Project Description

1The goal of this NSF Frontier project is to develop methods for building information systems with meaningful multi-layered security guarantees. Arguably, reasoning about all the security aspects of systems “in one blow” is not feasible. The approach we take is thus modular: We aim at systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where security of the system as a whole can be derived from the security of its components.

We concentrate on building outsourced, cloud-based information services with client-centric security guarantees. Cloud computing is re-defining the structure, layering and compartmentalization of systems, networking and application software. Security-wise, this is both a challenge and an opportunity: On the one hand, previously trusted system functionalities are now performed by untrusted components, introducing a host of vulnerabilities. On the other hand, cloud computing provides opportunities to simplify, modularize and extend system components, thus enhancing the potential for more effective security analysis.

We address a diverse set of security challenges. These include the design of hardware with built-in secrecy and integrity properties; small and versatile operating systems that offer minimal functionality but are simpler and easier to analyze; privacy-preserving and verifiable memory access for outsourced applications; security-preserving overlay and software-defined networks; and algorithms for privacy-preserving verifiable outsourced computations and database systems. Crucially, we combine all of these security mechanisms with their piecemeal analyses into a global security guarantee. Furthermore, the analysis is modular, allowing the substitution of components with others that provide potentially comparable guarantees based on different techniques and trust assumptions.

4The research team comprises of experts in different aspects of information security and cryptography. The research is highly collaborative and pools together key areas of expertise in order to provide overall security guarantees. A key component of the project is the Massachusetts Open Cloud, which provides the research team with a test-bed for deploying and testing the developed mechanisms in a production cloud.

The project involves a significant outreach component with a number of goals. One goal is to introduce technology professionals to cybersecurity and its central role for our society and economy. Another goal is to introduce K-12 students to cybersecurity, and to computer science in general. Here we target students from under-represented minorities and students with exceptional academic potential. The program involves developing new curricula and reaching out to target groups.

Sample projects

Attacking the Network Time Protocol

We investigated the fundamental security of the Network Time Protocol (NTP). NTP is one of the Internet’s oldest protocols, designed to synchronize time between computer systems communicating over unreliable variable-latency network paths. NTP has recently received some attention from security researchers because of its potential to act as an amplifier for distributed denial of service (DoS) attacks. However, the community still lacks visibility into the robustness of the NTP ecosystem itself, as well as the integrity of the timing information transmitted by NTP.  These issues are particularly important because time serves as a fundamental building block from most computing, networking, and cloud applications, and is heavily utilized by most cryptographic protocols through timestamps and validity intervals.   For example, by shifting time on a victim system, an attacker can cause the victim to accept an outdated TLS certificates, to flush its DNS caches, to go out-of-synch with an authentication server and thus be denied access to critical cloud computing applications, or to accept stale cryptographic information.

We worked on a new Internet-wide measurement study of the NTP ecosystem using data already collected by the openNTPproject, as well new data they collected via internet-wide scans.   These measurements exposed the topology of NTP’s hierarchical ecosystem of servers and exposed vulnerabilities to single points of failure and on-path attackers.

Beyond this measurement study, we audited the security of the NTP protocol itself. We explored the risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems. We considered both on-path attackers, that hijacks traffic to an NTP server, as well as off-path attackers, that are located anywhere on the Internet and do not observe network traffic between clients and their servers.


Oblivious RAM (ORAM) is a cryptographic primitive that hides memory access patterns as seen by untrusted storage. We have developed Ring ORAM, the most bandwidth-efficient ORAM scheme for the small client storage setting in both theory and practice. Ring ORAM is the first tree-based ORAM whose bandwidth is independent of the ORAM bucket size, a property that unlocks multiple performance improvements. First, Ring ORAM’s overall bandwidth is 2.3× to 4× better than Path ORAM, the prior-art scheme for small client storage. Second, if memory can perform simple untrusted computation, Ring ORAM achieves constant online bandwidth (~60× improvement over Path ORAM for practical parameters). As a case study, we show Ring ORAM speeds up program completion time in a secure processor by 1.5× relative to Path ORAM. On the theory side, Ring ORAM features a tighter and significantly simpler analysis than Path ORAM.