Our research
Content type
+
Downloads (422)
+
Events (356)
 
Groups (147)
+
News (2467)
 
People (825)
 
Projects (1018)
+
Publications (11438)
+
Videos (4862)
Labs
Research areas
Algorithms and theory47205 (210)
Communication and collaboration47188 (177)
Computational linguistics47189 (143)
Computational sciences47190 (161)
Computer systems and networking47191 (599)
Computer vision208594 (8)
Data mining and data management208595 (5)
Economics and computation47192 (81)
Education47193 (71)
Gaming47194 (63)
Graphics and multimedia47195 (178)
Hardware and devices47196 (173)
Health and well-being47197 (63)
Human-computer interaction47198 (715)
Machine learning and intelligence47200 (597)
Mobile computing208596 (7)
Quantum computing208597 (3)
Search, information retrieval, and knowledge management47199 (561)
Security and privacy47202 (218)
Social media208598 (5)
Social sciences47203 (219)
Software development, programming principles, tools, and languages47204 (497)
Speech recognition, synthesis, and dialog systems208599 (12)
Technology for emerging markets208600 (22)
1–25 of 121
Sort
Show 25 | 50 | 100
12345Next 
Milovan Duric, Oscar Palomar, Aaron Smith, Milan Stanic, Osman Unsal, Adrian Cristal, Mateo Valero, Doug Burger, and Alex Veidenbaum
Publication details
Date: 1 July 2014
Type: Inproceeding
Andrew Putnam, Adrian Caulfield, Eric Chung, Derek Chiou, Kypros Constantinides, John Demme, Hadi Esmaeilzadeh, Jeremy Fowers, Jan Gray, Michael Haselman, Scott Hauck, Stephen Heil, Amir Hormati, Joo-Young Kim, Sitaram Lanka, James R. Larus, Eric Peterson, Gopi Prashanth, Aaron Smith, Jason Thong, Phillip Yi Xiao, and Doug Burger
Publication details
Date: 1 June 2014
Type: Inproceeding
Tolga Acar, Cedric Fournet, and Dan Shumow
We present DKM, a distributed key management system with a cryptographically verified code base. DKM implements a new data protection API. It manages keys and policies on behalf of groups of users that share data. To ensure long-term protection, DKM supports cryptographic agility: algorithms, keys, and policies can evolve for protecting fresh data while preserving access to old data. DKM is written in C# and currently used by several large data center applications. To verify our design and implementation,...
Publication details
Date: 15 April 2014
Type: Technical report
Publisher: Microsoft Technical Report
Number: MSR-TR-2014-48
Patrick Longa and Francesco Sica
The GLV method of Gallant, Lambert and Vanstone (CRYPTO 2001) computes any multiple kP of a point P of prime order n lying on an elliptic curve with a low-degree endomorphism \Phi (called GLV curve) over GF(p) as kP = k_1P + k_2\Phi(P), with max{|k_1|,|k_2|} <= C_1 n^(1/2) for some explicit constant C_1>0. Recently, Galbraith, Lin and Scott (EUROCRYPT 2009) extended this method to all curves over GF(p^2) which are twists of curves defined over GF(p). We show in this work how to merge the two...
Publication details
Date: 1 April 2014
Type: Article
Publisher: Springer
Tolga Acar and Lan Nguyen
Past decade has witnessed the availability of Trusted Platform Modules (TPM) on commodity computers. While the most common use of TPM appears to be BitLocker on Windows OS, server class motherboards have not yet enjoyed a similar TPM deployment base. Recent research and products show that the TPM can provide a level of trust on locally executing software. Nonetheless, TPMs haven’t been utilized in data center cryptographic key management for higher levels of security assurance than software-only...
Publication details
Date: 1 April 2014
Type: Technical report
Publisher: Microsoft Research Technical Report
Number: MSR-TR-2014-49
Milovan Duric, Oscar Palomar, Aaron Smith, Osman Unsal, Adrian Cristal, Mateo Valero, and Doug Burger
Publication details
Date: 9 March 2014
Type: Inproceeding
Navendu Jain, Ishai Menache, and Ohad Shamir
Cloud computing provides an attractive computing paradigm in which computational resources are rented on-demand to users with zero capital and maintenance costs. Cloud providers offer different pricing options to meet computing requirements of a wide variety of applications. An attractive option for batch computing is spot-instances, which allows users to place bids for spare computing instances and rent them at a (often) substantially lower price compared to the fixed on-demand price. However, this raises...
