 05 2010
Speaker(s): DR. CRAIG GENTRY IBM T. J. Watson
Talk/Information: SECURE DELEGATION OF COMPUTATION
We will discuss Craig's cryptographic breakthrough and its implications to cloud security as well as the general problem of securely delegating computation to the cloud. Paper and details are here.
MAR 29 2010
Speaker(s): TAESOO KIM MIT
Talk/Information: PROGRAM BINARY OBFUSCATION
The importance of program obfuscation goes without saying. We will discuss Binary obfuscation using signals. Taesoo will present an overview of the paper and then some of his research ideas to improve binary obfuscation. However, cryptographic results show that it is impossible to obfuscate programs. Is there a way to come close to this goal by making the adversary's job harder? This is an example where crypto knowledge and systems mechanisms work together.
Vanish aims to ensure destruction of private data after some timeout. Is it possible to provide data destruction/deletion guarantees? (Some researchers from Princeton/UTexas/Michigan apparently found a vulnerability in Vanish and called their attack unVanish. Vanish's authors wrote a reply paper attempting to fix various DHT vulnerabilities including those exploited by unVanish.)