David Wu: 2016 Security Workshop


Monday, April 11, 2016
Location: McCaw Hall, Arrillaga Alumni Center

"Privacy, Discovery, and Authentication for the Internet of Things"



Automatic service discovery is essential to realizing the full potential of the Internet of Things (IoT). While discovery protocols like Multicast DNS, Apple AirDrop, and Bluetooth Low Energy have gained widespread adoption among IoT devices, most of these protocols do not offer any form of privacy control for the service, and often leak sensitive information such as service type, device hostname, device owner's identity, and more in the clear..

To address the need for privacy in the IoT landscape, we develop two protocols for private service discovery and private mutual authentication. Our protocols provide private and authentic service advertisements, zero round-trip (0-RTT) mutual authentication, and are provably secure in the Canetti-Krawczyk key-exchange model. In contrast to alternatives, our protocols are lightweight and require minimal modification to existing key-exchange protocols. We integrate our protocols into an existing open-source distributed applications framework, and provide benchmarks on different hardware platforms: desktops, smartphones and Raspberry Pis.

Joint work with: Ankur Taly, Asim Shankar, and Dan Boneh


David Wu is a third-year PhD student in the Department of Computer Science, advised by Dan Boneh. He works on a mix of problems in applied and theoretical cryptography. On the applied side, his work has primarily focused on developing new cryptographic protocols for different privacy-preserving applications, such as database queries, machine learning, and navigation. On the theoretical side, he has worked on constructing new cryptographic primitives from multilinear maps, as well as on several problems related to functional encryption. David is the recipient of an NSF Graduate Research Fellowship.