New York, NY (December 15) – Cornell Tech faculty members Weill Family Foundation and Joan and Sanford I. Weill Professor Ari Juels and Associate Professor of Computer Science Thomas Ristenpart were the recipients of the Test of Time Award at the ACM Conference on Computer and Communications Security (CCS) for their co-authored 2012 paper, “Cross-VM side channels and their use to extract private keys.”

The CCS Test of Time Award recognizes papers that report research with long-lasting influence and significant impact on one or multiple subareas of systems security and privacy, through opening new research directions, proposing new technologies, or making new discoveries to create a better understanding of security risks.

The paper, co-authored by Yinqian Zhang and Michael K. Reiter, successfully demonstrated a novel cybersecurity attack method against virtualized computing environments. To do so, the research team examined a software-enabled process to divide a single physical computer into multiple virtual computers – called virtual machines – to add computing power and maximize cost-effectiveness.  This is a common practice in almost all computing environments, from laptops to cloud servers.

The attack method used by the researchers and detailed in their paper is known as a “side-channel attack,” a technique that exploits sensitive information that is mistakenly leaked by poorly configured systems. In a first-of-its-kind demonstration, the team was able to construct a sophisticated side channel attack to gather sensitive data leaked by one virtual machine and weaponize it against another. The successful attack yielded a software key that unlocked encrypted files stored in that virtual environment and showcased the dangers involved with this type of software.

Juels is a Professor at the Jacobs Technion-Cornell Institute at Cornell Tech and the Technion. He is also a member of the Computer Science field at Cornell University. His interests span a broad range of topics in computer security, cryptography, and privacy, including cloud security, financial cryptography, cybersecurity, user authentication, medical-device security, biometrics, and security and privacy for the Internet of Things.

Ristenpart serves as an Associate Professor at Cornell Tech and in the Department of Computer Science at Cornell University. His research is in computer security, with recent topics including cloud computing security, applied and theoretical cryptography, and privacy.

The post Cornell Tech Faculty Win Test of Time Award at CCS 2022 appeared first on Cornell Tech.

Cornell Tech researchers have developed a mechanism for preserving anonymity in encrypted messaging – which conceals message content but might not cloak the sender’s identity – while simultaneously blocking unwanted or abusive messages.

Doctoral student and co-lead author Nirvan Tyagi presented the group’s paper, “Orca: Blocklisting in Sender-Anonymous Messaging,” at the 31st USENIX (Advanced Computing Systems Association) Symposium, held Aug. 10-12 in Boston.

Co-authors included Tom Ristenpart, professor of computer science at Cornell Tech and in the Cornell Ann S. Bowers College of Computing and Information Science; Julia Len, doctoral student in computer science; and Ian Miers, associate professor of computer science at the University of Maryland and a former postdoctoral associate at Cornell Tech.

This work is a continuation of research funded by a five-year, $3 million grant from the National Science Foundation, the goal of which is to take significant steps toward safer online communication. Ristenpart is principal investigator of the project, “Privacy-Preserving Abuse Prevention for Encrypted Communications Platforms.”

Platforms such as Signal, WhatsApp and Facebook Messenger rely on end-to-end encrypted (E2EE) messaging to preserve the confidentiality of the message, but user anonymity is not guaranteed. Signal recently introduced an anonymity-preserving feature, but it has been found to be susceptible to attack.

“While they prevent content from being leaked to the platform,” Tyagi said, “this doesn’t prevent other types of leakage of metadata.”

While E2EE messaging provides strong confidentiality of the messages being sent, the platform can learn the identities of both the sender and recipient of every message sent over the network. Signal, a messaging app released in 2014 which now boasts more than 40 million users, has recently introduced a “sealed sender” protocol that ensures the sender’s identity is never revealed to the platform.

This highlights a key tension in sender-anonymous systems: sender anonymity, while mitigating potentially abusive messages. E2E encryption by itself makes certain types of abuse mitigation more challenging, and sender anonymity only complicates those efforts. One example of abuse mitigation that is complicated by sender anonymity is blocklisting.

“That (sender-anonymous sender blocklisting) is a bit of an oxymoron,” Tyagi said, “because we want the platform to be able to filter based on sender identities, but we also want sender anonymity from the platform.”

