Abstract

The big data era has dramatically transformed our lives; however, security incidents such as data breaches put sensitive data (e.g., photos, identities, genomes) at risk. To protect users’ data privacy, there is a growing trend to build secure cloud computing systems, which enables computation over two or more parties’ sensitive data, while revealing nothing more than the results to the participating parties. Conceptually, privacy-preserving computing systems leverage cryptographic techniques (e.g., secure multiparty computation) and trusted hardware (e.g. secure processors) to instantiate a “secure” abstract machine consisting of a CPU and encrypted memory, so that an adversary cannot learn information through either the computation within the CPU or the data in the memory. Unfortunately, evidence has shown that, side channels (e.g., memory accesses, timing, and termination) in such a “secure” abstract machine may potentially leak highly sensitive information including cryptographic keys that form the root of trust for the secure systems.
 
I conduct synergistic research to bridge cryptography and programming language techniques to address this problem. My research broadly expanded the investigation of a research direction called trace oblivious computation, where I employ programming language techniques to prevent side channel information leakage. In this talk, I will discuss my work on two promising approaches, i.e. secure-processor and secure multiparty computation, toward building a secure cloud computing system. I will focus on both theoretical development to enforce formal security, as well as practical system building to yield the state-of-the-art results.

Biography

Chang Liu is a PhD candidate in the Department of Computer Science at University of Maryland, College Park, where he works in the Maryland Cybersecurity Lab with his advisors Michael Hicks and Elaine Shi. His work broadly expanded the investigation of the research direction of trace oblivious computation, which made significant impact on trusted hardware-based secure computation and cryptography-based secure multiparty computation. He is the recipient of John Vlissides Award (2015) and University of Maryland's Outstanding Early Graduate Student Award (2014). His papers has received a NSA Best Scientific Cybersecurity Paper Award (2013), the Best Paper Award of ASPLOS (2015), and 1st Best Paper Award in Applied Cyber Security Paper at CSAW (1st Place, 2015). His ObliVM system won the HLI Award for Secure Multiparty Computation in the iDash Secure Genomics Analysis Competition (2015).