First Virtual Friday Lunch with Henry Corrigan-Gibbs

Speaker: Henry Corrigan-Gibbs

Date: Friday, March 11, 2022

Time: 12:00 PM to 1:00 PM Note: all times are in the Eastern Time Zone

Public: No


Event Type: Seminar

Room Description:

Host: Matthew Busekroos, CSAIL Alliances

Contact: Matthew Busekroos,

Relevant URL:

Speaker URL: None

Speaker Photo:

Reminders to:

Reminder Subject: TALK: First Virtual Friday Lunch with Henry Corrigan-Gibbs

SafetyPin: Encrypted Backups with Human-Memorable Secrets

CSAIL researcher Henry Corrigan-Gibbs will present the design and implementation of SafetyPin, a system for encrypted mobile-device backups. Like existing cloud-based mobile-backup systems, including those of Apple and Google, SafetyPin requires users to remember only a short PIN and defends against brute-force PIN-guessing attacks using hardware security protections. Unlike today's systems, SafetyPin splits trust over a cluster of hardware security modules (HSMs) in order to provide security guarantees that scale with the number of HSMs. In this way, SafetyPin protects backed-up user data even against an attacker that can adaptively compromise many of the system's constituent HSMs. SafetyPin provides this protection without sacrificing scalability or fault tolerance. Decentralizing trust while respecting the resource limits of today's HSMs requires a synthesis of systems-design principles and new cryptographic tools. SafetyPin is evaluated on a cluster of 100 low-cost HSMs and shows that a SafetyPin-protected recovery takes 1.01 seconds. To process 1B recoveries a year, they estimate that a SafetyPin deployment would need 3,100 low-cost HSMs.

This talk is based on joint work with Emma Dauterman (UC Berkeley) and David Mazieres (Stanford).

Research Areas:
Security & Cryptography, Systems & Networking

Impact Areas:

This event is not part of a series.

Created by Matthew Busekroos Email at Thursday, March 10, 2022 at 3:44 PM.