Hovav Shacham | |
Field: | Computer Security |
Work Institutions: | University of Texas at Austin |
Alma Mater: | Stanford University (PhD) |
Doctoral Advisor: | Dan Boneh |
Thesis Title: | New Paradigms in Signature Schemes |
Thesis Year: | 2005 |
Hovav Shacham is a professor in computer security at the University of Texas at Austin. He has made many advances to both cryptography and computer security.
Shacham his PhD from Stanford University under the supervision of Dan Boneh, where he wrote his dissertation on "New Paradigms in Signature Schemes". He currently has over 50 publications in the area of computer security and cryptography. In 2007 he participated in the California's 2007 "Top-to-Bottom" voting systems review.[1] He was the program chair of IEEE S&P 2019 and 2020, one of the leading computer security conferences.[2]
Shacham's research covers the areas of cryptography and security.
In cryptography, Shacham developed a scheme to digital signature scheme based on the Weil pairing with Dan Boneh and Ben Lynn.[3] The scheme was important because of the size of the signature: half of that of typical other signatures. For this reason this method, or those based on it, are now one of the leading signature schemes.
In security, Shacham is best known for developing Return Oriented Programming (ROP), a method to exploit a memory corruption vulnerability. In his 2007 ACM CCS paper, he showed that it was possible to perform Turing complete computation by re-using existing executable code in a program without needing to inject new code. ROP attacks are now the most common type of memory corruption exploit. Most operating systems now implement defenses to help prevent this attack,[4] and some microprocessors such as modern Intel CPUs include new hardware instructions that prevent this attack.[5]
Shacham performed a high-profile audit of the security systems in modern software-controlled cars in a paper published at IEEE S&P 2010, which in 2020 was recognized by IEEE with the test of time award. In this work, Shacham showed that many cars had little to no security and it was possible to "disable the brakes, selectively brake individual wheels on demand, or stop the engine".[6]
Shacham also researched the security of Backscatter X-ray full body scanners as used in many airports.[7] He found that it was possible to infect these scanners with malware, and that it was possible to hide weapons through the scanners.[8]
Shacham received the ACM CCS 2017 and 2019 test of time award,[9] and the IEEE S&P 2020 Test-of-Time Award.[10]