Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Our research
Content type
+
Downloads (462)
+
Events (468)
 
Groups (151)
+
News (2818)
 
People (717)
 
Projects (1136)
+
Publications (12934)
+
Videos (6012)
Labs
Research areas
Algorithms and theory47205 (360)
Communication and collaboration47188 (238)
Computational linguistics47189 (260)
Computational sciences47190 (245)
Computer systems and networking47191 (810)
Computer vision208594 (934)
Data mining and data management208595 (142)
Economics and computation47192 (124)
Education47193 (89)
Gaming47194 (84)
Graphics and multimedia47195 (250)
Hardware and devices47196 (226)
Health and well-being47197 (104)
Human-computer interaction47198 (983)
Machine learning and intelligence47200 (988)
Mobile computing208596 (81)
Quantum computing208597 (41)
Search, information retrieval, and knowledge management47199 (737)
Security and privacy47202 (358)
Social media208598 (83)
Social sciences47203 (300)
Software development, programming principles, tools, and languages47204 (658)
Speech recognition, synthesis, and dialog systems208599 (160)
Technology for emerging markets208600 (58)
1–25 of 358
Sort
Show 25 | 50 | 100
1234567Next 
Rohit Sinha, Manuel Costa, Akash Lal, Nuno Lopes, Sanjit Seshia, Sriram Rajamani, and Kapil Vaswani

Hardware support for isolated execution (such as Intel SGX) enables development of applications that keep their code and data confidential even while running in a hostile or compromised host. However, automatically verifying that such applications satisfy confidentiality remains challenging. We present a methodology for designing such applications in a way that enables certifying their confidentiality. Our methodology consists of forcing the application to communicate with the external world through a...

Publication details
Date: 1 June 2016
Type: Inproceeding
Publisher: ACM – Association for Computing Machinery
Nishanth Chandran, Srinivasan Raghuraman, and Dhinakaran Vinayagamurthy
Publication details
Date: 6 March 2016
Type: Inproceeding
Publisher: Springer
Trinabh Gupta, Natacha Crooks, Whitney Mulhern, Srinath Setty, Lorenzo Alvisi, and Michael Walfish
Publication details
Date: 1 March 2016
Type: Inproceeding
Publisher: USENIX – Advanced Computing Systems Association
Nathan Dowlin, Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Michael Naehrig, and John Wernsing

Applying machine learning to a problem which involves medical, financial, or other types of sensitive data, not only requires accurate predictions but also careful attention to maintaining data privacy and security. Legal and ethical requirements may prevent the use of cloud-based machine learning solutions for such tasks. In this work, we will present a method to convert learned neural networks to CryptoNets, neural networks that can be applied to encrypted data. This allows a data owner to...

Publication details
Date: 8 February 2016
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2016-3
Nishanth Chandran, Bhavana Kanukurthi, and Srinivasan Raghuraman
Publication details
Date: 10 January 2016
Type: Inproceeding
Publisher: Springer
Markulf Kohlweiss, Ueli Maurer, Cristina Onete, Björn Tackmann, and Daniele Venturi

SSL/TLS is one of the most widely deployed cryptographic protocols on the Internet. It is used to protect the confidentiality and integrity of transmitted data in various client-server applications. The currently specified version is TLS 1.2, and its security has been analysed extensively in the cryptographic literature. The IETF working group is actively developing a new version, TLS 1.3, which is designed to address several flaws inherent to previous versions.

In this paper, we analyze the...

Publication details
Date: 1 December 2015
Type: Inproceeding
Publication details
Date: 1 December 2015
Type: Inproceeding
Publisher: Springer
David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, and Paul Zimmermann

We investigate the security of Diffie-Hellman key exchange as used in popular Internet protocols and find it to be less secure than widely believed. First, we present Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman. To carry out this attack, we implement the number field sieve discrete log algorithm. After a week-long precomputation for a specified 512-bit group, we can compute arbitrary discrete logs in that group in about a minute. We...