With Orca, message recipients would register an anonymized blocklist with the platform. Senders construct messages that can be verified by the platform as being attributable to someone not on the blocklist.

Verification is achieved through group signatures, which allow users to sign messages anonymously on behalf of a group. The platform registers individual users, and the group’s opening authority – the recipient – can trace the identity of each individual user.

If the sender is on the blocklist, or if the message is malformed, the platform rejects the message. But if the message is delivered, the recipient is guaranteed to be able to identify the sender.

Orca takes this efficiency one step further: Instead of creating and verifying a group signature for every message sent, the group signature will only be used periodically to mint new batches of one-time-use sender tokens from the platform. Messages can be sent by including a valid token for a recipient; these tokens, or access keys, are much more efficient for the platform to verify and require only a check against a list of used or blocked tokens.

“When the sender sends a message, using cryptography they prove to the platform that they’re an authorized sender for the recipient and not on the recipient’s blocklist,” Tyagi said. “And they can do that in a way where they can still hide their identity from the platform.”

Tyagi said this type of safeguard could be useful in a number of scenarios.

“Perhaps you’re a whistleblower at a company, and you contact a journalist, which for most people is not a common occurrence,” Tyagi said. “Then a big story appears; just the fact that someone from that company has been in recent contact with the journalist could raise a red flag.

“Or in the medical realm,” he said, “just by the fact that you’re communicating with, say, a cardiologist could reveal confidential information about your health.”

Future work will address the computational challenge of making sure a single cryptographic identity corresponds to a single human. It’s one of many problems facing computer scientists as they address the tension between anonymity and abuse mitigation.

“Increased privacy can harm the ability to do certain types of abuse mitigation and accountability,” Tyagi said. “The question is, can we make that tradeoff a little less costly with even better cryptography? And in some cases, we can.”

This story originally appeared in the Cornell Chronicle.

The post Protecting Privacy – and Safety – in Encrypted Messaging appeared first on Cornell Tech.

The Town Hall focused on how employers can secure their tech infrastructure and protect data from attacks. Moderated by CNBC and MSNBC contributor Ron Insana, the discussion started with Jacobs Technion-Cornell Institute  Professor Ari Juels who covered “the current state of cybersecurity and the insight on scaling security training throughout industries from product managers to the c-suite.”

Read more about the Cybersecurity Town Hall on Working Nation.

Photo: ClearSky CISO Patrick Heim (right) and Northwell Health CIO John Bosco (right) discuss solutions for developing cybersecurity professionals. Photo – Mayer Chalom/Working Nation

The post Jacobs Institute Hosts Working Nation Cybersecurity Town Hall appeared first on Cornell Tech.

The post Designing Security appeared first on Cornell Tech.

Cryptography, which involves complex mathematical manipulations of data, demands high-level expertise. “It’s easy to make security-critical mistakes when using cryptography to build systems,” Myers said. New secure processing chips must be programmed almost at the level of the computer’s “machine language” of ones and zeros, and also require expertise in cryptography.

“If we are serious about remaining globally competitive, we must continue to invest in research to develop new computer engineering techniques that will stop hackers in their tracks,” said Sen. Charles Schumer, D-New York. “The work coming out of Cornell will improve our nation’s cybersecurity and help foster technological innovations that will make us safer and more productive. This funding will allow our brightest minds to find solutions to current and future challenges.”

Research funds will be used to develop a high-level programming language called Viaduct.

“The Viaduct system will automatically translate high-level code into provably secure implementations that use sophisticated cryptography,” said Myers, lead principal investigator.

“It’s clear that our society desperately needs new approaches to security and privacy,” said researcher and CIS Dean Morrisett. “The approach we are exploring should shift the burden of the security details from the programmer to the language environment.”

The post CIS Researchers Receive $2.5M NSF Grant for Cybersecurity appeared first on Cornell Tech.

In the year that he has been on campus, he has hit the ground running both in terms of his academic research as well as providing tech expert commentary in the media, weighing in on topics like why Donald Trump can’t actually close “parts of the Internet” and on the role of encryption in the feud between law enforcement and the tech industry set off by Apple’s refusal to give the FBI access to the San Bernardino terrorist shooting in December 2015.

