Stanford Security Lunch
Fall 2014


Food selections are now posted here.

September 24, 2014 Organizational meeting

Organizational meeting:  Sign up to give a talk!

October 1, 2014 Protecting Users by Confining JavaScript with COWL

Speaker:  Deian Stefan

Abstract:  Modern web applications are conglomerations of JavaScript written by multiple authors: application developers routinely incorporate code from third-party libraries, and mashup applications synthesize data and code hosted at different sites. In current browsers, a web application's developer and user must trust third-party code in libraries not to leak the user's sensitive information from within applications. Even worse, in the status quo, the only way to implement some mashups is for the user to give her login credentials for one site to the operator of another site. Fundamentally, today's browser security model trades privacy for flexibility because it lacks a sufficient mechanism for confining untrusted code. We present COWL, a robust JavaScript confinement system for modern web browsers. COWL introduces label-based mandatory access control to browsing contexts in a way that is fully backwardcompatible with legacy web content. We use a series of case-study applications to motivate COWL's design and demonstrate how COWL allows both the inclusion of untrusted scripts in applications and the building of mashups that combine sensitive information from multiple mutually distrusting origins, all while protecting users' privacy. Measurements of two COWL implementations, one in Firefox and one in Chromium, demonstrate a virtually imperceptible increase in page-load latency.

October 8, 2014 Security at LinkedIn

Speaker:  David Freeman (LinkedIn)

Abstract:  David leads the Security Data Science team at LinkedIn, where he works on creating automated methods for detecting and preventing fraud and abuse. Before joining LinkedIn, David was a post-doc in Dan's group here at Stanford. David's research interests related to cryptographic applications of number theory and arithmetic geometry.

October 15, 2014 Rethinking the Adoption of Hash Signatures

Speaker:  Burt Kaliski (Verisign)

Abstract:  Hash function-based digital signature schemes – in particular, the classic Merkle tree signature scheme – are among the earliest forms of public-key cryptography. However, perhaps due to their large signature size, or perhaps to their lack of a corresponding asymmetric encryption scheme, hash signatures have not entered the mainstream over the past three decades. The current emphasis on post-quantum cryptography provides a strong motivation for their adoption, but will that be enough? In addition to the promise of long-term resilience, it may also be necessary to demonstrate some near-term advantages of hash signatures over conventional approaches. This talk will describe some of those advantages, as a basis for a more general discussion on what other advantages may be needed to move hash signatures into the mainstream.

October 22, 2014 CDNs Considered Harmful

Speaker:  Amit Levy

Location:  New location this week only! Gates Library (Gates 211).

Abstract:  Content Distribution Networks like CloudFlare and Amazon CloudFront are bringing the performance benefits of CDNs to the mainstream. Importantly, besides caching website assets at edge locations, CDNs also serve as the termination for SSL. However, no longer bound by vast corporate agreements and expensive contracts, these "consumer" CDNs present new security tradeoffs and challenge our notion of "end-to-end" security on the web. I'll highlight some of the differences in process and trust between the old and new model and describe a system we are working on to address emerging concerns.

October 29, 2014 How to Obfuscate Programs Directly

Speaker:  Joe Zimmerman

Abstract:  We propose a new way to obfuscate programs, using composite-order multilinear maps. Our construction operates directly on straight-line programs (arithmetic circuits), rather than converting them to matrix branching programs as in other known approaches. This yields considerable efficiency improvements. For an NC1 circuit of size $s$ and depth $d$, we require only $O(d^2 s^2)$ multilinear map operations to evaluate the obfuscated circuit&emdash;as compared with other known approaches, for which the number of operations is exponential in $d$. We prove virtual black-box (VBB) security in a generic model of multilinear maps of hidden composite order, extending previous models for the prime-order setting.

Our scheme works either with "noisy" multilinear maps, which can only evaluate expressions of degree $lambda^c$ for pre-specified constant $c$; or with "clean" multilinear maps, which can evaluate arbitrary expressions. With "noisy" maps, our new obfuscator applies only to NC1 circuits, requiring the additional assumption of FHE in order to bootstrap to P/poly (as in other obfuscation constructions). From "clean" multilinear maps, on the other hand (whose existence is still open), we present the first approach that would achieve obfuscation for P/poly directly, without FHE. We also introduce the concept of succinct obfuscation, in which the obfuscation overhead size depends only on the length of the input and of the secret part of the circuit. Using our new techniques, along with the assumption that factoring is hard on average, we show that "clean" multilinear maps imply succinct obfuscation for P/poly. For the first time, the only remaining obstacle to implementable obfuscation in practice is the noise growth in known, "noisy" multilinear maps. Our results demonstrate that the question of "clean" multilinear maps is not a technicality, but a central open problem.

November 5, 2014 Inside Stanford's Information Security Program

Speaker:  Michael Duff (Stanford ISO)

Abstract:  The University's Chief Information Security Officer, Michael Duff, discusses recent information security developments at Stanford and our strategy for the year ahead, peppered with entertaining stories of actual incidents. Gain insight into the security challenges that arise in large scale organizations and how they are managed. Hear why information security is one of the best fields to specialize in now and for the foreseeable future.

November 12, 2014 How to lose your data and alienate your Droid: Insights on Android Security

Speaker:  Giovanni Russello (University of Auckland)

Abstract:  Smartphones are the most successful consumer devices reaching 1 billion of units sold to end users in 2013. In this very competitive market, smartphones equipped with the Android OS represent 85% of the world-wide market.

But what about Android security? Android has smashed another record: it has become the top target for malicious code overtaking Windows OS. Android standard security mechanism is too vulnerable to provide a concrete solution to the current surge of malware. Add to this a very 'relaxed' mode in releasing updates to end-user devices and you got the Perfect Security Storm!

In this presentation, I will talk about Android, its security model and why it is so vulnerable. Then I will discuss current security threats, providing some examples of malware. Finally, I will talk about the security solutions available today (including the one we have developed at the University of Auckland) and some open questions for future research directions.

November 19, 2014 Fast Record/Replay with Modern Hardware

Speaker:  Ali Mashtizadeh

November 26, 2014 Thanksgiving Break

December 3, 2014 Privately Evaluating Decision Trees and Random Forests

Speaker:  David Wu

Abstract:  Decision trees and random forests are common classifiers with widespread use. In this work, we describe two protocols for securely evaluating decision trees and random forests with different levels of security. We operate in the standard two-party setting where a server holds a model (either a decision tree or a random forest), and the client holds an input. At the conclusion of the protocol, the client learns only the model's output on its input and a few generic parameters concerning the model; the server learns nothing. The first protocol we develop is secure against semi-honest adversaries while the second achieves a stronger notion of one-sided security against malicious adversaries. In comparison to previous semi-honest protocols for private decision tree evaluation, we demonstrate a tenfold improvement in both computation and bandwidth.

Joint work with:  Tony Feng, Michael Naehrig, and Kristin Lauter

December 10, 2014 More Fun with Android WebView

Speaker:  Patrick Mutchler

Abstract:  Many mobile applications embed a fully functional browser as a view element called a WebView. This allows for simplified app design and powerful interaction between app code and web code. However, existing web security principles don't address the new ways that these apps can expose themselves to attack. I've been analyzing the Google Play app marketplace for problems with WebView applications for more than a year now and have found hundreds of thousands of apps that are vulnerable to attack. In this talk I'll be going over a scattershot of new ideas I've been working on recently related to both old and new WebView vulnerabilities.