Stanford Security Lunch
Spring 2022

Get announcements:

March 30, 2022 Social lunch

No Speaker:  This week we'll gather and talk with each other over lunch.

April 06, 2022 Computer Forum Security Workshop

April 13, 2022 SnarkPack: Practical SNARK Aggregation

Speaker:  Anca Nitulescu (Protocol Labs)

Abstract:  Zero-knowledge SNARKs (zk-SNARKs) are non-interactive proof systems with short and efficiently verifiable proofs that do not reveal anything more than the correctness of the statement. zk-SNARKs are widely used in decentralised systems to address privacy and scalability concerns.
A major drawback of such proof systems in practice is the requirement to run a trusted setup for the public parameters. Moreover, these parameters set an upper bound to the size of the computations or statement to be proven, which results in new scalability problems.
We design and implement SnarkPack, a new argument that further reduces the size of SNARK proofs by means of aggregation. Our goal is to provide an off-the-shelf solution that is practical in the following sense: (1) it is compatible with existing deployed SNARK systems, (2) it does not require any extra trusted setup.
SnarkPack is designed to work with Groth16 scheme and has logarithmic size proofs and a verifier that runs in logarithmic time in the number of proofs to be aggregated. Most importantly, SnarkPack reuses the public parameters from Groth16 system.
SnarkPack can aggregate 8192 proofs in 8.7s and verify them in 163ms, yielding a verification mechanism that is exponentially faster than batching and previous solutions in the field. SnarkPack can be deployed in blockchain applications that rely on many SNARK proofs such as Proof-of-Space or roll-up solutions.

April 20, 2022 Modular Information Flow through Ownership

Speaker:  Will Crichton

Abstract:  Statically analyzing information flow, or how data influences other data within a program, is a challenging task in imperative languages. Analyzing pointers and mutations requires access to a program's complete source. However, programs often use pre-compiled dependencies where only type signatures are available. We demonstrate that ownership types can be used to soundly and precisely analyze information flow through function calls given only their type signature. From this insight, we built Flowistry, a system for analyzing information flow in Rust, an ownership-based language. In this talk, I will describe how Flowistry works, how we prove its soundness, and how we show that the ownership-based modular approximation does not lose much precision versus a whole-program analysis.

Preprint:  arXiv

April 27, 2022 swebRequest: Extensible Service Workers For Web Security

Speaker:  Dolière Francis Somé (CISPA/Stanford)

Abstract:  Service Workers (SWs) are the core of progressive web applications (PWAs). By making use of advanced features such as the interception of HTTP requests, a cache storage for writing and reading HTTP responses, push notifications or background syncing, SWs improve web apps in terms of performance, engagement with their users, or the offline experience they can provide to them. Contrary to and complementing prior work that has considered issues related to SWs, this work systematically explores opportunities of using SWs in order to add security and privacy features to web apps. Building on their central position in browsers, we have used SWs to ensure the confidentiality and integrity of cached content, deploy origin-wide security policies such as CSP, refresh nonces in cached CSP policies, anonymize third party requests, etc. In order to implement those features, we introduce swebRequest, a fine-grained and stage-based API (inspired by the webRequest API of browser extensions) that alleviates the complexity of SWs events, in particular the fetch event, and makes it possible to define precise routing and manipulation strategies on HTTP requests and responses, e.g. their headers and bodies. If swebRequest can be used as a standalone library for programming secure SWs, it can also be integrated into existing SWs, bringing security and privacy features to the web apps they manage.

May 04, 2022 Privacy for Ad Tech

Speaker:  Erik Taubeneck (Meta)

Abstract:  The browsers you use to surf the internet and the mobileOSs that power all the apps on your phone - collectively, the web platform - are undergoing major technical shifts to enable greater user privacy protections by default. The most notable of these changes are the deprecation of 3rd party cookies and mobile device identifiers. This talk will explore how these technologies previously underpinned much of the digital advertising ecosystem and survey many of the proposals for new purpose constrained APIs for the web platform, which utilize combinations of cryptography, differential privacy, and trusted execution environments.

May 11, 2022 Happenstance: Utilizing Semantic Search to Track Russian State Media Narratives about the Russo-Ukrainian War On Reddit

Speaker:  Hans Hanley

Abstract:  In the buildup and in the weeks following the Russian Federation's invasion of Ukraine, Russian disinformation outlets output torrents of misleading and outright false information. In this work, we study this coordinated information campaign to understand the most prominent disinformation narratives being touted by the Russian government to English-speaking audiences. To do this we first perform topic analysis using the large-language model MPNet on articles published by nine different Russian disinformation websites and the new Russian "fact-checking" website We show that smaller websites like strategic-culture and were highly effective in getting narratives originated on their websites repeated throughout the Russian information ecosystem. After analyzing the set of Russian information narratives, we seek to understand their correspondence with narratives and topics of discussion on the r/Russia subreddit. Using MPNet, we map the set of r/Russia subreddit comments posted during 2022 to the set of topics extracted from our set of disinformation websites, finding that 39.6% of r/Russia comments corresponded to narratives from Russian disinformation websites, compared to 8.86% on r/poltiics.

May 18, 2022 Securing the Open Source Software Ecosystem

Speaker:  Brian Behlendorf (General Manager, Open Source Security Foundation)

Abstract:  The core software development processes behind open source software evolved in an era of high trust on the Internet, where wire protocols were unencrypted, the number of major contributors and leaders was smaller than the Dunbar number, and applications generally depended upon a small number of shared libraries from reputable sources. These days, a modern software stack like Kubernetes may pull in thousands of dependencies of all sizes, many of them less than a hundred lines of code with a single author. In this environment, there is a much wider variety of software quality within even a popular stack, leading to both a higher rate of small errors (like Log4j) and social/personality-driven sabotage (colors.js, node.ipc) that can lead to critical-infrastructure-threatening weaknesses. What can open source software developers, particularly maintainers, do to enhance the trustworthiness of their code? And what can consumers of that software do to make smarter choices, mitigate known and unknown security threats in their use of the code? Come to this talk to find out how the dozens of corporate sponsor and hundreds of community members at the OpenSSF (a part of the non-profit Linux Foundation) are working together across a range of different approaches to answer these questions, and to restore public confidence in the trustworthiness of open source code.

May 25, 2022 IEEE S&P (Oakland)

June 01, 2022 Trackers Bounce Back: Measuring Evasion of Partitioned Storage in the Wild

Speaker:  Audrey Randall (UCSD)

Abstract:  This work presents a systematic study of navigational tracking, the latest development in the cat-and-mouse game between browsers and online trackers. Navigational tracking allows trackers to aggregate users’ activities and behaviors across sites by modifying their navigation requests. This technique circumvents the increasing efforts by browsers to partition or block third-party storage, which was previously necessary for most cross-website tracking. While previous work has studied specific navigational tracking methods (i.e. “bounce tracking”), our work is the first effort to systematically study and measure the entire category of navigational tracking techniques. We describe and measure the frequency of two different navigational tracking techniques on the Web, and find that navigational tracking is present on slightly more than ten percent of all navigations that we made. Our contributions include identifying 214 domains belonging to at least 104 organizations tracking users across sites through link decoration techniques. We identify a further 23 domains belonging to at least 16 organizations tracking users through bounce tracking (i.e. bouncing users through unrelated third parties to generate user profiles). We also improve on prior techniques for differentiating user identifiers from non-sensitive information, which is necessary to detect one class of navigational tracking. We discuss how our findings can be used to protect users from navigational tracking, and commit to releasing both our complete dataset and our measurement pipeline.