As a security expert Ristenpart is always intrigued by potential system vulnerabilities. He was getting his PhD at UC San Diego when companies like Amazon, and later Google and Microsoft, first began renting space to the public on cloud computing systems. He realized that this meant that lots of different programs would be running inside the same physical computers and wondered if trouble makers could use access to a shared server to launch attacks on other users. So imagining himself as a clever adversary, he gamed out some of the ways that the cloud was vulnerable.

The paper, entitled “Hey You, Get Off of My Cloud,” won Ristenpart attention from media outlets like the Wall Street Journal and the New York Times, but also from companies like Microsoft, which now helps fund his research.

“What was really important about this paper is that everyone was talking about cloud computing, but no one really understood if this actually was going to change security threat models in interesting ways,” Ristenpart says. “And so this was the first paper that really said: ‘Look, there’s a new class of threats that we need to think about in detail.’”

Cornell Tech sat down with him to discuss the cloud and what brought him to his interest in security and cryptography.

Cornell Tech: You grew up in the Bay Area, was that an influence on your decision to go into computer programming?

Tom Ristenpart: Yeah, I think so. I think we were really fortunate that at our grade school we had an introduction to programming course. This was when I was very young, when I was nine, if I remember correctly. And my interest took off from there.

So how did you get into cryptography?

I spent a lot of summers doing internships focused on programming and software development. I thought I was going to go straight to work after undergrad. I had no interest in research or anything. But then towards the end, I realized that the internships, while interesting, weren’t touching on topics I wanted to explore. I thought grad school might open up more attractive options. Also, as I like to joke at parties, if I stayed in school I would still be eligible to play competitive Ultimate Frisbee.

So I started graduate school at U.C. Davis and took a class on cryptography taught by Professor Phil Rogaway. Like many people, I assumed that since I wasn’t a math major in undergrad I wouldn’t have the right background for cryptography, but it turned out that cryptography is as much about computer science as math. Phil’s class made me see that and realize that computer scientists have a lot to offer the field.

How would you describe the role of computer science in cryptography?

The encryption schemes we build are often based on mathematics, but there’s a lot of work to turn basic mathematics into useful security tools. All that stuff in between the basic mathematics and your secure use of, say, the Internet is at the core of computer science. We design communication protocols, efficient algorithms, and rule out attacks by showing that no computationally efficient attackers can be successful.

How do you think the Cornell Tech experience compares with the traditional computer science graduate program?

Many programs are very traditional, academic. There is often a focus on theory. Theory is foundational, but it is often blind to the problems being faced in practice. At Cornell Tech students have significant engagement with practitioners. Industry is actually embedded in the environment here. It is part of the culture. By teaching fundamentals in the context of real, tangible problems, students get both the theory and the ability to apply it.

What are you working on now?

Mostly trying to identify places where encryption isn’t being used because of problems that arise in practice. One very concrete example of this is our work supporting encryption of credit card numbers in a way that works with existing software systems. For example, companies built huge databases of 16-digit credit card numbers. Later they realized: ‘Oh, we should’ve encrypted all this data for security reasons.’ But if they encrypt the credit card numbers with a conventional encryption scheme, what they are going to get back is some kind of long string of random-looking junk. It literally just won’t fit back into the database where we had credit card numbers before.

That means they’d have to redo their whole database, hindering deployment of encryption for credit card numbers. So industry wanted what started being called format-preserving encryption—the idea being that you have a credit card number as the input and you should get out an encryption of it that syntactically is like a 16-digit number. Then you can stick it back in the database. It wasn’t clear how to do this securely, so we pioneered some of the early work on how to build appropriate encryption tools. Some of these are now widely used, but there’s still a lot of interesting open questions.

What else are you working on?

We’ve been looking at some issues with circumventing Internet censorship. Censorship tools like the Great Firewall of China have used protocol identification to try to detect tools that people are using to get access to information in order to block them, and we’ve been trying to understand how encryption tools can be designed to make it harder to detect them. We also are working on improving password management systems, including how to deal with the fact that users frequently make typos when entering their passwords. We have some new ideas here that, we hope, will make user experience significantly better.

What is it like to work with so many other cryptographers at Cornell Tech? Do you all work together?

Absolutely, yeah. We have a concentration of people that is rare if not unique. Our expertise areas are all different. We bring different perspectives—and personalities—to the table. With our critical mass, I’m hoping we’ll end up doing some very important, disruptive work moving forward.

The post Thomas Ristenpart: Disrupting Cryptography appeared first on Cornell Tech.

In a recently published paper, Professor Vitaly Shmatikov revealed these shortened URLs shared on a cloud server are essentially public and easily hacked.

The researchers used URLs from Microsoft OneDrive and Google Maps shortened through bit.ly. They found by guessing shortened URLs until they found a working one, they could spread malware on a victim’s computer or find places they’ve looked up directions to.

For more on this research:
WIRED
Ars Technica
Forbes
The Next Web
Gizmodo
Motherboard

Read the full paper.

The post How Shortened URLs Can Be Used to Spy on People appeared first on Cornell Tech.

Currently valued at over $6 billion, the digital currency is viewed by many as the future of payments rather than a passing fad. But according to new research fro m a consortium of security experts based at the Jacobs Technion-Cornell Institute, Bitcoin faces an imminent challenge and must be restructured at its very core to compete as a mainstream payment method.

“Bitcoin is soon going to reach the limits of its transactional throughput,” says Professor Ari Juels, co-founder of the Initiative for CryptoCurrencies and Contracts (IC3) at the Jacobs Technion-Cornell Institute.

While Visa processes between two and three-thousand transactions per second on average — but is capable of handling as many as 56,000 — Bitcoin can only support seven transactions per second. Given that Bitcoin is expected to reach its limit in the next year, the cryptocurrency community is undergoing what Juels describes as an acrimonious “holy war,” debating how much the size of blocks (which record all transaction data) can be increased to support more payments without destabilizing the system.

Fellow IC3 co-founder Emin Gün Sirer compares the problem of redefining parameters confronting Bitcoin to changing an airplane’s design: “How big can you make a plane body, how wide, how long, until it becomes too fat for the engine and just starts falling out of the sky? There’s only so far you can go by changing the block size.”

IC3’s study, published in a recent position paper, On Scaling Decentralized Blockchains, found that a block could grow from one megabyte — its current size — to four, at most, before it would compromise Bitcoin’s decentralized model. But even then, at its hypothetical maximum limit, Bitcoin would only be able to support 27 transactions per second, paling in comparison to Visa’s thousands.

According to Juels, the current debate over block size misses Bitcoin’s fundamental scaling challenge. Tweaks to block size can be made as a quick fix, Juels says, but Bitcoin’s system must be completely redesigned in order to compete with major payment systems.

“The question isn’t what happens in the next year, but what happens in two or three years,” Juels says. “And that’s going to affect if Bitcoin becomes adopted as a mainstream currency or if cryptocurrency in general begins to wither.”

IC3 aims not only to pose questions and challenges to the cryptocurrency community, but also to explore fundamentally better ways of addressing capability challenges. With its recent paper, IC3 hopes to call attention to the fact that Bitcoin is about to hit a wall, and that the community has to start thinking about new measures, which are not yet on anyone’s radar, in order to evolve and adapt to the demands that are being placed on it.

“This paper is just a small part of the work at IC3 or even a sideshow,” Juels says. “I’m not as interested in Bitcoin as I am in the technological possibilities it has illuminated.”

Blockchains, for example, have relevancies even outside of Bitcoin. Juels has been studying them in the context of smart contracts, which could replace legal documents with code that has the promise of perfect execution.

“The cryptocurrency industry has been incredibly fruitful, but hasn’t had the benefit of the rigor that academicians can bring to the conversation,” says Juels. “Our hope is that it will stimulate research for new techniques.”

IC3’s founders bring a range of different interests and perspectives to the Bitcoin debate. Sirer, for example, is in distributed systems and has created Bitcoin-NG, which would support a far better scaling model for the digital payment system, whereas Elaine Shi, the organization’s third co-founder, is more interested in formal security.

“This is how IC3, as an academic institution, can complement what’s being done in industries,” Shi says. “We have the formal backgrounds to design provably secure prototypes. You really want to do it right from the very beginning.”

IC3 is an interdisciplinary organization made up of experts in everything from computer science to finance.

“Academic researchers can bring to the table a way to vet new streams that are more likely to work,” says Juels. “It’s about illuminating possibilities. Things that can be done that can’t even be imagined.”

The post This Is Bitcoin’s Biggest Challenge appeared first on Cornell Tech.