Publication details
Date: 5 March 2014
Type: Technical report
Number: MSR-TR-2014-30
Armando Faz-Hernandez, Patrick Longa, and Ana H. Sanchez
We propose efficient algorithms and formulas that improve the performance of side-channel protected scalar multiplication exploiting the Gallant-Lambert-Vanstone (CRYPTO 2001) and Galbraith-Lin-Scott (EUROCRYPT 2009) methods. Firstly, by adapting Feng et al.'s recoding to the GLV setting, we derive new regular algorithms for variable-base scalar multiplication that offer protection against simple side-channel and timing attacks. Secondly, we propose an efficient technique that interleaves ARM-based and...
Publication details
Date: 1 February 2014
Type: Inproceeding
Publisher: Lecture Notes in Computer Science
Joppe W. Bos, Craig Costello, Patrick Longa, and Michael Naehrig
We select a set of elliptic curves for cryptography and analyze our selection from a performance and security perspective. This analysis complements recent curve proposals that suggest (twisted) Edwards curves by also considering the Weierstrass model. Working with both Montgomery-friendly and pseudo-Mersenne primes allows us to consider more possibilities which improves the overall efficiency of base field arithmetic. Our Weierstrass curves are backwards compatible with current implementations of prime...
Publication details
Date: 1 February 2014
Type: Technical report
Number: MSR-TR-2014-19
Amr Magdy, Ahmed M. Aly, Mohamed F. Mokbel, Sameh Elnikety, Yuxiong He, and Suman Nath
Publication details
Date: 1 January 2014
Type: Inproceeding
Publisher: IEEE
Joppe W. Bos, Alina Dudeanu, and Dimitar Jetchev
We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group G. Unlike the setting studied by Kim et al., we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound O(sqrt(|G|)) by a factor of sqrt(\log(|\G|)) and are based on mixing time estimates for random walks on finite abelian groups due to Dou and Hildebrand. See also:...
Publication details
Date: 1 January 2014
Type: Article
Publisher: de Gruyter
Karin Strauss and Doug Burger
The memory industry faces significant disruption due to challenges related to scaling. Future memory systems will have more heterogeneity at individual levels of the hierarchy, with management support from multiple layers across the stack. Please refer to IEEE Computer Magazine for article.
Publication details
Date: 1 January 2014
Type: Article
Publisher: IEEE Computer Society
Joppe W. Bos, Craig Costello, and Andrea Miele
Motivated by the advantages of using elliptic curves for discrete logarithm-based public-key cryptography, there is an active research area investigating the potential of using hyperelliptic curves of genus 2. For both types of curves, the best known algorithms to solve the discrete logarithm problem are generic attacks such as Pollard rho, for which it is well-known that the algorithm can be sped up when the target curve comes equipped with an efficiently computable automorphism. In this paper we...
Publication details
Date: 1 January 2014
Type: Inproceeding
Publisher: Springer
Joppe W. Bos, J. Alex Halderman, Nadia Heninger, Jonathan Moore, Michael Naehrig, and Eric Wustrow
In this paper, we perform a review of elliptic curve cryptography (ECC), as it is used in practice today, in order to reveal unique mistakes and vulnerabilities that arise in implementations of ECC. We study four popular protocols that make use of this type of public-key cryptography: Bitcoin, secure shell (SSH), transport layer security (TLS), and the Austrian e-ID card. We are pleased to observe that about 1 in 10 systems support ECC across the TLS and SSH protocols. However, we find that despite the...
Publication details
Date: 1 January 2014
Type: Inproceeding
Publisher: Springer
Adrian Sampson, Jacob Nelson, Karin Strauss, and Luis Ceze
Memories today expose an all-or-nothing correctness model that incurs significant costs in performance, energy, area, and design complexity. But not all applications need high-precision storage for all of their data structures all of the time. This paper proposes mechanisms that enable applications to store data approximately and shows that doing so can improve the performance, lifetime, or density of solid-state memories. We propose two mechanisms. The first allows errors in multi-level cells by reducing...
Publication details
Date: 9 December 2013
Type: Inproceeding
Publisher: ACM
Joppe W. Bos, Kristin Lauter, Jake Loftus, and Michael Naehrig
In 1996, Hoffstein, Pipher and Silverman introduced an efficient lattice based encryption scheme dubbed NTRUEnc. Unfortunately, this scheme lacks a proof of security. However, in 2011, Stehle and Steinfeld showed how to modify NTRUEnc to reduce security to standard problems in ideal lattices. In 2012, Lopez-Alt, Tromer and Vaikuntanathan proposed a fully homomorphic scheme based on this modified system. However, to allow homomorphic operations and prove security, a non-standard assumption is required. In...
