Secure Multiparty Computation

As mobile applications and cloud computing become more commonplace, the use of third-party application servers and outsourced computation has allowed for a wide variety of convenient applications and functionality for end users. However, many of these applications (e.g., location-based services, social networking applications, and mobile banking apps) require that users trust application servers or cloud-hosted databases to store and process private information. To preserve privacy in an untrusted environment, cryptographic protocols for secure multiparty computation (SMC) allow multiple untrusting parties to perform joint computation over private data while it remains in an encrypted format. To help move these protocols into everyday use, my work focuses on developing SMC protocols that are optimized for use on resource-constrained devices for the most common and practical application scenarios.

Recent publications:

  • H. Carter and P. Traynor, Outsourcing Computation for Private Function Evaluation, International Journal of Information and Computer Security (IJICS), to appear 2018.
  • B. Mood, D. Gupta, H. Carter, K. Butler, P. Traynor, Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation, Proceedings of the IEEE European Symposium on Security and Privacy (Euro S&P), March 2016.
  • H. Carter, B. Mood, P. Traynor, K. Butler, Outsourcing Secure Two-Party Computation as a Black Box, Journal of Security and Communication Networks (SCN), 9(14):2261-2275, 2016.
  • H. Carter, B. Mood, P. Traynor, K. Butler, Secure Outsourced Garbled Circuit Evaluation for Mobile Devices, Journal of Computer Security (JCS), 24(2):137-180, 2016.

Network Privacy

For an adversarial observer, the metadata and signaling information exchanged in many network protocols offers insight into the communication patterns and habits of individuals (such as DNS lookups or telephone call history). Monitoring or attacking these exchanges presents a serious breach of privacy, and could even be used to harass individuals or stifle the free exchange of information. In this work, I focus on quantifying the types of information leaked through network protocols and seek to develop techniques for preserving individual privacy when communicating over open networks.

Recent publications:

  • N. Scaife, P. Traynor, H. Carter, L. Lidsky, R. Jones, OnionDNS: A Seizure-Resistant Top-Level Domain, International Journal of Information Security (IJIS), to appear 2018.
  • S. Heuser, B. Reaves, P. Pendyala, H. Carter, A. Dmitrienko, W. Enck, N. Kiyavash, A. Sadeghi, P. Traynor, Phonion: Practical Protection of Metadata in Telephony Networks, Proceedings on Privacy Enhancing Technologies (PoPETs), July 2017.