This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
J. Alex Halderman | |
---|---|
Born | c. January 1981 (age 43) |
Alma mater | Princeton University |
Known for | 2016 United States presidential election recounts |
Awards | Sloan Research Fellowship, Pwnie Award |
Scientific career | |
Fields | Computer science |
Institutions | University of Michigan |
Doctoral advisor | Edward Felten |
Website | J. Alex Halderman homepage |
J. Alex Halderman (born c. January 1981) is professor of computer science and engineering at the University of Michigan, where he is also director of the Center for Computer Security & Society. Halderman's research focuses on computer security and privacy, with an emphasis on problems that broadly impact society and public policy.
Halderman was awarded the A.B. summa cum laude in June 2003, the M.A. in June 2005, and the Ph.D. in June 2009, all in Computer Science from Princeton University. [1]
As a student at Princeton, Halderman played a significant role in exposing flaws in digital rights management (DRM) software used on compact discs. In 2004, he discovered that a DRM system called MediaMax CD-3 could be bypassed simply by holding down the shift key while inserting a CD.[ citation needed ] The company behind the system briefly threatened him with a $10 million lawsuit, landing him on the front page of USA Today . [2] Later, in 2005, he helped show that a DRM system called Extended Copy Protection functioned identically to a rootkit and weakened the security of computers in which audio CDs were played.[ citation needed ] The ensuing Sony BMG copy protection rootkit scandal led to the recall of millions of CDs, class action lawsuits, and enforcement action by the U.S. Federal Trade Commission.[ citation needed ]
In 2008, Halderman led the team that discovered the cold boot attack against disk encryption, which allows an attacker with physical access to a computer device to extract encryption keys or other secrets from its memory. The technique, which was initially effective against nearly every full-disk encryption product on the market, exploits DRAM data remanence to retrieve memory contents even after the device has been briefly powered off. [3] One version of the technique involves cooling DRAM modules with freeze spray to slow data decay, then removing them from the computer and reading them in an external device. It has become an important part of computer forensics practice and has also inspired a wide variety of defensive research, such as leakage-resilient cryptography and hardware implementations of encrypted RAM. For their work developing the attack, Halderman and his coauthors received the Pwnie Award for Most Innovative Research and the Best Student Paper Award from the USENIX Security Symposium.
At the University of Michigan, Halderman and coauthors performed some of the first comprehensive studies of Internet censorship in China [4] and in Iran, [5] and of underground "street networks" in Cuba. [6] In 2009, he led a team that uncovered security problems and copyright infringement in client-side censorship software mandated by the Chinese government. [7] The findings helped catalyze popular protest against the program, leading China to reverse its policy requiring its installation on new PCs. In 2011, Halderman and his students invented Telex, a new approach to circumventing Internet censorship, partially by placing anticensorship technology into core network infrastructure outside the censoring country. With support from the United States Department of State, which called the technique a "generational jump forward" in censorship resistance, [8] Halderman led a multi-institutional collaboration that further developed the technology and deployed it at ISP-scale under the name Refraction Networking. [9] In 2015, United States Ambassador to the United Nations Samantha Power brought him to New York to demonstrate the technology at a meeting alongside the General Assembly. [8]
In 2012, Halderman and coauthors discovered serious flaws in random number generators that weakened the public-key cryptography used for HTTPS and SSH servers in millions of Internet of things devices. They disclosed vulnerabilities to 60 device manufacturers and spurred changes to the Linux kernel. [10] Their work received the Best Paper Award at the USENIX Security Symposium and was named one of the notable computing articles of the year by ACM Computing Reviews . [11] Halderman played a significant role in fixing several major vulnerabilities in the TLS protocol. He was a co-discoverer of the Logjam [12] and DROWN [13] attacks, and conducted the first impact assessment of the FREAK attack. [14] The three flaws compromised the security of tens of millions of HTTPS websites and resulted in changes to HTTPS server software, web browsers, and the TLS protocol. Since they worked by exploiting remnants of ways in which older versions of the protocol had been deliberately weakened due to 1990s-era restrictions on the export of cryptography from the United States, [15] they carried lessons for the ongoing public policy debate about cryptographic back doors for law enforcement. [16]
Halderman's Logjam work also provided a plausible explanation for a major question raised by the Edward Snowden revelations: how the National Security Agency could be decoding large volumes of encrypted network traffic. By extrapolating their results to the resources of a major government, the researchers concluded that nation-state attackers could plausibly break 1,024-bit Diffie-Hellman key exchange using a purpose-built supercomputer. [17] For a cost on the order of a hundred million dollars, an intelligence agency could break the cryptography used by about two-thirds of all virtual private networks. [18] Snowden publicly responded that he shared the researchers suspicions and blamed the U.S. government for failing to close a vulnerability that left so many people at risk. [19] The work received the 2015 Pwnie Award for Most Innovative Research and was named Best Paper at the ACM Conference on Computer and Communications Security.
