Jump to content

Hovav Shacham

From Wikipedia, the free encyclopedia
Hovav Shacham
Alma materStanford University (PhD)
Scientific career
FieldsComputer Security
InstitutionsUniversity of Texas at Austin
Thesis New Paradigms in Signature Schemes  (2005)
Doctoral advisorDan Boneh

Hovav Shacham is a professor in computer security at the University of Texas at Austin. He has made many advances to both cryptography and computer security.

Biography

[edit]

Shacham his PhD from Stanford University under the supervision of Dan Boneh, where he wrote his dissertation on "New Paradigms in Signature Schemes". He currently has over 50 publications in the area of computer security and cryptography. In 2007 he participated in the California's 2007 "Top-to-Bottom" voting systems review.[1] He was the program chair of IEEE S&P 2019 and 2020, one of the leading computer security conferences.[2]

Research

[edit]

Shacham's research covers the areas of cryptography and security.

In cryptography, Shacham developed a scheme to digital signature scheme based on the Weil pairing with Dan Boneh and Ben Lynn.[3] The scheme was important because of the size of the signature: half of that of typical other signatures. For this reason this method, or those based on it, are now one of the leading signature schemes.

In security, Shacham is best known for developing Return Oriented Programming (ROP), a method to exploit a memory corruption vulnerability. In his 2007 ACM CCS paper, he showed that it was possible to perform Turing complete computation by re-using existing executable code in a program without needing to inject new code. ROP attacks are now the most common type of memory corruption exploit. Most operating systems now implement defenses to help prevent this attack,[4] and some microprocessors such as modern Intel CPUs include new hardware instructions that prevent this attack.[5]

Shacham performed a high-profile audit of the security systems in modern software-controlled cars in a paper published at IEEE S&P 2010, which in 2020 was recognized by IEEE with the test of time award. In this work, Shacham showed that many cars had little to no security and it was possible to "disable the brakes, selectively brake individual wheels on demand, or stop the engine".[6]

Shacham also researched the security of Backscatter X-ray full body scanners as used in many airports.[7] He found that it was possible to infect these scanners with malware, and that it was possible to hide weapons through the scanners.[8]

Awards

[edit]

Shacham received the ACM CCS 2017 and 2019 test of time award,[9] and the IEEE S&P 2020 Test-of-Time Award.[10]

References

[edit]
  1. ^ "Top-to-Bottom Review :: California Secretary of State". www.sos.ca.gov. Retrieved 2024-03-07.
  2. ^ "IEEE Symposium on Security and Privacy 2020". www.ieee-security.org. Retrieved 2024-03-07.
  3. ^ Boneh, Dan; Lynn, Ben; Shacham, Hovav (2001). "Short Signatures from the Weil Pairing". In Boyd, Colin (ed.). Advances in Cryptology — ASIACRYPT 2001. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer. pp. 514–532. doi:10.1007/3-540-45682-1_30. ISBN 978-3-540-45682-7.
  4. ^ "Understanding Hardware-enforced Stack Protection". TECHCOMMUNITY.MICROSOFT.COM. Retrieved 2024-03-07.
  5. ^ "A Technical Look at Intel's Control-flow Enforcement Technology". Intel. Retrieved 2024-03-07.
  6. ^ Leyden, John. "Boffins warn on car computer security risk". www.theregister.com. Retrieved 2024-03-07.
  7. ^ Diego, University of California-San. "Researchers find security flaws in backscatter X-ray scanners". phys.org. Retrieved 2024-03-07.
  8. ^ Greenberg, Andy. "Researchers Easily Slipped Weapons Past TSA's X-Ray Body Scanners". Wired. ISSN 1059-1028. Retrieved 2024-03-07.
  9. ^ "Dr. Hovav Shacham Awarded ACM CCS Test-of-Time Award 2019 | Department of Computer Science". www.cs.utexas.edu. Retrieved 2024-03-07.
  10. ^ "Computer Scientists Win Test of Time Award for Paper that Changed the Auto Industry".
[edit]