Bryan Parno
RESEARCHER
.
| Email: | <last>@microsoft.com |
| Phone: | 425-705-1170 |
| CV: | [pdf] |
I recently joined the Security and Privacy Research Group here at Microsoft Research. I am interested in a broad range of security topics (e.g., network and system security, applied cryptography, usable security, and data privacy), as well as topics such as operating system design, distributed systems, and mobile computing. My current work focuses on protocols for verifiable computation and zero-knowledge proofs, building practical, formally verified secure systems, and developing next-generation application models. I have been fortunate to work with many excellent interns, including Karthik Nagaraj, Mariana Raykova, Joshua Schiffman, Srinath Setty, and Xi Xiong.
I completed my PhD at Carnegie Mellon University under the supervision of Adrian Perrig. My dissertation studies the design, implementation, and evaluation of a combination of hardware, software, and cryptographic primitives for extending the trust you have in one service or device in order to allow you to trust other services and devices. My dissertation won the 2010 ACM Doctoral Dissertation Award.
Earlier in my career, I studied computer science at Harvard University.
News
- April 3, 2013 - Our paper, Embassies: Radically Refactoring the Web, received the Best Paper Award at the USENIX Symposium on Networked Systems Design and Implementation (NSDI).
- March 26, 2013 - I'll be co-chairing CCSW this year -- please consider submitting!
- March 12, 2013 - I'll be giving a plenary talk at ACNS this summer -- please consider attending!
- May 22, 2012 - Our paper, User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, received the Best Practical Paper Award at the IEEE Symposium on Security and Privacy!
- December 19, 2011 - I was selected for Forbes' 30-Under-30: Science list.
- August 30, 2011 - Our book, Bootstrapping Trust in Modern Computers, has been published! It can be purchased from Springer or Amazon.
- May 11, 2011 - My dissertation won the 2010 ACM Doctoral Dissertation Award!
Professional Activities
- PC Co-Chair, ACM Cloud Computing Security Workshop (CCSW), 2013
- Workshop Organizer, Language Support for Privacy-Enhancing Technologies (PETShop), 2013
- Program Committee, ACM Conference on Computer & Communications Security (CCS), 2013
- Program Committee, Conference on Trust and Trustworthy Computing (TRUST), 2013
- Program Committee, IEEE Symposium on Security and Privacy (Oakland), 2013
- Program Committee, Network and Distributed System Security Symposium (NDSS), 2013
- Program Committee, ACM Conference on Computer & Communications Security (CCS), 2012
- Program Committee, ACM Cloud Computing Security Workshop (CCSW), 2012
- Program Committee, Conference on Trust and Trustworthy Computing (TRUST), 2012
- Program Committee, ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2012
- Program Committee, Network and Distributed System Security Symposium (NDSS), 2012
- Program Committee, Conference on Cryptology and Network Security (CANS), 2011
- Program Committee, Network and Distributed System Security Symposium (NDSS), 2011
- Program Committee, IACR Conference on the Practice and Theory of Public Key Cryptography (PKC), 2011
- Program Committee, APWG eCrime Researchers Summit, 2010
- Program Committee, PhD Forum of The Conference on Mobile Systems, Applications and Services (MobiSys), 2010
- Program Committee, APWG eCrime Researchers Summit, 2009
- Program Committee, Financial Cryptography and Data Security Conference, 2009
Publications
- Jon Howell, Bryan Parno, and John R. Douceur, How to Run POSIX Apps in a Minimal Picoprocess, in Proceedings of the USENIX Annual Technical Conference, USENIX, June 2013
- Bryan Parno, Craig Gentry, Jon Howell, and Mariana Raykova, Pinocchio: Nearly Practical Verifiable Computation, in Proceedings of the IEEE Symposium on Security and Privacy, IEEE, 21 May 2013
- Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova, Quadratic Span Programs and Succinct NIZKs without PCPs, in Proceedings of the IACR Eurocrypt Conference, International Association for Cryptologic Research, May 2013
- Srinath Setty, Benjamin Braun, Victor Vu, Andrew J. Blumberg, Bryan Parno, and Michael Walfish, Resolving the Conflict Between Generality and Plausibility in Verified Computation, in Proceedings of the ACM European Conference on Computer Systems (EuroSys), ACM, 15 April 2013
- Jon Howell, Bryan Parno, and John R. Douceur, Embassies: Radically Refactoring the Web, in Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI), Awarded "Best Paper", USENIX, 5 April 2013
- Jacob R. Lorch, Bryan Parno, James Mickens, Mariana Raykova, and Joshua Schiffman, Shroud: Enabling Private Access to Large-Scale Data in the Data Center, in Proceedings of the 11th USENIX Conference on File and Storage Technologies (FAST), USENIX, 14 February 2013
- Jon Howell, Bryan Parno, and John R. Douceur, How to Run POSIX Apps in a Minimal Picoprocess, no. MSR-TR-2013-10, 30 January 2013
- Jon Howell, Jeremy Elson, Bryan Parno, and John R. Douceur, Missive: Fast Appliance Launch From an Untrusted Buffer Cache, no. MSR-TR-2013-9, 30 January 2013
- Jon Howell, Bryan Parno, and John R. Douceur, Eratosthenes: Radically Refactoring the Web, no. MSR-TR-2012-104, 3 October 2012
- Bryan Parno, Zongwei Zhou, and Adrian Perrig, Using Trustworthy Host-Based Information in the Network, in Invited Paper - ACM Workshop on Scalable Trusted Computing (STC), ACM, October 2012
- Bryan Parno, Trust Extension for Commodity Computers, in Communications of the ACM, vol. 55, no. 6, pp. 76-85, ACM, June 2012
- Amit Vasudevan, Bryan Parno, Ning Qu, Virgil Gligor, and Adrian Perrig, Lockdown: A Safe and Practical Environment for Security Applications, in Proceedings of the Conference on Trust & Trustworthy Computing (TRUST), Springer Verlag, June 2012
- Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, Helen J. Wang, and Crispin Cowan, User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, in Proceedings of the IEEE Symposium on Security and Privacy, Awarded "Best Practical Paper", IEEE, 21 May 2012
- Bryan Parno, Mariana Raykova, and Vinod Vaikuntanathan, How to Delegate and Verify in Public: Verifiable Computation from Attribute-based Encryption, in Proceedings of the IACR Theory of Cryptography Conference (TCC), International Association for Cryptologic Research, March 2012
- Nicolas Christin, Alessandro Acquisti, Bryan Parno, and Adrian Perrig, Monetary Forgery in the Digital Age: Will Physical-Digital Cash Be a Solution?, in I/S: A Journal of Law and Policy for the Information Society, vol. 7, no. 2, pp. 171-206, 2012
- John R. Douceur, Jon Howell, Bryan Parno, Michael Walfish, and Xi Xiong, The Web Interface Should Be Radically Refactored, in Tenth ACM Workshop on Hot Topics in Networks (HotNets-X), ACM SIGCOMM, November 2011
- John R. Douceur, Jon Howell, Bryan Parno, and Michael Walfish, Refactoring the Web Interface, in SOSP 2011 Poster Session, 24 October 2011
- Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, Helen J. Wang, and Crispin Cowan, User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems, no. MSR-TR-2011-91, 2 August 2011
- Bryan Parno, Jonathan M. McCune, and Adrian Perrig, Bootstrapping Trust in Modern Computers , Springer, August 2011
- Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, and Jonathan M. McCune, Memoir: Practical State Continuity for Protected Modules, in Proceedings of the IEEE Symposium on Security and Privacy, IEEE, May 2011
- John R. Douceur, Jacob R. Lorch, Bryan Parno, James Mickens, and Jonathan M. McCune, Memoir---Formal Specs and Correctness Proofs, no. MSR-TR-2011-19, February 2011
- Rosario Gennaro, Craig Gentry, and Bryan Parno, Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers, in Proceedings of the International Cryptology Conference (CRYPTO), Springer Verlag, August 2010
- Bryan Parno, Trust Extension as a Mechanism for Secure Code Execution on Commodity Computers, May 2010
- Bryan Parno, Jonathan M. McCune, and Adrian Perrig, Bootstrapping Trust in Commodity Computers, in Proceedings of the IEEE Symposium on Security and Privacy, IEEE, May 2010