Publication details
Date: 1 December 2013
Type: Inproceeding
Publisher: Springer Verlag
Adam Doupe, Weidong Cui, Mariusz Jakubowski, Marcus Peinado, Christopher Kruegel, and Giovanni Vigna
Web applications are constantly under attack. They are popular, typically accessible from anywhere on the Internet, and they can be abused as malware delivery systems. Cross-site scripting flaws are one of the most common types of vulnerabilities that are leveraged to compromise a web application and its users. A large set of cross-site scripting vulnerabilities originates from the browser's confusion between data and code. That is, untrusted data input to the web application is sent to the clients'...
Publication details
Date: 1 November 2013
Type: Inproceeding
Publisher: ACM
Tolga Acar, Lan Nguyen, and Greg Zaverucha
Publication details
Date: 10 October 2013
Type: Technical report
Publisher: Microsoft Research
Number: MSR-TR-2013-105
Ping Li, Anshumali Shrivastava, and Arnd Christian König
Minwise hashing is a standard technique in the context of search for approximating set similarities. The recent work [26, 32] demonstrated a potential use of b-bit minwise hashing [23, 24] for efficient search and learning on massive, high-dimensional, binary data (which are typical for many applications in Web search and text mining). In this paper, we focus on a number of critical issues which must be addressed before one can apply b-bit minwise hashing to the volumes of data often used industrial...
Publication details
Date: 1 October 2013
Type: Article
Publisher: ACM
Joppe W. Bos, Kristin Lauter, and Michael Naehrig
Increasingly, confidential medical records are being stored in data centers hosted by hospitals or large companies. As sophisticated algorithms for predictive analysis on medical data continue to be developed, it is likely that, in the future, more and more computation will be done on private patient data. While encryption provides a tool for assuring the privacy of medical information, it limits the functionality for operating on such data. Conventional encryption methods used today provide only very...
Publication details
Date: 1 September 2013
Type: Technical report
Number: MSR-TR-2013-81
Sudipto Das, Vivek Narasayya, Feng Li, and Manoj Syamala
Multi-tenancy and resource sharing are essential to make a Database-as-a-Service (DaaS) cost-effective. However, one major consequence of resource sharing is that the performance of one tenant's workload can be significantly affected by the resource demands of co-located tenants. The lack of performance isolation in a shared environment can make DaaS less attractive to performance-sensitive tenants. Our approach to performance isolation in a DaaS is to isolate the key resources needed by the tenants'...
Publication details
Date: 1 September 2013
Type: Inproceeding
Publisher: Very Large Data Bases Endowment Inc.
Number: 1
Joppe W. Bos, Peter L. Montgomery, Daniel Shumow, and Greg Zaverucha
In this paper we present a parallel approach to compute \emph{interleaved} Montgomery multiplication. This approach is particularly suitable to be computed on 2-way single instruction, multiple data platforms as can be found on most modern computer architectures in the form of vector instruction set extensions. We have implemented this approach for tablet devices which run the x86 architecture (Intel Atom Z2760) using SSE2 instructions as well as devices which run on the ARM platform (Qualcomm MSM8960,...
Publication details
Date: 1 September 2013
Type: Inproceeding
Publisher: Springer
Joppe W. Bos, Craig Costello, and Michael Naehrig
We study exponentiations in pairing groups for the most common security levels and show that, although the Weierstrass model is preferable for pairing computation, it can be worthwhile to map to alternative curve representations for the non-pairing group operations in protocols.
Publication details
Date: 1 August 2013
Type: Inproceeding
Publisher: Springer
Joppe W. Bos, Craig Costello, Huseyin Hisil, and Kristin Lauter
This paper explores the potential for using genus 2 curves over quadratic extension fields in cryptography, motivated by the fact that they allow for an 8-dimensional scalar decomposition when using a combination of the GLV/GLS algorithms. Besides lowering the number of doublings required in a scalar multiplication, this approach has the advantage of performing arithmetic operations in a 64-bit ground field, making it an attractive candidate for embedded devices. We found cryptographically secure genus 2...
Publication details
Date: 1 August 2013
Type: Inproceeding
Publisher: Springer
Rodolfo Azevedo, John Davis, Karin Strauss, Parikshit Gopalan, Mark Manasse, and Sergey Yekhanin
Zombie is an endurance management framework that enables a variety of error correction mechanisms to extend the lifetimes of memories that suffer from bit failures caused by wearout, such as phase-change memory (PCM). Zombie supports both single-level cell (SLC) and multi-level cell (MLC) variants. It extends the lifetime of blocks in working memory pages (primary blocks) by pairing them with spare blocks, i.e., working blocks in pages that have been disabled due to exhaustion of a single block's error...
Publication details
Date: 27 June 2013
Type: Inproceeding
Publisher: ACM
1–25 of 121
Sort
Show 25 | 50 | 100
12345Next 
> Our research