In 2013, Halderman and his graduate students created ZMap, a free and open-source security scanning tool designed for information security research. [20] By making efficient use of network bandwidth, ZMap can scan the Internet's entire IPv4 address space in under an hour, allowing researchers to quantify vulnerable systems, track the adoption of security patches, and even measure the impact of natural disasters that disrupt Internet access. [21] Halderman and collaborators used it to track the OpenSSL Heartbleed vulnerability [22] and raised the global rate of patching by 50% by warning the operators of unpatched web servers. [23] Their work won the Best Paper award at the ACM Internet Measurement Conference. In partnership with Google, Halderman's research group used ZMap to study the security of email delivery, [24] highlighting seven countries where more than 20% of inbound Gmail messages arrived unencrypted due to network attackers. [25] To mitigate the problem, Gmail added an indicator to let users know when they receive a message that wasn't delivered using encryption, resulting in a 25% increase in inbound messages sent over an encrypted connection. [26] Halderman and his collaborators were recognized with the 2015 IRTF Applied Networking Research Prize.
In order to accelerate the adoption of encryption by web servers, Halderman in 2012 partnered with Mozilla and the Electronic Frontier Foundation to found the Let's Encrypt HTTPS certificate authority. Let's Encrypt provides HTTPS certificates at no cost through an automated protocol, significantly lowering the complexity of setting up and maintaining TLS encryption. Since its launch in 2016, Let's Encrypt has grown to protecting more than 150 million web sites. [27] Halderman and his students laid the foundation for the IETF-standard protocol that clients use to interface with the CA, the Automated Certificate Management Environment. [28] He sits on the board of directors of the Internet Security Research Group, the non-profit that operates Let's Encrypt. [29] He is also a co-founder and chief scientist of Censys, [30] a network security company that he says aims to "change the way security works by making it more quantitative, more precise, and more accurate." [31]
In 2015, Halderman was part of a team of proponents that included Steven M. Bellovin, Matt Blaze, Nadia Heninger, and Andrea M. Matwyshyn who successfully proposed a security research exemption to Section 1201 of the Digital Millennium Copyright Act. [32]
Halderman was awarded a Sloan Research Fellowship in 2015 by the Alfred P. Sloan Foundation, and in 2019 he was named an Andrew Carnegie Fellow by the Carnegie Corporation of New York. [33] He was profiled in the November 2016 issue of Playboy . [8]
After the 2016 United States presidential election, computer scientists, including Halderman, urged the Clinton campaign to request an election recount in Wisconsin, Michigan, and Pennsylvania (three swing states where Trump had won narrowly, while Clinton won New Hampshire and Maine narrowly) for the purpose of excluding the possibility that the hacking of electronic voting machines had influenced the recorded outcome. [34] [35] [36]
On June 21, 2017, Halderman testified before the United States Senate Select Committee on Intelligence. [37] [38] [39] The hearing, titled "Russian Interference in the 2016 U.S. Election", focused on the federal government's role in safeguarding U.S. elections from outside interference. Halderman discussed his own research in computer science and cybersecurity. He discussed one instance where he tampered with a voting machine and demonstrated the ability to change the outcome of an election. He also made three policy recommendations to safeguard U.S. elections: upgrading and replacing obsolete and vulnerable voting machines; consistently and routinely checking that American elections results are accurate; and applying cybersecurity best practices to the design of voting equipment and the management of elections. Halderman fielded questions from the Senators about his research and policy recommendations. At the end of the hearing, Chairman Burr praised Halderman for his work and noted how important his research is.[ citation needed ]
Following the 2020 United States presidential election, Halderman stated that a software glitch during the unofficial vote tally was not caused by fraud, but rather by human error, [40] and said the conspiracy theory that a supercomputer was used to switch votes from Trump to Biden was "nonsense". [41]
His expert witness report on voting machine vulnerabilities was filed in a Georgia case under seal, but is sought by litigants in another case and an election official in Louisiana. [42]
In 2022, CISA issued the advisory "Vulnerabilities Affecting Dominion Voting Systems ImageCast X" based on research by Halderman. [43]
In cryptography, encryption is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
In mathematics, for given real numbers a and b, the logarithm logb a is a number x such that bx = a. Analogously, in any group G, powers bk can be defined for all integers k, and the discrete logarithm logb a is an integer k such that bk = a. In number theory, the more commonly used term is index: we can write x = indra (mod m) (read "the index of a to the base r modulo m") for r x ≡ a (mod m) if r is a primitive root of m and gcd(a,m) = 1.
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.
In computing, Internet Key Exchange is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS ‒ and a Diffie–Hellman key exchange to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained.
