*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Summary Sentence: Muhammad Naveed of Univ. Illinois Urbana-Champaign visits Georgia Tech as a guest lecturer.
Full Summary: Muhammad Naveed -- a Ph.D. candidate in cryptography at University of Illinois, Urbana Champaign -- presents "Making the World a Better Place with Cryptography."
Muhammad NaveedUniversity of Illinois Urbana-Champaign
Muhammad Naveed is a Ph.D. candidate at UIUC working on applied cryptography and systems security. In applied cryptography, he develops practical-yet-provably-secure cryptographic systems for real applications. In systems security, he explores the fundamental security flaws in popular systems and builds defense systems. His work has had a significant impact on Android security and has helped companies such as Google, Samsung, Facebook, and Amazon secure their products and services, improving security for millions of Android users. He is the recipient of a Google Ph.D. Fellowship in Security, the Sohaib and Sara Abbasi Fellowship, the CS@Illinois C.W. Gear Outstanding Graduate Student Award, and the best paper award at the NYU CSAW Security Research Competition. He was also a finalist in the NYU School of Engineering's "Cyber Security Awareness Week" Cybersecurity Policy Competition.
Abstract: The U.S. Department of Health and Human Services reports that health records of 86% of the U.S. population have been hacked. The Ashley Madison breach revealed the private information of 37 million individuals and led to suicides and shattered families. The Apple iCloud breach led to the public release of nude photos of celebrities. Data breaches like these abound.
In this talk, I will describe my work on understanding the security of existing data breach prevention systems. To thwart data breaches, property-preserving encryption has been adopted in many encrypted database systems such as CryptDB, Microsoft Cipherbase, Google Encrypted BigQuery, SAP SEEED, and the soon-to-be-shipped Microsoft SQL Always Encrypted system. To simultaneously attain practicality and functionality, property-preserving encryption schemes permit the leakage of certain information such as the relative order of encrypted messages. My work is among the first to study the practical implications of permitting such leakage, and to demonstrate in real-world contexts that property-preserving encryption often does not offer strong enough security. I will describe an application-driven approach to developing practical cryptography to secure sensitive data: collaborating with application domain experts to formulate the requirements, investigating whether a practical solution meeting the requirements is possible, and if not, exploring the reasons behind it to relax requirements so as to find a useful solution for the application. I will describe how I developed a cryptographic model called Controlled Functional Encryption (CFE), and how it can support personalized medicine.
