Stanford Security Lunch
Fall 2015

Get announcements:

September 23, 2015 Organizational Meeting

Note:  We are having our organizational meeting for the fall quarter this week. Join us to sign up for a talk slot.

September 30, 2015 CCFI: Cryptographically Enforced Control Flow Integrity

Speaker:  Ali Mashtizadeh

Abstract:  Control Flow Integrity is a principled approach for defending against control hijacking attacks. Previous approaches have been limited by the complexity of static analysis, and are overly permissive. CCFI is the first use of the cryptographic hardware present in modern processors to implement a CFI system. A CCFI enabled compiler inserts code to generate MACs and verify a hash of critical pointers.

To appear at:  CCS 2015

October 7, 2015 Cancelled Due to SOSP

October 8, 2015 Provisions: Privacy-Preserving
Proofs of Solvency for Bitcoin Exchanges


Speaker:  Joe Bonneau

Abstract:  Bitcoin exchanges function like banks, securely holding customers' bitcoins on their behalf. Several exchanges have suffered catastrophic losses with customers permanently losing their savings. A proof of solvency demonstrates cryptographically that the exchange controls sufficient reserves to settle each customer's account. This talk will describe Provisions, a privacy-preserving proof of solvency whereby an exchange does not have to disclose its Bitcoin addresses; total holdings or liabilities; or any information about its customers. Provisions can be extended to prevent exchanges from colluding to cover for each other's losses, as well as to enable features such as proving a positive surplus or enabling fractional-reserve banking. Provisions offers practical computation times and proof sizes even for a large Bitcoin exchange with millions of customers.

Joint work with:  Gaby Dagher, Benedikt Bünz, Jeremy Clark and Dan Boneh

To appear at:  CCS 2015

October 14, 2015 Efficient RAM and Control Flow in Verifiable Outsourced Computation

Speaker:  Riad Wahby

Abstract:  Recent work on proof-based verifiable computation has resulted in built systems that employ tools from complexity theory and cryptography to address a basic problem in systems security: allowing a local computer to outsource the execution of a program while providing the local computer with a guarantee of integrity and the remote computer with a guarantee of privacy. However, support for programs that use RAM and control flow has been problematic. State of the art systems either restrict the use of these constructs (e.g., requiring static loop bounds), incur sizeable overhead on every step, or pay tremendous costs when the constructs are invoked.

This paper describes Buffet, a built system that solves these problems by providing inexpensive "a la carte" RAM and dynamic control flow. Buffet composes an elegant prior approach to RAM with a novel adaptation of techniques from the compilers literature. Buffet allows the programmer to express programs in an expansive subset of C (disallowing only "goto" and function pointers), can handle essentially any example in the verifiable computation literature, and achieves the best performance in the area by multiple orders of magnitude.

Slightly extended version is available as an ePrint,

Appeared at:  NDSS'15

Joint work with:  Srinath Setty, Max Howald, Zuocheng Ren, Andrew J. Blumberg, and Michael Walfish

October 21, 2015 TBA

Speaker:  Sergio Benitez

October 28, 2015 TBA

Speaker:  Sunjay Dhama (Stanford ISO)

November 4, 2015 TBA

Speaker:  Guest Speaker (TBA)

November 11, 2015 TBA

Speaker:  Patrick Mutchler

November 18, 2015 TBA

Speaker:  David Wu

November 25, 2015 No Meeting: Thanksgiving Break

December 2, 2015 TBA

Speaker:  Henry Corrigan-Gibbs

December 9, 2015 TBA

Speaker:  Yan Michalevsky