“The nice thing about being a security researcher,” he says, “is that you’re sort of paid to be a troublemaker. You are kind of paid to do things that other people don’t want to do and don’t want to think about. For a certain type of personality, this is a very good match.”

Shmatikov should know — he has been known to be a computer security troublemaker himself.

In 2006 Netflix had a competition to develop a program to best predict what movies a customer would select next. For this, they published part of their customer database with all names deleted. Shmatikov and a fellow researcher at the University of Texas proved they could compare an anonymous individual’s movie choices to public information on movie fan sites and figure out their identities.

After arriving at Cornell Tech just last year, Shmatikov immediately began digging into the thorny issue of what unexpected things can be inferred from the massive amount of personal data that is being collected by new digital devices like fitness sensors. “Maybe by looking at the person’s biological measurements and by looking at his social activity, I can determine when he or she is lying. Or maybe I can infer what exactly a person is doing at a particular moment,” he hypothesizes.

Cornell Tech recently sat down with Shmatikov to explore his rich imagination.

Cornell Tech: You grew up in the Soviet Union. Is that where your love of computer science started?

Vitaly Shmatikov: My parents were physicists and did do some computing, but that required programming on punch cards. I was in high school when I saw my first personal computer: a little Yamaha. But in college, I mostly studied applied mathematics.

So how did you end up in the United States studying computer science?

My parents spent a summer at the University of Washington for a research visit. After that, they thought I should go there to finish my undergraduate degree. That’s when I started studying computer science as well as math. I remember the biggest surprise to me was that you actually have to do something during the course of the semester. In Russia, the entire grade for the course is based on the final exam.

Why security?

I went to Stanford for computer science and like many PhD students, I was somewhat aimless. At the time, people barely realized the importance of security for the Web. Then Netscape Navigator appeared as the first commercial browser and for this browser, Netscape came up with this new protocol called secure sockets layer or SSL. My advisor suggested that I look for its weaknesses. I liked the process of looking at systems from a different perspective than the people who built them and trying to think creatively of all the ways in which they could fail.

Tell us about the great Netflix caper.

My colleague at the University of Texas, Arvind Narayanan, and I were already working on various privacy-related things and then one day he walked into my office and said, ‘Did you hear Netflix released this huge dataset for their data mining competition and they claim it’s all anonymous? There is no way to reconstruct people’s identities.’ And that just sounded bogus. The challenge was to actually show this in a rigorous fashion. So we just went and wrote a simple program that scraped information from a separate Internet movie database website and tried to match it against what was in the Netflix Prize dataset. And it worked.

What did you conclude?

The implications went beyond this particular dataset. We showed that, in general, it is very difficult to ‘anonymize’ data so that it cannot be re-identified.

Does knowing what you know make you afraid to put secure information online?

I’m not paranoid, in part because I know that technology can only do so much. And it’s very important to understand we need non-technological protections like legal and regulatory protections. As an example of this, using credit cards online doesn’t bother me because I know that even if there is a fraudulent charge, I don’t have liability. That’s an example of a legal mechanism or a regulatory mechanism that mitigates damage from technological vulnerabilities.

Tell us about the research you’re doing now.

There are several projects that I am trying to get started here. Machine learning is big these days. These amazing services that we see on our mobile phones like image recognition, voice recognition and natural text translation are all enabled by collecting massive amounts of information from people and then having pretty clever algorithms learn from it.

Of course, there seems to be some kind of conflict with privacy. Data is collected for one particularly stated purpose, perhaps image recognition, but then used for another purpose — like to infer that a particular person was in a certain place at a given time. But in order for these algorithms to work properly, training them requires collecting data from everybody, keeping it in some centralized place, and using it for all kinds of purposes that owners of the data might not have intended.

So I’m trying to look at it from two perspectives. First of all, understanding the invasion of privacy, understanding what could be learned or inferred about people by having access to their data, like their biological data. Then we’re also trying to build systems that can learn from massive amounts of data and build useful predictive models without violating people’s privacy.

With four faculty members focused on security, Cornell Tech has a significant concentration of security experts. Is it fun to have a whole group with subversive personalities?

Yes, it’s great. The really nice thing about it is I feel like there is no problem we couldn’t tackle collectively here. For pretty much any problem related to security, in pretty much any space, we have some expertise.

How do you approach teaching computer security?