- Bryan Parno, Zongwei Zhou, and Adrian Perrig, Don't Talk to Zombies: Mitigating DDoS Attacks via Attestation, no. CMU-CyLab-09-009, June 2009
- Bryan Parno, Jonathan M. McCune, Dan Wendlandt, David G. Andersen, and Adrian Perrig, CLAMP: Practical Prevention of Large-Scale Data Leaks, in Proceedings of the 2009 IEEE Symposium on Security and Privacy, IEEE, May 2009
- Ari Juels, Ravikanth Pappu, and Bryan Parno, Unidirectional Key Distribution Across Time and Space with Applications to RFID Security, in Proceedings of the USENIX Security Symposium, USENIX, July 2008
- Bryan Parno, Bootstrapping Trust in a "Trusted" Platform, in Proceedings of the 3rd USENIX Workshop on Hot Topics in Security (HotSec), USENIX, July 2008
- Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki, Flicker: An Execution Infrastructure for TCB Minimization, in Proceedings of the ACM European Conference on Computer Systems (EuroSys), Association for Computing Machinery, Inc., April 2008
- Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Arvind Seshadri, How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution, in Proceedings of the Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Association for Computing Machinery, Inc., March 2008
- Bryan Parno, Adrian Perrig, and David Andersen, SNAPP: Stateless Network-Authenticated Path Pinning, in Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), Association for Computing Machinery, Inc., March 2008
- Alessandro Acquisti, Nicolas Christin, Bryan Parno, and Adrian Perrig, Countermeasures against Government-Scale Monetary Forgery, in Proceedings of the Financial Cryptography and Data Security 12th International Conference, Springer Verlag, January 2008
- Bryan Parno, Dan Wendlandt, Elaine Shi, Adrian Perrig, Bruce Maggs, and Yih-Chun Hu, Portcullis: Protecting Connection Setup from Denial-of-Capability Attacks, in Proceedings of the ACM SIGCOMM, Association for Computing Machinery, Inc., August 2007
- Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Arvind Seshadri, Minimal TCB Code Execution (Extended Abstract), in Proceedings of the 2007 IEEE Symposium on Security and Privacy, IEEE, May 2007
- Jay Lorch, Bryan Parno, and Helen Wang, SAV-V: Securing Anti-Virus with Virtualization, no. MSR-TR-2011-101, 5 April 2007
- Bryan Parno, Mark Luk, Evan Gaustad, and Adrian Perrig, Secure Sensor Network Routing: A Clean-Slate Approach, in Proceedings of the 2nd Conference on Future Networking Technologies (CoNEXT), Association for Computing Machinery, Inc., December 2006
- Bryan Parno, Cynthia Kuo, and Adrian Perrig, Phoolproof Phishing Prevention, in Proceedings of the Financial Cryptography and Data Security 10th International Conference, Springer Verlag, February 2006
- Bryan Parno, Cynthia Kuo, and Adrian Perrig, Browser Enhancements for Preventing Phishing Attacks, in Phishing and Counter-Measures : Understanding the Increasing Problem of Electronic Identity Theft, Wiley-Interscience, 2006
- Bryan Parno and Adrian Perrig, Challenges in Securing Vehicular Networks, in Proceedings of the Fourth Workshop on Hot Topics in Networks (HotNets-IV), Association for Computing Machinery, Inc., November 2005
- Bryan Parno, Adrian Perrig, and Virgil Gligor, Distributed Detection of Node Replication Attacks in Sensor Networks, in Proceedings of the 2005 IEEE Symposium on Security and Privacy, IEEE, May 2005
- Elaine Shi, Bryan Parno, Adrian Perrig, Yih-Chun Hu, and Bruce Maggs, FANFARE for the Common Flow, no. CMU-CS-05-148, February 2005
- Bryan Parno and Mema Rousoppoulos, Defending a P2P Digital Preservation System, in IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 4, pp. 209–222, IEEE, October 2004
- Bryan Parno and Tony Bartoletti, Internet Ballistics: Retrieving Forensic Data From Network Scans, USENIX, August 2004
- Bryan Parno, How to Subvert LOCKSS and What the LOCKSSmith Can Do About It, April 2004
- Nick Elprin and Bryan Parno, An Analysis of Database-Driven Mail Servers, in Proceedings of the 17th Large Installation Systems Administration (LISA) Conference, USENIX, October 2003
