I am broadly interested in making the Internet work better. Currently, my interests span the areas of networking, security, and usability, with a focus on authentication and usable encryption. Past projects have included multicast routing and transport protocols, streaming video, peer-to-peer networking, and social networking.
TrustBase: TrustBase is an architecture that provides certificate-based authentication as an operating system service. TrustBase enforces best practices for certificate validation for all applications and transparently enables existing applications to be strengthened against failures of the CA system.
Usable Authentication Ceremonies: Most popular secure messaging applications are usable because they hide many of the details of how encryption is provided. However, the strength of the security properties of these applications rests on the authentication ceremony, in which users validate the encryption keys being used. Unfortunately, recent studies show that most users do not know how to successfully complete this ceremony and are thus vulnerable to potential attacks. We are studying methods to improve the usability of the authentication ceremony, so that it is easy for users to locate and complete the ceremony.
TLS Proxies: We have been measuring the prevalence of TLS proxies using a tool we deployed with a Google AdWords campaign. We have also conducted surveys to understand user attitudes and preferences toward the inspection of encrypted traffic.
Past research topics include measurements of the Steam game network, cloud storage, sentiment analysis, wireless networks, streaming video algorithms, peer-to-peer networking, and multicast routing. See Publications for more details.