Internet Security Association and Key Management Protocol (ISAKMP) is a protocol defined by RFC 2408 for establishing security association (SA) and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication and key exchange and is designed to be key exchange independent; protocols such as Internet Key Exchange (IKE) and Kerberized Internet Negotiation of Keys (KINK) provide authenticated keying material for use with ISAKMP. For example: IKE describes a protocol using part of Oakley and part of SKEME in conjunction with ISAKMP to obtain authenticated keying material for use with ISAKMP, and for other security associations such as AH and ESP for the IETF IPsec DOI.
Edward William Felten is the Robert E. Kahn Professor of Computer Science and Public Affairs at Princeton University, where he was also the director of the Center for Information Technology Policy from 2007 to 2015 and from 2017 to 2019. On November 4, 2010, he was named Chief Technologist for the Federal Trade Commission, a position he officially assumed January 3, 2011. On May 11, 2015, he was named the Deputy U.S. Chief Technology Officer. In 2018, he was nominated to and began a term as Board Member of PCLOB.
In cryptography, a weak key is a key, which, used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that, a cipher key made by random number generation is very unlikely to give rise to a security problem. Nevertheless, it is considered desirable for a cipher to have no weak keys. A cipher with no weak keys is said to have a flat, or linear, key space.
Matt Blaze is an American researcher who focuses on the areas of secure systems, cryptography, and trust management. He is currently the McDevitt Chair of Computer Science and Law at Georgetown University, and is on the board of directors of the Tor Project.
Steven M. Bellovin is a researcher on computer networking and security who has been a professor in the computer science department at Columbia University since 2005. Previously, Bellovin was a fellow at AT&T Labs Research in Florham Park, New Jersey.
A network telescope is an Internet system that allows one to observe different large-scale events taking place on the Internet. The basic idea is to observe traffic targeting the dark (unused) address-space of the network. Since all traffic to these addresses is suspicious, one can gain information about possible network attacks as well as other misconfigurations by observing it.
Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.
Elie Bursztein, is a French computer scientist and software engineer. He is Google and DeepMind AI cybersecurity technical and research lead.
Telex is a research anti-censorship system that would allow users to circumvent a censor without alerting the censor to the act of circumvention. It is not ready for real users, but a proof-of-concept mock system exists. As of 2018, Telex has evolved into refraction networking.
Logjam is a security vulnerability in systems that use Diffie–Hellman key exchange with the same prime number. It was discovered by a team of computer scientists and publicly reported on May 20, 2015. The discoverers were able to demonstrate their attack on 512-bit DH systems. They estimated that a state-level attacker could do so for 1024-bit systems, then widely used, thereby allowing decryption of a significant fraction of Internet traffic. They recommended upgrading to at least 2048 bits for shared prime systems.
The DROWN attack is a cross-protocol security bug that attacks servers supporting modern SSLv3/TLS protocol suites by using their support for the obsolete, insecure, SSL v2 protocol to leverage an attack on connections using up-to-date protocols that would otherwise be secure. DROWN can affect all types of servers that offer services encrypted with SSLv3/TLS yet still support SSLv2, provided they share the same public key credentials between the two protocols. Additionally, if the same public key certificate is used on a different server that supports SSLv2, the TLS server is also vulnerable due to the SSLv2 server leaking key information that can be used against the TLS server.
Key Finding Attacks are attacks on computer systems that make use of cryptography in which computer memory or non-volatile storage is searched for private cryptographic keys that can be used to decrypt or sign data. The term is generally used in the context of attacks which search memory much more efficiently than simply testing each sequence of bytes to determine if it provides the correct answer. They are often used in combination with cold boot attacks to extract key material from computers.
ZMap is a free and open-source security scanner that was developed as a faster alternative to Nmap. ZMap was designed for information security research and can be used for both white hat and black hat purposes. The tool is able to discover vulnerabilities and their impact, and detect affected IoT devices.
Nadia Heninger is an American cryptographer, computer security expert, and computational number theorist at the University of California, San Diego.
Refraction networking, also known as decoy routing, is a research anti-censorship approach that would allow users to circumvent a censor without using any individual proxy servers. Instead, it implements proxy functionality at the core of partner networks, such as those of Internet service providers, outside the censored country. These networks would discreetly provide censorship circumvention for "any connection that passes through their networks." This prevents censors from selectively blocking proxy servers and makes censorship more expensive, in a strategy similar to collateral freedom.
{{cite book}}
: CS1 maint: date and year (link)My conclusion is that our highly computerized election infrastructure is vulnerable to sabotage, and even to cyberattacks that could change votes. These realities risk making our election results more difficult for the American people to trust. I know America's voting machines are vulnerable because my colleagues and I have hacked them.
Likewise, J. Alex Halderman, a professor of computer science and engineering at the University of Michigan, told us the conspiracy theory is "nonsense."