-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
239 lines (222 loc) · 10.9 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
<html>
<head>
<title>Chris Karlof</title>
</head>
<link rel="stylesheet" type="text/css" href="styles.css">
<body bgcolor="white">
<table border=0><tr>
<td>
<img src="pix/IMG_3211.JPG" alt="a picture of me" width=200>
<td width=40>
<td>
<h2>Chris Karlof</h2>
<p>
Software Engineering Director
</p>
<img src="pix/em.png" style="margin-left: -0.25em"> <br>
</td>
</tr>
</table>
<hr>
<p>I am currently an engineering director at <a href="https://www.mozilla.org/en-US/">Mozilla</a> working on Firefox.</p>
<p><b>Interests.</b> Identity systems. Computer security. Usable security. Web and mobile
security and privacy. Full stack software development.</p>
<p>
I finished my Ph.D. at UC-Berkeley in February 2009. My advisors were <a href="http://www.cs.berkeley.edu/~daw/">David
Wagner</a> and <a href="http://www.cs.berkeley.edu/~tygar">Doug Tygar</a>. You can check out my recent work history
on <a href="http://www.linkedin.com/in/karlof">LinkedIn</a>.
</p>
<p><b>Publications and Reports.</b>
<dl>
<dt> <a href="papers/pake-w2sp09.pdf">Is it too late for PAKE?</a>
<dd> John Engler, Chris Karlof, Elaine Shi, and Dawn Song.
<dd> Proceedings of the <a href="http://w2spconf.com/2009/">Web 2.0 Security and Privacy Workshop 2009</a> (W2SP 2009), May 2009.
[<a href="bibtex/pake-w2sp09.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/karlof-thesis09.pdf">Human Factors in Web Authentication</a>
<dd> Chris Karlof.
<dd> Ph.D. dissertation, University of California Berkeley, February 2009.
[<a href="bibtex/karlof-thesis09.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/conditioned-safe-ndss09.pdf">Conditioned-safe Ceremonies and a User Study of an Application to Web Authentication</a>
<dd> Chris Karlof, J.D. Tygar, and David Wagner.
<dd> Proceedings of the <a href="http://www.isoc.org/isoc/conferences/ndss/09/"> Sixteenth Annual Network and
Distributed Systems Security Symposium</a> (NDSS 2009), February 2009.
[<a href="bibtex/conditioned-safe-ndss09.entry">bibtex</a>]
<dd> Related: <a href="papers/registration-study-upsec08.pdf">A User Study
Design for Comparing the Security of Registration Protocols</a>.
The design of our user study previously appeared in the proceedings of the <a
href="http://www.usenix.org/events/upsec08/upsec08.html">First USENIX Workshop
on Usability, Psychology, and Security</a> (UPSEC 2008),
April 2008.
[<a href="bibtex/reg-study-upsec08.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/locked-sop-ccs07.pdf">Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers</a>
<dd> Chris Karlof, Umesh Shankar, J.D. Tygar, and David Wagner.
<dd> Proceedings of the <a
href="http://www.acm.org/sigs/sigsac/ccs/CCS2007/">Fourteenth ACM Conference on
Computer and Communications Security</a> (CCS 2007), pages 58-71,
October 2007.
[<a href="bibtex/locked-sop-ccs07.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/sequoia-source-public-jul26.pdf">Source Code Review of the Sequoia Voting
System</a>
<dd> Matt Blaze, Arel Cordero, Sophie Engle, Chris Karlof, Naveen Sastry, Micah
Sherr, Till Stegers, Ka-Ping Yee.
<dd>This report was part of the <a href="http://ss.ca.gov/">California Secretary
of State's</a> "Top to Bottom Review" of electronic voting systems conducted during the
summer of 2007.
July 20, 2007.
[<a href="bibtex/sequoia-sos07.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/p41-whitehouse.pdf">A Practical Evaluation of Radio Signal Strength for Ranging-based
Localization</a>
<dd> Kamin Whitehouse, Chris Karlof, and David Culler.
<dd> ACM Mobile Computing and Communications Review (MC2R), Special Issue on
Localization. Volume 11, Issue 1, pages 41-52, January 2007.
[<a href="bibtex/practical-mc2r07.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/doppelganger-ccs06.pdf">Doppelganger: Better Browser Privacy Without the Bother</a>
<dd> Umesh Shankar and Chris Karlof.
<dd> Proceedings of the <a
href="http://www.acm.org/sigs/sigsac/ccs/CCS2006/">Thirteenth ACM Conference on
Computer and Communications Security</a> (CCS 2006), pages 154-167,
November 2006.
