This page showcases some of my favorite research projects. For more details, see my publications
Non-conforming malware mutations
Hackers constantly modify their malware. They create mutations to evade detection. Antiviruses are designed to detect mutations, but they assume that a mutation behaves like the malware it originated from. In this research we
showed that this assumption is wrong, and that consequently antiviruses fail to detect malware.
We created software that generates new malware mutations from an original malware. These mutations are unique in that their internal structure has been distorted, rather than obfuscated. This makes them undetectable to the antivirus.
In addition to showing that our mutations work, we showed that our software generates them efficiently and automatically. This is important. It proves that our mutations are viable in practice. Our research confirms that anti malware detection tools are inefficient.
VMCrypt - scalable secure computation
Secure computation allows parties to jointly compute a function, but without revealing their inputs to each other. For example, they can compare their DNAs while keeping them private.
One way to do secure computation is using a circuit. The circuit represents a function. It has input wires and output wires, but instead of 0s and 1s, it operates on encrypted values. The problem is that the actual implementation requires a lot of memory and hard-drive space.
VMCrypt is a library for secure computation. It does not use the hard drive, and it dynamically allocates and deallocates parts of the circuit. Hence, it is faster, more power efficient, and has a very small memory footprint. VMCrypt benchmarks show that secure computation is practical even on mobile devices.
Zero-knowledge protocols allow a prover to prove an assertion to a verifier, but without revealing anything. For example, a user can login to a website without revealing anything; not even a password.
The notion of zero-knowledge is formalized using simulation. Intuitively, if without any help the verifier can perfectly simulate the interaction with the prover, then the prover leaks no information.
The problem is that usually the simulation is not perfect. This means that some information is leaked.
This research provides a method for building perfect simulators. The method is then used to construct a perfect zero-knowledge protocol that is generic for a large class of problems.
Semantically Non-preserving Transformations for Antivirus Evaluation. E. Ersan, L. Malka., B. Kapron. In Proc. of the 9th International Symposium on Foundations and Practice of Security (FPS), 2016.
Private Function Evaluation with Linear Complexity. J. Katz, L. Malka. In Proc. of the 17th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT), 2011.
VMCrypt - Modular Software Architecture for Scalable Secure Computation. L. Malka.
In Proc. of the 18th ACM Conference on Computer and Communications Security (CCS), 2011.
Faster Secure Two-Party Computation Using Garbled Circuits. Yan Huang, David Evans, Jonathan Katz, and Lior Malka. In Proc. of the 20th USENIX Security Symposium, 2011.
Efficient Privacy-Preserving Biometric Identification. Y. Huang, L. Malka, D. Evans, J. Katz.
In Proc. of the 17th Annual Network and Distributed System Security Symposium
Secure Text Processing with Applications to Private DNA Matching. J. Katz, L. Malka. In Proc. of the 17th ACM Conference on Computer and Communications Security
How to Achieve Perfect Simulation and A Complete
Problem for Non-interactive Perfect Zero-Knowledge. L. Malka. In Proc. of the 5th IACR Theory of Cryptography Conference
(TCC), pages: 89 -- 106, 2008.
A Characterization of Non-interactive
Instance-Dependent Commitment Schemes (NIC). B. Kapron, L. Malka, V. Srinivasan. In Proc. of the 34th International EATCS Colloquium on Automata, Languages and Programming (ICALP), pages: 328 -- 339, 2007.
Efficient Reliable Communication Over Partially
Authenticated Networks. A. Beimel, L. Malka.
In Proc. of the 22nd ACM Symp. on Principles of Distributed
Computing (PODC), pages 233--242, 2003.