End-to-end encrypted messaging applications ensure that an attacker cannot read a user's
message history without their decryption keys. While this provides strong privacy, it creates a …

Many systems today distribute trust across multiple parties such that the system provides
certain security properties if a subset of the parties are honest. In the past few years, we …

Clouds have replaced local backup systems due to their stronger reliability and availability
guarantees compared to local machines, which are prone to hardware/software failure or …

End-to-end authenticity in public networks plays a significant role. Namely, without
authenticity, the adversary might be able to retrieve even confidential information straight …

The advent of end-to-end encrypted (E2EE) messaging and backup services has brought
new challenges for usable authentication. Compared to regular web services, the nature of …

Credential compromise is hard to detect and hard to mitigate. To address this problem, we
present larch, an accountable authentication framework with strong security and privacy …

Custodial secret management services provide a convenient centralized user experience,
portability, and emergency recovery for users who cannot reliably remember or store their …

Passwords are difficult to remember, easy to guess and prone to hacking. While there have
been several attempts to solve the aforementioned problems commonly associated with …

The cloud has become pervasive, and we ask: how can we protect cloud data against the
cloud itself? For secure user-to-user communication via a cloud server, End-to-End …

Hardware security modules (HSMs) have been utilized as a trustworthy foundation for cloud
services. Unfortunately, existing systems using HSMs fail to meet multi-tenant scalability …