Last semester for the first time I taught a course called “Privacy in the Digital Age.” I structured it so that, for many lectures, I had external visitors who could talk about different aspects of privacy: founders of privacy-oriented startups, lawyers working on privacy issues, investigative journalists, former chief technologist of the Federal Trade Commission who could talk about privacy regulation and government, and experts on civil rights.

I felt that this course was what a Cornell Tech education is all about. The students got exposure to issues that are not purely technical. This is not just a vocational school that teaches programming skills; we prepare students with the greater context as well.

The post Vitaly Shmatikov: Computer Security Troublemaker appeared first on Cornell Tech.

Their work spans a wide range of topics including data encryption, cryptography, cryptocurrency, machine-learning and Internet of Things privacy and security. To a degree unusual for an academic-based research team, the Cornell Tech Security Group (CTSG) will consult regularly with industry practitioners to drive and inform both best practices and the group’s own research.

“Cybersecurity touches nearly every aspect of our daily lives, from consumer privacy to the security of corporations and governments and, increasingly, to criminal investigations,” said Cornell Tech Dean Dan Huttenlocher. “The Cornell Tech Security Group brings together four of the world’s leading cybersecurity experts as they identify new vulnerabilities and advance the state of the art in modern security.”

Team members’ current efforts include: “Honey Encryption,” the use of decoys and deception to make encrypted data harder to access even if stolen; a focus on keeping enterprise-setting passwords secure in the event of a system breach; the design of a truly anonymous survey system, far more secure than common, web-based questionnaire services; and the development of a system for preserving privacy in deep learning, particularly when applied to sensitive data.

The four members of the CTSG:

• Ari Juels is a co-director of IC3 (Initiative for CryptoCurrencies and Contracts), which is based at the Jacobs Technion-Cornell Institute at Cornell Tech, where he is also a professor. He was previously the Chief Scientist of RSA, the security division of EMC, the leading provider of intelligence-driven security solutions. His recent areas of work include cloud security, defensive uses of deception, security for machine learning, cryptocurrencies and smart contracts.

• Rafael Pass is an associate professor of Computer Science at Cornell University and Cornell Tech. His research focuses on cryptography and game theory and their interplay with computational complexity. He is a recipient of the NSF Career Award, the AFOSR Young Investigator Award and the Google Faculty Award. He was named an Alfred P. Sloan Fellow, a Microsoft Faculty Fellow and a Wallenberg Academy Fellow.

• Thomas Ristenpart is an associate professor of Computer Science at Cornell University and Cornell Tech. His research spans a wide range of computer security topics, with recent focuses on new threats to, and improved opportunities for, cloud computing security, as well as topics in applied and theoretical cryptography. He received the U.C. San Diego Computer Science and Engineering Department Dissertation Award, an NSF CAREER Award, Best Paper Award at USENIX Security 2014 and a Sloan Research Fellowship.

• Vitaly Shmatikov is a professor of Computer Science at Cornell University and Cornell Tech. His research areas are security and privacy. He received the PET Award for Outstanding Research in Privacy Enhancing Technologies twice, in 2008 and 2014. Shmatikov’s research group won the Best Practical Paper or Best Student Paper Awards at the 2012, 2013 and 2014 IEEE Symposiums on Security and Privacy (“Oakland”), as well as the NYU-Poly AT&T Best Applied Security Paper Award, NDSS Best Student Paper Award, and the CCS Test-of-Time Award.

About Cornell Tech

Cornell Tech develops pioneering leaders and technologies for the digital age. Cornell Tech brings together faculty, business leaders, tech entrepreneurs, and students in a catalytic environment to produce visionary results grounded in significant needs that will reinvent the way we live in the digital age. Cornell Tech’s temporary campus has been up and running at Google’s Chelsea building since 2012, with a growing world-class faculty, and over 150 master’s and Ph.D. students who collaborate extensively with tech-oriented companies and organizations and pursue their own start-ups. Construction is underway on Cornell Tech’s campus on Roosevelt Island, with a first phase due to open in 2017. When fully completed, the campus will include 2 million square feet of state-of-the-art buildings, over 2 acres of open space, and will be home to more than 2,000 graduate students and hundreds of faculty and staff.

The post Meet Cornell Tech’s New Cybersecurity Team appeared first on Cornell Tech.