I am a postdoctoral researcher at the Massachusetts Institute of Technology and Boston University hosted by Prof. Nickolai Zeldovich and Prof. Sharon Goldberg. I am part of the Parallel & Distributed Operating Systems and BUSec groups.
Research Interests. I design, build, and analyze secure and scalable networked systems. My research touches all parts of the networking stack, from the core Internet protocols (e.g., TCP, IP, and BGP), through content delivery networks, to scaling Internet applications such as anonymous communication and cryptocurrencies. My research methodology spans the entire range from system design, through rigorous analysis and experimental evaluation, to informing deployment via standardization and interactions with practitioners.
Short bio. I completed my Ph.D at the CS department in Bar-Ilan University, where I was a part of the network security research group led by Prof. Amir Herzberg. Following my studies I continued working on network and system security as a research staff member at IBM and a postdoctoral researcher at the Hebrew University hosted by Prof. Michael Schapira. I am truly fortunate to have had great mentors. My PhD studies included fun and educating experiences in academia and industry. I interned at Google Cambridge MA, where I worked on SPDY. Prior to that, I worked at IBM Research Zurich laboratory on improving password based authentication. I also spent one semester as a research scholar at Boston University, where I worked with Prof. Ari Trachtenberg on design and implementation of a secure platform for mobile device applications. Prior to all these travels, I was a software architect at Marvell's Switching Division.I enjoy teaching! I created and taught, together with Dr. Oded Margalit, the ``Advanced Topics in Software Security'' course, given at Ben-Gurion University in Spring 2015.
Honors and Awards
We work on increasing the scale that cryptocurrencies can operate.
Algorand is a new cryptocurrency system that can confirm transactions
with latency on the order of a minute while scaling to many users.
Algorand ensures that users never have divergent views of confirmed
transactions, even if some of the users are malicious and the network is
partitioned. In contrast, existing cryptocurrencies allow for temporary
forks and therefore require a long time, on the order of an hour, to confirm transactions with
We implement Algorand and evaluate its performance on 1,000 EC2 virtual
machines, simulating up to 500,000 users. Experimental results show that
Algorand confirms transactions in under a minute, achieves 30X
Bitcoin's throughput, and incurs almost no penalty for scaling to
Preliminary version available here.
Our work seeks to design deployable security protocols that do not require changes to today's routing hardware, yet provide significant security benefits even if partially deployed.
We propose path-end validation, a modest extension to RPKI that provides security benefits comparable to BGPsec while circumventing its deployment challenges.
Path-end validation was presented at HotNets'15 and SIGCOMM'16. We provide an opensource prototype implementation for Cisco routers.
Our study on the hurdles to enforcing RPKI-based policies appeared in NDSS'17. We argue that many problems with using the RPKI are rooted in incorrectly using the maxLength parameter, and suggest an alternative. See online report and our implementation.
Checkout our RPKI monitor and alert system: ROAlert.
Private communication over the Internet remains a challenging problem. Even if messages are encrypted, it is hard to deliver them without revealing metadata about which pairs of users are communicating. Scalable anonymity systems,such as Tor, are susceptible to traffic analysis attacks that leak metadata. In contrast, the largest-scale systems with metadata privacy require passing all messages through a small number of providers, requiring a very high operational cost for each provider and limiting their deployability in practice. We design and build Stadium, a point-to-point messaging system that provides metadata and data privacy while scaling its work efficiently across hundreds of low-cost providers operated by different organizations. We show that Stadium can scale to support 4X more users than the current state of the art, using servers that cost an order of magnitude less to operate.
Preliminary version available on eprint.
CDN-on-Demand is a software-based defense that administrators of small to medium websites install to resist powerful DDoS attacks, with a fraction of the cost of comparable commercial CDN services. Upon excessive load, CDN-on-Demand serves clients from a scalable set of proxies that it automatically deploys on multiple IaaS cloud providers. CDN-on-Demand can use less expensive, and less trusted, clouds to minimize costs. This is facilitated by the clientless secure-objects, which is a new mechanism that we present. The clientless secure-objects mechanism avoids trusting the hosts with private keys or user-data, yet does not require installing new client programs. CDN-on-Demand also introduces an origin-connectivity mechanism, which ensures that essential communication with the content-origin is possible, even in case of severe DoS attacks.
A critical feature of CDN-on-Demand is in facilitating easy deployment. We introduce the origin-gateway module, which deploys CDN-on-Demand automatically and transparently, i.e., without introducing changes to web-server configuration or website content. We provide an open-source implementation of CDN-on-Demand, which we use to evaluate each component separately as well as the complete system.
CDN-on-Demand was presented at NDSS'16.