[<a href="papers/doppelganger-ccs06.ps">ps</a>]
[<a href="bibtex/doppel-ccs06.entry">bibtex</a>]
<dd>Also:
<a href="papers/EECS-2007-116.pdf">A Usability Study of Doppelganger, A Tool for Better Browser Privacy</a>,
Technical Report UCB/EECS-2007-116,
University of California at Berkeley, September 2007.
[<a href="bibtex/doppel-user07.entry">bibtex</a>]
<dd> <a href="http://www.umeshshankar.com/doppelganger/doppel.html">Install</a>
Doppelganger and try it out yourself.
<br><br>
<dt> <a href="papers/diebold-sos06.pdf"> Security Analysis of the
Diebold AccuBasic Interpreter</a>
<dd> David Wagner, David Jefferson, Matt Bishop, Chris Karlof, and
Naveen Sastry.
<dd>Report of the <a href="http://ss.ca.gov/">California Secretary of State's</a> Voting Systems Technology Assessment Advisory Board (VSTAAB).
February 14, 2006.
[<a href="bibtex/diebold-sos06.entry">bibtex</a>]
<dd> Our report contains a detailed technical analysis of the
security issues associated with the AccuBasic interpreter in
Diebold voting machines.
The California Secretary of State's office
commissioned the report. Compare our results with the
<a
href="http://www.ss.ca.gov/elections/voting_systems/diebold_code_review_final.pdf">analysis</a>
done by
<a href="http://www.ciber.com/">CIBER</a>, an Independent Testing Authority
responsible for evaluating the trustworthiness of electionic voting
systems.
<br><br>
<dt><a href="papers/cryptovoting-usenix05.pdf">Cryptographic Voting Protocols: A Systems Perspective</a>
<dd>Chris Karlof, Naveen Sastry, and David Wagner.
<dd> Proceedings of the
<a href="http://www.usenix.org/events/sec05/">Fourteenth USENIX Security
Symposium</a> (USENIX Security 2005), pages 33-50, August 2005.
[<a href="papers/cryptovoting-usenix05.ps">ps</a>]
[<a href="bibtex/cryptovoting-usenix05.entry">bibtex</a>]
<dd>Also: <a href="papers/cryptovoting-opinion05.pdf">The Promise of Cryptographic Voting Protocols</a>.
An opinion piece on cryptographic voting protocols.
June 2005.
[<a href="papers/cryptovoting-opinion05.ps">ps</a>]
[<a href="bibtex/cryptovoting-opinion05.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/rangingloc-ipsn05.pdf">The Effects of Ranging Noise on Multihop Localization: An Empirical Study</a>
<dd> Kamin Whitehouse, Chris Karlof, Alec Woo, Fred Jiang, and David Culler.
<dd> Proceedings of the <a href="http://www.ece.wisc.edu/~ipsn05/"> Fourth
International Conference on Information Processing in Sensor Networks</a>
(IPSN 2005), pages 73-80, April 2005.
[<a href="bibtex/rangingloc-ipsn05.entry">bibtex</a>]
<br><br>
<dt> <a href="papers/peg-ewsn05.pdf">Design and Implementation of a Sensor Network System for Vehicle Tracking and Autonomous Interception</a>
<dd> Cory Sharp, Shawn Schaffert, Alec Woo, Naveen Sastry, Chris Karlof, Shankar Sastry, and David Culler.
<dd> Proceedings of the <a href="http://www.ewsn.org/">Second European Workshop on
Wireless Sensor Networks</a> (EWSN 2005), pages 93-107, January 2005.
[<a href="papers/peg-ewsn05.ps">ps</a>]
[<a href="bibtex/peg-ewsn05.entry">bibtex</a>]
<br><br>
<dt><a href="papers/tinysec-sensys04.pdf">TinySec: A Link Layer Security Architecture for Wireless Sensor Networks</a>
<dd>Chris Karlof, Naveen Sastry, and David Wagner.
<dd> Proceedings of the
<a href="http://www.cse.ohio-state.edu/sensys04/">Second ACM Conference on Embedded Networked Sensor Systems</a> (SenSys 2004), pages 162-175, November 2004.
[<a href="papers/tinysec-sensys04.ps">ps</a>]
[<a href="bibtex/tinysec-sensys04.entry">bibtex</a>]
<dd>Also: the TinySec <a href="papers/tinysec-user-manual.pdf">user manual</a>
for <a href="http://www.tinyos.net/">TinyOS</a>.