Publication details
Date: 1 December 2015
Type: Inproceeding
Publisher: ACM
Nathan Dowlin, Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Michael Naehrig, and John Wernsing

Biological Data Science is an emerging field facing multiple challenges for hosting, sharing, computing on, and interacting with large data sets. Privacy regulations and concerns about the risks of leaking sensitive personal health and genomic data add another layer of complexity to the problem. Recent advances in cryptography over the last 5 years have yielded a tool, homomorphic encryption which can be used to encrypt data in such a way that storage can be outsourced to an untrusted cloud,...

Publication details
Date: 13 November 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-87
Himanshu Raj, Stefan Saroiu, Alec Wolman, Ronald Aigner, Jeremiah Cox, Paul England, Chris Fenner, Kinshuman Kinshumann, Jork Loeser, Dennis Mattoon, Magnus Nystrom, David Robinson, Rob Spiger, Stefan Thom, and David Wooten

This paper presents the design and implementation of a firmware-based TPM 2.0 (fTPM) leveraging ARM TrustZone. The fTPM is the reference implementation used in millions of mobile devices, and was the first hardware or software implementation to support the newly released TPM 2.0 specification.

This paper describes the shortcomings of ARM's TrustZone for implementing secure services (such as our implementation), and presents three different approaches to overcome them. Additionally, the paper...

Publication details
Date: 5 November 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-84
Bimal Viswanath, Muhammad Ahmad Bashir, Muhammad Bilal Zafar, Simon Bouget, Saikat Guha, Krishna Gummadi, Aniket Kate, and Alan Mislove
Publication details
Date: 1 November 2015
Type: Inproceeding
Jan Camenisch, Maria Dubovitskaya, Kristiyan Haralambiev, and Markulf Kohlweiss

It takes time for theoretical advances to get used in practical schemes. Anonymous credential schemes are no exception. For instance, existing schemes suited for real-world use lack formal, composable definitions, partly because they do not support straight-line extraction and rely on random oracles for their security arguments.

To address this gap, we propose unlinkable redactable signatures (URS), a new building block for privacy-enhancing protocols, which we use to construct the first...

Publication details
Date: 1 November 2015
Type: Inproceeding
Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath Setty, and Brian Zill

Distributed systems are notorious for harboring subtle bugs. Verification can, in principle, eliminate these bugs a priori, but verification has historically been difficult to apply at full-program scale, much less distributed-system scale.

We describe a methodology for building practical and provably correct distributed systems based on a unique blend of TLA-style state-machine refinement and Hoare-logic verification. We demonstrate the methodology on a complex implementation of a Paxos-based...

Publication details
Date: 5 October 2015
Type: Inproceeding
Publisher: ACM – Association for Computing Machinery
Olga Ohrimenko, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Markulf Kohlweiss, and Divya Sharma

The use of public cloud infrastructure for storing and processing large datasets raises new security concerns. Current solutions propose encrypting all data, and accessing it in plaintext only within secure hardware. Nonetheless, the distributed processing of large amounts of data still involves intensive encrypted communications between different processing and network storage units, and those communications patterns may leak sensitive information.

We consider secure implementation of MapReduce...

Publication details
Date: 1 October 2015
Type: Inproceeding
Publication details
Date: 1 October 2015
Type: Technical report
Number: MSR-TR-2015-81
Shuo Chen

This article provides my recollection about how Prof. José Meseguer enlightened me to study security problems from the logic perspective. His lectures and advices are having a long term influence on my research career.

Publication details
Date: 1 September 2015
Type: Inproceeding
Publisher: Springer
Olga Ohrimenko, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Markulf Kohlweiss, and Divya Sharma

The use of public cloud infrastructure for storing and processing large datasets raises new security concerns. Current solutions propose encrypting all data, and accessing it in plaintext only within secure hardware. Nonetheless, the distributed processing of large amounts of data still involves intensive encrypted communications between different processing and network storage units, and those communications patterns may leak sensitive information.

We consider secure implementation of MapReduce...

