Thomas Ristenpart

Assistant Professor
Department of Computer Sciences
University of Wisconsin - Madison

Office: 7387 Computer Sciences
Address: 1210 West Dayton Street, Madison, WI 53715
Email: rist at cs dot wisc dot edu
Office phone: 608-262-7971
Publications
Students
Teaching
Brief bio
CV


My research is in computer security, with recent topics including cloud computing security, applied and theoretical cryptography, and privacy.

I do a lot of work with other members of WISDoM, the Wisconsin Institute on Software-defined Datacenters in Madison. I'm also a co-PI for the NSF-funded Frontier Project Silver focused on security in cloud computing.

I'm a signatory on a letter calling for surveillance reforms by US academics in computer security and cryptography.

I'm looking for students, both undergraduate and graduate, to work with me on cutting-edge security research. If you are interested, let me know.

Some examples of my work are below, or click here for my publications.

Honey encryption and decoys
Papers: Eurocrypt 2014
Media Coverage: MIT Technology Review - Slashdot - Reddit - Business Week - Boston Globe - Threatpost - Daily Mail - Info Security Magazine - Gizmodo
Description: We introduce honey encryption, a form of password-based encryption in which decrypting with incorrect passwords yields fake, but realistic-looking, plaintexts.

Format-transforming encryption and censorship avoidance
Papers: CCS 2013
Practical impact: We introduce format-transforming encryption (FTE), and build particular encryption schemes whose ciphertexts are guaranteed to match against a regular expression of one's choosing. This proves useful in a variety of settings: we show in particular how it can be used to force protocol misclassification by the kinds of deep-packet inspection (DPI) systems used to detect and block censorship circumvention tools such as Tor. Check out the FTE webpage for source code and more details.

My collaborators at Portland State University received a "New Digital Age" grant for our work on FTE. These awards are funded by a generous donation by Google Executive Chairman Eric Schmidt. News articles: ZDnet - Bloomberg

Encryption for deduplicated cloud storage
Papers: Eurocrypt 2013, USENIX Security 2013
Practical impact: We introduce new encryption mechanisms for which ciphertexts can be usefully deduplicated by a storage service (without the keys). A prototype of our system, DupLESS, that can be used by organizations to perform encryption on client side but take advantage of cloud storage that is deduplicated, can be downloaded here.

Security of embedded devices
Papers: WOOT 2012, USENIX Security 2013
Practical impact: We discovered (and helped fix) security vulnerabilities in a widely used smartphone-based point-of-sale system (used to process credit card transactions). See the vulnerability report here. In subsequent work, we built a tool Fie for analyzing embedded firmware to find such vulnerabilities and even verify their absence in some cases.

New security threats in cloud computing
Papers: CCS 2009, CCS 2012(a), CCS 2012(b)
Media coverage (2009): MIT Technology Review - MIT Technology Review (2) - MIT Technology Review (3) - The New York Times - Network World - Network World (2) - Computer World - Data Center Knowledge - IT Business Edge - Cloudsecurity.org - Infoworld
Media coverage (2012): InformationWeek - MIT Technology Review - Arstechnica - Slashdot - Threatpost - Dark Reading - Hacker News
Practical impact: Our work is helping inform industry best practices. For example, we are referenced in the Cloud Security Alliance's cloud security guide and the European Network and Information Security Agency's report on cloud security. The CCS 2009 paper on new threats in public compute clouds is fortunate to be the second most-cited security paper of those published between 2008 and 2013.

Security of Critical Cryptographic Standards
Papers: Asiacrypt 2011, Crypto 2012(a), Crypto 2012(b)
Practical impact: We uncovered a new attack against the TLS record layer, uncovered weak key pairs in HMAC, and provided the first formal security analysis for PKCS#5 (password-based cryptography).

Privacy-preserving device tracking for helping locate lost or stolen mobile devices
Paper: USENIX Security 2008
Media coverage: Slashdot - PC World - The New York Times - The New York Times (2) - CNET News - Linux.com - Linux Magazine - Reader's Digest - ABC News - MIT Technology Review - more...
Practical impact: Check out Adeona's web page for the open source software.

New approaches for building the next generation of secure cryptographic hash functions
Papers: Asiacrypt 2006, ICALP 2007, Asiacrypt 2007, Eurocrypt 2009, Eurocrypt 2011
Practical impact: Our design and analysis techniques are being used by contenders (such as Skein) for NIST's new cryptographic hash function standard SHA-3.



Professional activities: