Hovav Shacham Explained

Hovav Shacham
Field:Computer Security
Work Institutions:University of Texas at Austin
Alma Mater:Stanford University (PhD)
Doctoral Advisor:Dan Boneh
Thesis Title:New Paradigms in Signature Schemes
Thesis Year:2005

Hovav Shacham is a professor in computer security at the University of Texas at Austin. He has made many advances to both cryptography and computer security.

Biography

Shacham his PhD from Stanford University under the supervision of Dan Boneh, where he wrote his dissertation on "New Paradigms in Signature Schemes". He currently has over 50 publications in the area of computer security and cryptography. In 2007 he participated in the California's 2007 "Top-to-Bottom" voting systems review.[1] He was the program chair of IEEE S&P 2019 and 2020, one of the leading computer security conferences.[2]

Research

Shacham's research covers the areas of cryptography and security.

In cryptography, Shacham developed a scheme to digital signature scheme based on the Weil pairing with Dan Boneh and Ben Lynn.[3] The scheme was important because of the size of the signature: half of that of typical other signatures. For this reason this method, or those based on it, are now one of the leading signature schemes.

In security, Shacham is best known for developing Return Oriented Programming (ROP), a method to exploit a memory corruption vulnerability. In his 2007 ACM CCS paper, he showed that it was possible to perform Turing complete computation by re-using existing executable code in a program without needing to inject new code. ROP attacks are now the most common type of memory corruption exploit. Most operating systems now implement defenses to help prevent this attack,[4] and some microprocessors such as modern Intel CPUs include new hardware instructions that prevent this attack.[5]

Shacham performed a high-profile audit of the security systems in modern software-controlled cars in a paper published at IEEE S&P 2010, which in 2020 was recognized by IEEE with the test of time award. In this work, Shacham showed that many cars had little to no security and it was possible to "disable the brakes, selectively brake individual wheels on demand, or stop the engine".[6]

Shacham also researched the security of Backscatter X-ray full body scanners as used in many airports.[7] He found that it was possible to infect these scanners with malware, and that it was possible to hide weapons through the scanners.[8]

Awards

Shacham received the ACM CCS 2017 and 2019 test of time award,[9] and the IEEE S&P 2020 Test-of-Time Award.[10]

External links

Notes and References

  1. Web site: Top-to-Bottom Review :: California Secretary of State . 2024-03-07 . www.sos.ca.gov.
  2. Web site: IEEE Symposium on Security and Privacy 2020 . 2024-03-07 . www.ieee-security.org.
  3. Book: Boneh . Dan . Lynn . Ben . Shacham . Hovav . 2001 . Boyd . Colin . Short Signatures from the Weil Pairing . https://link.springer.com/chapter/10.1007/3-540-45682-1_30 . Advances in Cryptology — ASIACRYPT 2001 . Lecture Notes in Computer Science . en . Berlin, Heidelberg . Springer . 514–532 . 10.1007/3-540-45682-1_30 . 978-3-540-45682-7.
  4. Web site: Understanding Hardware-enforced Stack Protection . 2024-03-07 . TECHCOMMUNITY.MICROSOFT.COM . en.
  5. Web site: A Technical Look at Intel's Control-flow Enforcement Technology . 2024-03-07 . Intel . en.
  6. Web site: Leyden . John . Boffins warn on car computer security risk . 2024-03-07 . www.theregister.com . en.
  7. Web site: Diego . University of California-San . Researchers find security flaws in backscatter X-ray scanners . 2024-03-07 . phys.org . en.
  8. Greenberg . Andy . Researchers Easily Slipped Weapons Past TSA's X-Ray Body Scanners . 2024-03-07 . Wired . en-US . 1059-1028.
  9. Web site: Dr. Hovav Shacham Awarded ACM CCS Test-of-Time Award 2019 Department of Computer Science . 2024-03-07 . www.cs.utexas.edu.
  10. Web site: Computer Scientists Win Test of Time Award for Paper that Changed the Auto Industry .