Yossi Gilad

Yossi Gilad

I work on networks, systems, and their security

Email: yossigi@csail.mit.edu

I am the chief technologist and head of systems research at Algorand. An early description of the system we're building appeared in SOSP'17.

Research Interests. I design, build, and analyze secure and scalable protocols and networked systems. My work focuses on the mechanisms that comprise Internet services. It ranges from the core Internet protocols, through content delivery networks, to large-scale Internet applications. My research methodology combines rigorous analysis with experimental evaluation, as well as informing deployment via standardization and interactions with practitioners.

Short bio. Prior to Algorand, I was postdoctoral researcher at the Massachusetts Institute of Technology and Boston University, hosted by Prof. Nickolai Zeldovich and Prof. Sharon Goldberg. I was part of the Parallel & Distributed Operating Systems and BUSec groups. Before moving to Boston, I worked on network and system security as a research staff member at IBM and a postdoctoral researcher at the Hebrew University hosted by Prof. Michael Schapira. I completed my Ph.D. at the CS department in Bar-Ilan University, where I was a part of the network security research group led by Prof. Amir Herzberg. I am truly fortunate to have had great mentors.
My Ph.D. studies included great experiences in the industry. I interned at Google Cambridge MA, where I worked on SPDY, and before that, I worked at IBM Research Zurich laboratory on improving password-based authentication. Prior to these travels, I was a software architect at Marvell's Switching Division and was a computer science researcher in the Israeli army.

I enjoy teaching! I created and taught, together with Dr. Oded Margalit, the Advanced Topics in Software Security class, given at Ben-Gurion University in Spring 2015.

Honors and Awards

  • IETF/IRTF Applied Networking Research Prize (2017).
  • RIPE Academic Cooperation Initiative (2017).
  • IBM Research Inventor Recognition Award (2015).
  • The Check Point Institute Information Security Prize (2013-2014).
  • Israel Ministry of Science cybersecurity research scholarship (2012-2014).
  • Best student paper award at USENIX Workshop on Offensive Technologies (2012).
  • Bar-Ilan University presidential scholarship (2012 - 2014).
  • Check Point Institute for Information Security fellowship (2012 - 2013).
  • Israel Ministry of Education academic scholarship for gifted Israeli youth (2003).

I'm on the program committee for the following conferences:

  • Proceedings on Privacy Enhancing Technologies (PoPETS) 2018, 2019
  • IEEE Conference on Communications and Network Security 2019
  • Workshop of Security & Privacy on the Blockchain (IEEE S&B) 2018

  • Meta-data private communication at scale

    Private communication over the Internet remains a challenging problem. Even if messages are encrypted, it is hard to deliver them without revealing metadata about which users are communicating. Scalable metadata-hiding systems, such as Tor, are popular but susceptible to traffic analysis attacks. In contrast, the largest-scale systems with metadata privacy require passing all messages through a small number of providers, incurring a very high operational cost for each provider and limiting their deployability in practice. Stadium (SOSP'17) is a point-to-point messaging system that provides metadata and data privacy while scaling its work efficiently across hundreds of low-cost providers operated by different organizations. We show that Stadium can scale to support 4x more users than the current state of the art, using servers that cost an order of magnitude less to operate. However, Stadium induces high latency, and to facilitate broad adoption, the metadata-private system should present comparable performance to ``vanilla'' (non-metadata-private) applications. Karaoke (OSDI'18) tackles this challenge. We show that a significant performance gain is achieved by distinguishing between passive and active attacks. Specifically, it is possible to completely avoid leakage of information about metadata when the attacker is passive (observes the traffic on every link and computations of malicious servers) and defend against active attacks (where the attacker modifies traffic) by bounding the leakage of statistical information through differential privacy. This insight, along with careful system design and a rigorous tight analysis allows reducing latency by almost two orders of magnitude over Stadium. In a forthcoming article (CACM'19), I describe the next challenges in scaling metadata private communication and why I believe they can be alleviated to a large extent.

  • Efficient cryptocurrencies

    We work on increasing the scale that cryptocurrencies can operate. Algorand (SOSP'17) is a new cryptocurrency system that can confirm transactions with latency on the order of a minute while scaling to many users. Algorand ensures that users never have divergent views of confirmed transactions, even if some of the users are malicious and the network is partitioned. Vault (NDSS'19) builds on top to Algorand to reduce the cryptocurrency's bootstrapping costs. Existing cryptocurrencies require users to process the log of all transactions ever made, and keep track of everyone's balances, to validate new blocks of transactions. This approach causes a significant scalability hurdle; running a Bitcoin client today already requires fetching and processing almost 200GB of transactions' history, and this requirement will only increase with time. The adoption of more efficient designs (such as Algorand) will lead to a massive increase in the rate of transactions and is so only expected to aggravate this problem further. Vault addresses this issue by utilizing authenticated data structures to allow users to attach to transactions a succinct proof that their transactions are valid without requiring other users to process previous transactions or keep track of everyone else's balances.
    Algorand is being commercialized by a startup company.

  • Securing interdomain routing under today's Internet constraints

    Extensive standardization and R&D efforts are dedicated to establishing secure Internet routing through RPKI and BGPsec. Our studies show that there are significant challenges in enforcing RPKI-based policies (NDSS'17). We argue that many problems with using the RPKI are rooted in incorrectly using the maxLength parameter (CoNEXT'17), and suggest best practices (IETF draft). As an alternative to RPKI that is easier to adopt and robust to errors, we propose DISCO (HotNets'18).
    The adoption of BGPsec, the next step in securing Internet routing that is built on top of RPKI, is expected to be far harder since it requires replacing the Internet infrastructure and provides limited benefits under partial adoption. We propose path-end validation (HotNets'15, SIGCOMM'16), a modest extension to RPKI or DISCO that provides security benefits comparable to BGPsec while circumventing its deployment challenges. Path-end validation was awarded the IRTF applied network research prize (2017).
    The combination of DISCO and path-end validation provides a tangible path to secure Internet routing.

While at IBM Research, I was involved in the following patents:

  • Robust and Stealthy Proxy Detection based on Inter-Packet Delay. Yossi Gilad and Shahar Kohanim (2015).
  • Real-Time Event Detection and Management Hybrid Architecture for Connected Vehicles. Yair Allouche, Yossi Gilad, Oded Margalit and Yaron Wolfstal (2015).
  • Easy to Deploy Origin Authentication and Alert System for the Controller Area Network. Yair Allouche, Yossi Gilad and Oded Margalit (2014).
  • On-device Authorization of IoT Devices for Collaboration and Association. Yossi Gilad, Ayman Jarrous, Ravid Sagy and Alexandra Shulman Peleg (2014).
  • Distributed Single Sign-On. Jan Camenisch, Yossi Gilad, Anja Lehmann, Gregory Neven and Zoltan Nagy (2013).