Many networking protocols have been designed without security in mind, and many cryptographic schemes have been designed without practical deployments in mind. Moreover, most of security-enhanced communication protocols still lack the provable-security treatment and hence the security guarantees. This project aims at bridging the gap between protocol design, implementation, deployment, and security guarantees by developing a novel general security framework that facilitates the provable-security analyses of practical networking protocols. The project has an interdisciplinary approach as it combines concepts from applied cryptography and algorithms with implementation and empirical analyses to provide a unifying framework for studying and developing secure communication protocols. This joint design effort yields both new cryptographic foundations and fundamentally secure networking protocols.
Conferences
|
Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach.
Samuel Jero,
Endadul Hoque,
David Choffnes,
Alan Mislove,
Cristina Nita-Rotaru.
NDSS 2018, Feb. 2018. CISCO Network Security Distinguished Paper
Award.
[ SRC ]
[PDF]
|
|
Taking a Long Look at QUIC: An Approach for Rigorous
Evaluation of Rapidly Evolving Transport Protocols.
Arash Molavi Kakhki,
Samuel Jero,
David Choffnes,
Alan Mislove,
Cristina Nita-Rotaru.
IMC 2017, Nov. 2017. Awarded
IETF/IRTF
Applied
Networking
Research Prize
2018.
[PDF]
|
|
Analyzing Operational Behavior of Stateful Protocol
Implementations for Detecting Semantic Bugs.
Endadul Hoque, Omar Chowdhury, Sze Yiu Chau, Cristina
Nita-Rotaru, Ninghui Li. DSN 2017, June 2017.
[PDF]
|
|
SymCerts: Practical Symbolic Execution For Exposing
Noncompliance in X.509 Certificate Validation Implementations.
Sze Yiu Chau, Omar Chowdhury, Endadul Hoque, Huangyi Ge, Aniket Kate,
Cristina Nita-Rotaru, Ninghui Li. IEEE Security and Privacy, May 2017.
[PDF]
|
How Secure and Quick is QUIC? Provable Security and Performance Analyses.
Robert Lychev, Samuel Jero, Alexandra Boldyreva, and Cristina Nita-Rotaru. 36th IEEE Symposium on Security and Privacy (Oakland), May 2015. [PDF] [BIBTEX] [VIDEO]
Awarded the 2016 IETF/IRTF Applied Networking Research Prize
|
|
Detecting Specification Noncompliance in Network Protocol Implementations.
E. Hoque, O. Chowdhury, S. Y. Chau, C. Nita-Rotaru, and N. Li.
Poster in USENIX Annual Technical Conference (ATC'16). USENIX Association, 2016.
|
|
QUIC: Performance and Security at the Transport Layer.
S. Jero. IETF Journal, Nov. 2016. [WWW]
|
Journals
|
Toward a Taxonomy and Attacker Model for Secure Routing Protocols.
M. Hollick, C. Nita-Rotaru, P. Papadimitratos, A. Perrig, Stefan Schmid.
In ACM SIGCOMM Computer Communication Review, Volume 47 Issue 1, January 2017.
[PDF]
|
Presentations
- On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru,
Boston University, March 2016.
- On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru,
MIT, Oct. 2015.
- On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru,
Columbia University, Oct. 2015.
- On the trade-offs between Provable Security and Guaranteed Performance in Adversarial Networks. C. Nita-Rotaru,
ETH Zurich, July 2015.
Current Members
- Matthew Jagielski, Northeastern University
- Samuel Jero, Purdue University
- Arash Molavi Kakhki, PhD Northeastern University 2017.
Previous collaborators and members
- Endadul Hoque, PhD Purdue University 2015, Florida University
- Robert Lychev, PhD Georgia Institute of Technology 2015, MIT Lincoln Labs.
This project is funded by NSF SaTC grant 1421815-CNS.
Principal Investigator: Cristina Nita-Rotaru (Purdue University)
This is a collaboration with PI Alexandra Boldyreva, Georgia Institute of Technology.