<br><br>
<dt><a href="papers/distillation-ndss04.pdf">Distillation Codes and Applications to DoS
Resistant
Multicast Authentication</a>
<dd>Chris Karlof, Naveen Sastry, Yaping Li, Adrian Perrig, and J.D. Tygar.
<dd> Proceedings of the <a
href="http://www.isoc.org/isoc/conferences/ndss/04/">Eleventh Annual Network and
Distributed Systems Security Symposium</a> (NDSS 2004), pages 37-56, February 2004.
[<a href="papers/distillation-ndss04.ps">ps</a>]
[<a href="bibtex/distillation-ndss04.entry">bibtex</a>]
<br><br>
<dt><a href="papers/hmm-ches03.pdf">Hidden Markov Model Cryptanalysis</a>
<dd>Chris Karlof and David Wagner.
<dd> Proceedings of the <a
href="http://islab.oregonstate.edu/ches/ches2003/index.html">Fifth Workshop on Cryptographic
Hardware and Embedded Systems</a> (CHES 2003), LNCS 2779, pages 17-34, September
2003.
[<a href="papers/hmm-ches03.ps">ps</a>]
[<a href="bibtex/hmm-ches03.entry">bibtex</a>]
<dd>The full version: [<a href="papers/hmm-tech-rep.ps">ps</a>]
[<a href="papers/hmm-tech-rep.pdf">pdf</a>] Technical Report UCB//CSD-03-1244,
University of California at Berkeley, June 2003.
<!-- a href="bibtex/hmm-tech03.entry">[bibtex]</a>
Presentation: <a href="presentations/hmm-ches2003.ppt">[ppt]</a> !-->
<br><br>
<dt><a href="papers/senroute-adnj.pdf">Secure Routing in
Wireless Sensor Networks: Attacks and Countermeasures</a>
<dd>Chris Karlof and David Wagner.
<dd> <a href="http://www.elsevier.com/locate/adhoc">Elsevier's AdHoc Networks
Journal</a>, Special Issue on Sensor Network Applications and Protocols,
Volume 1, Issues 2-3, pages 293-315, September 2003.
[<a href="bibtex/senroute-ahnj03.entry">bibtex</a>]
<dd>A preliminary version of this paper appeared in proceedings of the
<a href="http://www.icc2003.com/SNPAworkshop.html">First IEEE International
Workshop on Sensor Network Protocols and Applications</a> (SNPA 2003),
pages 113-127, May 2003.
<!-- <a href="bibtex/senroute-snpa03.entry">[bibtex]</a>
Presentation: <a href="presentations/secure-routing-snpa2003.ppt">[ppt]</a> !-->
<br><br>
<dt><a href="papers/arrive.pdf">ARRIVE: Algorithm for Robust Routing in
Volatile Environments</a>
<dd>Chris Karlof, Yaping Li, Joe Polastre.
<dd> Technical Report UCB/CSD-03-1233,
University of California at Berkeley, May 2002.
[<a href="bibtex/arrive-tech02.entry">bibtex</a>]
</dl>
<!--
<p><b>Classes.</b>
<ul>
<li> Fall
2003: STAT 205A (Probability Theory)
<li> <a href="http://www-cad.eecs.berkeley.edu/~tah/294-1/">Spring 2003: CS
294-1 (Model Checking)</a>
<li> Spring 2003: CS
294-9 (Data Transport Protocols)
<li> <a href="http://www.cs.berkeley.edu/~daw/teaching/cs261-f02/">Fall 2002: CS
261 (Computer Security)</a>
<li> <a href="http://www.cs.berkeley.edu/~jordan/courses/281A-fall02/">Fall
2002: STAT 241A (Statistical Learning Theory)</a>
<li> Fall 2002: CS 294-5 (Privacy)
<li> <a href="http://www.cs.berkeley.edu/~daw/cs276/">Spring 2002: CS 276
(Cryptography)</a>
<li> <a href="http://inst.EECS.Berkeley.EDU/~cs262/">Spring 2002: CS 262b
(Advanced Topics in Computer Systems)</a>
<li> <a href="http://citris.berkeley.edu/defense/schedule.html">Spring 2002:
CS 298-36 (Digital Defense: Issues in Security, Privacy and
Critical Infrastructure Protection)</a>
<li> <a href="http://www.cs.berkeley.edu/~adj/cs262/">Fall 2001: CS 262a
(Advanced Topics in Computer Systems)</a>
<li> <a href="http://www.cs.berkeley.edu/~necula/cs263/index.html">Fall 2001: CS
263 (Design and Analysis of Programming Languages)</a>
</ul>
!-->
</html>