Stanford Security Lunch
Fall 2013

Get announcements:

September 25 Proofpoint

Speaker: David Hagar (Proofpoint)

Summary: David is a distinguished engineering staff member at Proofpoint who works with many practical security issues. In his talk, he'll discuss:

October 2 Security at Stanford

Speaker: Michael Duff, Stanford's Associate Chief Information Security Officer

Summary: Come by to hear about the latest information security developments at Stanford and the strategy for the year ahead, while getting an insider's view of managing these efforts at a large organization.

October 9 Organizational meeting

Organizational meeting: Sign up to give a talk!

October 16 Legion

Speaker: Elliott Slaughter

Summary: This talk will discuss Legion: a parallel programming model, language, and compiler for heterogeneous machines with complex memory hierarchies.

October 23 Hacking Blind

Speaker: Andrea Bittau

Abstract: Writing exploits requires a copy of the target binary. We show that under certain circumstances it is possible to exploit a server application without any information on its executable. This makes it possible to hack closed-binary proprietary services, or even open-source software installed from source (e.g., Gentoo boxes). Our "Blind Return Oriented Programming" (BROP) attack requires a server with a stack vulnerability that respawns after a crash. Based on whether a server process crashes or not, the attack leaks information (ROP gadgets) about the binary until enough gadgets are found to call write() and send the binary over the network. We ran the attack against three servers: a closed-binary toy service (written by a collaborator) for which we had no information, and known vulnerabilities both in nginx and and an SSL library used in MySQL. Our fully automated tool "Braille" took under 4,500 requests (few minutes) to yield a remote shell in all three cases, and worked against 64-bit Linux with NX and full ASLR.

October 30 The Ori Filesystem

Speaker: Ali Mashtizadeh

Abstract: Ori is a file system that manages user data in a modern setting where users have multiple devices and wish to access files everywhere, synchronize data, recover from disk failure, access old versions, and share data. The key to satisfying these needs is keeping and replicating file system history across devices, which is now practical as storage space has outpaced both wide-area network (WAN) bandwidth and the size of managed data. Replication provides access to files from multiple devices. History provides synchronization and offline access. Replication and history together subsume backup by providing snapshots and avoiding any single point of failure. In fact, Ori is fully peer-to-peer, offering opportunistic synchronization between user devices in close proximity and ensuring that the file system is usable so long as a single replica remains. Cross-file system data sharing with history is provided by a new mechanism called grafting. An evaluation shows that as a local file system, Ori has low overhead compared to a File system in User Space (FUSE) loopback driver; as a network file system, Ori over a WAN outperforms NFS over a LAN.

November 6 Applications of Indistinguishability Obfuscation

Speaker: Mark Zhandry

Abstract: In a flurry of recent works, a form of program obfuscation called indistinguishability obfuscation (iO) has proven to be an incredibly useful cryptographic tool. In this talk, I will cover our recent work that uses iO to build multiparty key exchange, broadcast encryption, and traitor tracing. Our schemes have several novel features; for example, our key exchange and broadcast schemes can be instantiated with user’s existing RSA keys.

Joint work with: Dan Boneh

November 13 Active Ain't Bad

Speaker: Vimal Kumar

Abstract: We continue to build large and complex networks of tens of thousands of switches and hundreds of thousands of ports, but the tools we have to program, debug, and control our networks are still primitive. In the last decade, we have made incredible progress in designing interfaces for programming network elements, but I will present a class of tasks for which the current interfaces still fall short, and present a very simple interface to around today's limitations. Unsurprisingly, a broader version of this idea (so-called "Active Networks") was proposed in the early late 1990s and later abandoned. We think it is time to revisit it -- but try to do it right this time.

Joint work with: Mohammad Alizadeh (Insieme Networks), Changhoon Kim (Windows Azure), and a rockstar (Stanford University).

November 20 Secure Computations

Speaker: Valeria Nikolaenko

Abstract: In this talk I will give an overview of the field of Multiparty Computation. I will discuss the history of the field and the state of the art, I will talk about various possible applications and applications that were successfully deployed. I will give an overview of existing frameworks and highlight currently active research projects. I will conclude with an overview of the system we designed and implemented for recommender system.

December 4 Browbound

Speaker: Deian Stefan

Abstract: Modern web applications comprise a conglomeration of JavaScript from multiple authors: third-party libraries included by a site's developer, site-specific scripts by the site developer herself, and third-party extensions installed in the browser by the user. Recent years have seen the continual discovery of practical attacks on web users' privacy---from the leaking of sensitive data within pages by malicious third-party library code, to similar leaks by malicious browser extensions, to more subtle leaks, such as those via image resources. Fundamentally, these privacy violations occur because today's web browsers lack sufficient mechanisms for confining untrusted code. We present Browbound, a simple but powerful approach to robust confinement of JavaScript in modern web browsers. Browbound prevents malicious third-party libraries from violating users' privacy. It provides safety to Mashup web applications that previously posed an inherent risk to user data confidentiality. Browbound's flexible confinement mechanisms furthermore obviate much of the need for privilege in browser extensions, permitting many of today's extensions to be realized instead as untrusted web pages. Browbound has been implemented in both Firefox and Chromium; measurements of both browsers demonstrate a virtually imperceptible increase in page-load latency.