Projects

A partial list of past and current projects (references can be found in my publications ):

[PUF] I was part of the team that first introduced circuit realizations of Physical Unclonable Functions (PUFs) to allow a tamper-resistant way of establishing shared secrets with a physical device; this resulted in a commercialization by Verayo and Intrinsic-ID and led to the ACSAC 2002 outstanding student paper award. [CCS'02, ACSAC'02]

[Aegis] I have been working on processor architectures that offer strong security guarantees; most notably the design of Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory to protect against physical and software attacks. [ICS'03, MICRO'03, ASIACRYPT'03]

[FHE] I have co-authored the second Fully Homomorphic Encryption (FHE) scheme based on modular integer arithmetic and investigated some of FHE's limitations: Fully Homomorphic Encryption (FHE) has been coined the Holy Grail of cryptography since it allows an untrusted server to perform computation directly on an encrypted ciphertext without having access to the decryption key. As opposed to current secure hardware solutions (e.g., TPM+TXT, XOM or Aegis), FHE does not require the user to trust any component on the server side -- even the application program can be untrusted.  [EUROCRYPT'10, HotSec'10, CCSW'12]

[Path ORAM] Path ORAM is an exteremely simple Oblivious RAM protocol that prevents privacy leakage from memory access patterns with a small amount of client storage. Partly due to its simplicity, Path ORAM is the most practical ORAM scheme known to date. Path ORAM requires O (log 2 N/ log χ ) bandwidth overhead for block size B = χ log N . For block sizes bigger than ω (log 2 N ), Path ORAM is asymptotically better than the best known ORAM scheme with small client storage. [CCS'13, HPEC'13]

[Ascend] Motivated by large FHE overheads and FHE's limitations, we solve the problem of not having to place trust in programs by designing a tamper-resistant single-chip processor called Ascend, an Architecture for Secure Computation on ENcrypted Data, which uses periodic accesses to Path ORAM to guarantee that even a malicious program running on encrypted inputs does not leak privacy over the I/O pins. [STC'12, ISCA'13, CCSW'13]

[Iris] Iris is an authenticated file system that allows users to efficiently audit the cloud provider on a regular basis to obtain continuous guarantees about the correctness and availability of the entire file system; Iris is the first system to efficiently support “dynamic proofs of retrievability” and received the NYU-Poly AT&T Best Applied Security Paper Award, 3rd place, 2012. Iris is an example of how a user can remotely verify system properties.

Other examples are Remote Assessment of Fault Tolerance (RAFT), which is an efficient means by which clients can measure the redundancy with which their data is stored and  ensure proper configuration at the cloud storage provider, and Hourglass, which uses a resource bound  on the cloud provider (such as storage or computation) to prove that files on disk are encrypted. [CCS'11, CCS'12, ACSAC'12]

[FlipIt] How does one defend against an attacker who periodically compromises a system or critical resource completely, learns all its secret information and is not immediately detected? We model this by a two-player game between an attacker and defender called FlipIt or The Game of ``Stealthy Takeover''. In FlipIt, players compete to control a shared resource. Unlike most existing games, FlipIt allows players to move at any given time, taking control of the resource. The identity of the player controlling the resource, however, is not revealed until a player actually moves.  FlipIt provides a simple and elegant framework in which we can formally reason about the interaction between attackers and defenders in practical scenarios. Besides modeling of targeted attacks, FlipIt finds applications in cryptographic key rotation, password reset policies, refreshing virtual machines, and cloud auditing. [GameSec'12, JoC'13]


Prior to working in system security I was a research scientist at the digital signal processing group at Philips Research where I became the lead inventor of the error correcting codes used in Blu-ray disc (US patents 6,367,049 and 7,103,829). I co-authored the paper "Optical Disc System for Digital Video Recording'', Jpn. J. Appl. Phys. Vol.39, 2000, on Philips' contributions to Blu-ray disc technology, which got reprinted in the book Origins and Successors of the Compact Disc Contributions of Philips to Optical Storage ,  published as a result of the IEEE Milestone in Electrical Engineering and Computing dedicated to Philips for the development of the compact disc audio player.

My PhD (from Eindhoven University of Technology) is about secret sharing (I solved an open theoretical problem  by proving that the best possible information rate of a secret sharing scheme can be arbitrarily close to zero) and is about the secrecy capacity of broadcast channels with confidential messages ([IEEE-IT'97] has found recent interest in the research community). My advisor was Henk van Tilborg.

© Marten van Dijk 2013 (web site created using Sandvox)