Publication details
Date: 1 September 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-70
Cormac Herley

There is an inherent asymmetry in computer security: things can be declared insecure by observation, but not the reverse; there is no test that allows us to declare an arbitrary system or technique secure. We show that this implies that claims of necessary conditions for security (and sufficient conditions for insecurity) are unfalsifiable. This in turn implies an asymmetry in self-correction: while the claim that countermeasures are sufficient is always subject to correction, the claim that they are...

Publication details
Date: 1 September 2015
Type: Technical report
Number: MSR-TR-2015-72
Thomas Pöppelmann, Michael Naehrig, Andrew Putnam, and Adrián Macías

Homomorphic encryption allows computation on encrypted data and makes it possible to securely outsource computational tasks to untrusted environments. However, all proposed schemes are quite inefficient and homomorphic evaluation of ciphertexts usually takes several seconds on high-end CPUs, even for evaluating simple functions. In this work we investigate the potential of FPGAs for speeding up those evaluation operations. We propose an architecture to accelerate schemes based on the ring learning with...

Publication details
Date: 1 September 2015
Type: Inproceeding
Publisher: Springer
Manuel Costa, Orion Hodson, Marcus Peinado, Sriram Rajamani, Mark Russinovich, and Kapil Vaswani

Applications such as Secure Hadoop need to have part of their data and code isolated from privileged software (e.g., the operating system), and they need to be able to establish secure communication channels between the isolated code and remote machines. This document investigates the APIs needed to develop these applications.

Publication details
Date: 31 August 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-67
Greg Zaverucha

Password-based encryption needs all the help it can get to withstand brute-force attacks. We repurpose an old idea to encrypt data so that each password guess requires processing all of the encrypted data. Then we look at some use cases to see how the costs change for the attacker and defender. In a brute force attack, this can mean a large increase in attacker I/O, with little cost increase to defenders, who must process all of the data anyway. This report accompanies a presentation at BSidesLV 2015...

Publication details
Date: 5 August 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-63
Xiaofeng Zheng, Jian Jiang, Jinjin Liang, Haixin Duan, Shuo Chen, Tao Wang, and Nicholas Weaver

A cookie can contain a “secure” flag, indicating that it should be only sent over an HTTPS connection. Yet there is no corresponding flag to indicate how a cookie was set: attackers who act as a man-in-the-middle even temporarily on an HTTP session can inject cookies which will be attached to subsequent HTTPS connections. Similar attacks can also be launched by a web attacker from a related domain. Although an acknowledged threat, it has not yet been studied thoroughly. This paper aims to fill this gap...

Publication details
Date: 1 August 2015
Type: Inproceeding
Publisher: USENIX – Advanced Computing Systems Association
Stuart Schechter and Joseph Bonneau

Nearly all smartphones and tablets support unlocking with a short user-chosen secret: e.g., a numeric PIN or a pattern. To address users’ tendency to choose guessable PINs and patterns, we compare two approaches for helping users learn assigned random secrets. In one approach, built on our prior work [16], we assign users a second numeric PIN and, during each login, we require them to enter it after their chosen PIN. In a new approach, we re-arrange the digits on the keypad so that the user’s...

Publication details
Date: 22 July 2015
Type: Inproceeding
Publisher: USENIX – Advanced Computing Systems Association
Joppe Bos, Craig Costello, Patrick Longa, and Michael Naehrig

This document explains the details of the curve generation algorithms and provides the parameters for the NUMS (Nothing Up My Sleeve) curves. These curves are supported in the MSR Elliptic Curve Cryptography Library (MSR ECCLib).

Publication details
Date: 9 June 2015
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2015-49
Craig Costello, Patrick Longa, and Michael Naehrig

This position paper summarizes our perspectives on the selection of next-generation elliptic curves for standardization. It also contains generation algorithms intended as a foundation for choosing elliptic curves for cryptography in a simple, consistent and rigid way.

Publication details
Date: 8 June 2015
Type: Technical report
Number: MSR-TR-2015-46
1–25 of 358
Sort
Show 25 | 50 | 100
1234567Next 
> Our research