MIT Room 32G-844
I am an Edwin Sibley Webster Professor of Electrical Engineering and Computer Science at MIT in the Computer Science and Artificial Intelligence Laboratory (CSAIL). I belong to the Computation Structures Group. My current research interests are primarily in the areas of computer architecture, computer security and applied cryptography.
One project I was involved with was building Aegis, a single-chip secure processor that does not trust the operating system and which incorporated cryptographic measurement and attestation, memory integrity verification and memory encryption; all these features were adopted in Intel SGX. A version of Aegis uses Physical Unclonable Functions (PUFs) to generate secret keys from chip fabrication variations.
PUFs can also be used for low-cost authentication. This Canon camera bought in 2014 can be authenticated using an NFC-enabled phone because the package has an RFID PUF tag (black box marked Canon) on it. Contrast the tag with the first silicon PUF built during 2002-04 at MIT! Xilinx Zynq Ultrascale+ FPGAs use PUFs to generate secret keys, as do Altera Stratix 10 FPGAs.
My research group designed a secure processor Ascend that allows untrusted programs to compute on encrypted data from a client without leaking information about the data. Ascend uses Path ORAM with optimizations and integrity verification to obfuscate memory address patterns. Ascend also protects the timing channel. Ascend was integrated with the Princeton Piton multicore processor and taped out in 32nm technology in March 2015. The chip is 6mm x 6mm, contains more than 460,000,000 transistors and runs at 857 MHz, dissipating 166 mW @ 1.1V.
My group produced a detailed analysis of Intel SGX. We used this knowledge and our experience with Aegis and Ascend to design Sanctum, an open-source in-order processor based on the RISC-V that is resistant to a broader class of software attacks than SGX and whose security is easier to analyze. We have begun an effort to formally verify Sanctum. Sanctum uses a stateless cryptographically-secure PUF to generate secret keys in a secure boot process.
We designed a Dynamically Allocated Way Guard (DAWG) cache to defend against control flow speculation attacks such as Spectre that use the cache exfiltration channel to leak secrets.
We came up with a time traveling coherence protocol based on logical-time leases called Tardis, which has the unique feature that it does not require multicast or a globally synchronized clock, and only requires O(log N) storage in an N-core system. Tardis can be generalized to relaxed consistency models.
I am interested in the scaling of databases and data management systems to 1000-core processors. We have applied Tardis' idea of logical leases to concurrency control for databases and distributed concurrency control.
My group pointed out vulnerabilities in anonymizing networks, and designed Riffle, and Atom, systems with strong anonymity. Catena is a system that uses Bitcoin to prevent equivocation.
I am the Computer Science track coordinator of the MIT PRIMES high-school outreach program, a year-long program where high-school students are exposed to research and mentored by MIT students. I am an EECS oversight officer for the 6-7 undergraduate and 6-7 MEng program.
I served as the chair of Area II (Computer Science Graduate Program) from June 2003 to November 2005, and as the Research Director of Architecture, Systems and Networking within CSAIL from September 2003 to October 2005. I served as Associate Head of the Department of Electrical Engineering and Computer Science with responsibility for Computer Science from 2005 to 2011.
|Computer Architecture.||Computer Security.||Database Management.|
|Computational Biology.||Architecture Exploration/Embedded Systems.||Compiler Optimization.|
|Design for Low Power Dissipation.||Boolean Representation.||Asynchronous Design.|
|Layout and Logic Synthesis.||Test Generation/Synthesis for Testability.||Formal and Semi-Formal Verification.|
My introductory programming book: Programming for the Puzzled. Available on Amazon.
I have taught several classes at MIT:
Programming for the Puzzled (6.S095 OCW), IAP 2018. YouTube Channel.
Fundamentals of Programming (6.009), Fall 2015, Spring 2016, Spring 2017.
Introduction to Computer Science and Programming (6.00), Spring 2012, Fall 2013.
Computer and Network Security (6.857), Spring 2010.
Elements of Software Construction (6.005), Spring 2009, Fall 2010, Spring 2011.
Design and Analysis of Algorithms (the new 6.046), Fall 2008, Fall 2012, Spring 2015 OCW Version.
Introduction to Algorithms (6.006), Fall 2007, Spring 2008, Fall 2009, Fall 2011 OCW Version, Spring 2014, Spring 2018.
Introduction to Algorithms (the old 6.046), Spring 2007.
Recitations in Digital Communication Systems (6.02), Fall 2014.
Laboratory in Software Engineering (6.170), Fall 2001, Spring 2002, Fall 2003, Fall 2005.
Computer Architecture (6.823), Spring 2002, Fall 2009.
Mathematics for Computer Science (6.042), Fall 1998, Fall 2000, Spring 2003, Spring 2005 OCW Version.
Computation Structures (6.004), Spring 2004, Fall 2006. Teaching material from Fall 1996/Spring 1998 terms.
Recitations in 6.001: Structure and Interpretation of Computer Programs, Fall 2004.
Recitations in 6.033: Computer Systems Engineering, Spring 2013.
Computer-Aided Design of Integrated Circuits (6.373), Spring 1989, Spring 1991-3-5-7, Spring 1999.
Introduction to VLSI Systems (6.371), Fall 1989, Spring 1990, Fall 1991, Fall 1994-5, Fall 1997.
Formal Verification in VLSI Design (6.892), Fall 1992.
Recitation sections in 6.002: Circuits and Electronics, Fall 1988.