Passwordless authentication with WebAuthn

Another project I worked on soon after arriving at Duo, this one involved learning about the new WebAuthn standard and figuring out a path forward for Duo in a passwordless (and 2FA-less) world. In particular, Nick Mooney and I built the first WebAuthn client library for Android and used it to build, along with Nick Steele, a prototype passwordless auth mechanism for the Duo Mobile app. Hopefully, as WebAuthn and passwordless authentication gains more traction, we will eventually see the feature show up in the product for everyone to use.

Source Code

Working on the Apple T2 secure boot chip

This was one of the two first projects I worked on as a new Duonaut. Mikhail Davidov was already investigating the T2's secure boot process, and asked me to investigate the ccommunication channel between the T2 and the macOS host. After reversing Apple's proprietary XPC protocol, we built tooling that would enable any unprivileged process running on the mac to communicate with services running on the T2 chip. Apple closed this attack vector within weeks of our initial disclosure to them, but researchers willing to disable SIP on a test machine can still leverage our tooling to continue to probe the T2 chip.

This work culminated in presentations both at Black Hat USA and Cisco's Offensive Summit.

Tech Report



This was my first foray into autonomous vehicle security. Building on some prior work with SGX enclaves, I had a neat idea. What if, in autonomous vehicle platooning, we could get each vehicle to agree not to crash into the other vehicles in the platoon, and actually enforce that agreement. This turned into the idea of autonomous vehicle contracts. We explored the necessary consequences of forming these contracts in practice, which led to building a contract chain protocol to negotiate these contracts safely and ensure that, even under attack, these autonomous vehicles would remain safe for their passengers.

I had the privilege of working with Shibo Chen and Melisa Savich on this project from the very beginning. We published this work at IEEE VNC in 2018.

Paper, slides, and source code

Platoon Following Distance Calculator

This was a simple little side project I performed to evaluate the feasibility of reactive approaches to attacks on autonomous vehicle platoons. Essentially, reactive approaches, such as intrusion detection, can only react as soon as they discover a rogue vehicle has behaved anomalously. This will incur at least some short delay. When combined with differences in vehicle braking deceleration rates, it becomes clear that purely-reactive approaches to platooning safety are insufficient. This motivates our later work on CommPact.

I built a fairly simple graph utility to display how adjusting different initial parameters, such as vehicle speed, deceleration rate, and reaction delay, impact the final theoretical safe following distance. All parameters can be adjusted via slider, and the graph shows how each parameter will affect the necessary following distance, given the currently-selected initial values.

Source Code


This project started as a way to enhance a home router to provide:

  1. A simple and intuitive method for users to manage local device communication
  2. A secure authentication protocol for home networks to manage local devices
However, once we got into it, we realized we had actually created an attribution mechanism that defends against almost all Man-In-The-Middle attacks on local networks. Allowing users to restrict which of their devices are allowed to communicate with one another is a simple and effective access control technique. However, local identifiers such as MAC and IP addresses can easily be spoofed by attackers, and so standard access control techniques are useless. To enable these techniques, we bound each client device to a unique vNIC on the router, and then associated each packet with the vNIC it traversed. This solved a long-standing problem in local network security. Our solution is built on OpenWRT and can be easily built for a variety of different consumer routers. We published this work under the name "No one in the Middle" at AsiaCCS in 2018.

Demo, paper, slides, and source code

Jalapeno (Jahl-ah-pee-no)

Course project with Tim Trippel. After our previous work attacking Virtual Machine RNG from the hypervisor, we came up with a solution using trusted hardware (Intel SGX) to enable applications to securely perform their needed crypto operations. We built a shared library that instantiates an SGX enclave, provisions keys for use by a TLS library such as OpenSSL, and provides protected crypto operations within the trusted enclave. This approach prevents a malicious OS or hypervisor from subverting the RNG.

Source Code

Subverting the Linux RNG via the Xen hypervisor

Course project with Tim Trippel and Andrew Quinn. Built attacks to programmatically control the output of /dev/random and /dev/urandom, as well as the generation of private keys for Diffie-Hellman key exchanges in Apache2/OpenSSL from the hypervisor, without modification to the Virtual Machine. Explored artifacts of these attacks and proposed detection methods to combat use in the wild.

Source Code


Worked with Aravind Vadrevu and advised by Alex Halderman and Matthew Hicks. Designed a modified ZMap scanner to send signals to large IP spaces concurrently. Signals detected via smartphone app with image-recognition detecting LED blinks on home routers. Allows determination of IP address using physical side-channel.

PenTest Project for EECS 388 (Part 3)

EECS 388 (the undergraduate security class) has traditionally had a networking project that includes a component in which the students must crack WEP encryption on a wireless network. I rebuilt the scenario into a PenTest in which the students are responsible for the first three phases of the PenTest lifecycle as they break into a WPA-encrypted wireless network and steal "sensitive company information." The assignment now comes complete with authorization agreement (loosely based on the SANS Pentesting Report ) and a report due to the customer at the conclusion.

Bring Your Own Hospital

Worked with Evan Chavis and advised by Kevin Fu and Peter Honeyman to build a replica hospital network environment, building on minimega and with help and advice from our friends at the UM hospital. Evan has been doing most of the heavy lifting on this one.

Blocking cache side channels through dynamic recompilation

Course project with Akshitha Sriraman and Sai Gouravajhala. We designed a system, building on Protean Code and my earlier work replicating FLUSH+RELOAD, that dynamically mitigates cache side channel attacks in real time while under attack, but allows critical cryptographic subroutines to execute in a faster, insecure mode when no attack is present.

Source Code

Secure session key leakage in QUIC

Course project with Ofir Weisse and Tim Trippel. We designed an alternative to Split TLS that uses the mechanism of leaking the session key in real-time to the network gateway to allow network traffic introspection while maintaining end-to-end encryption between the client and server.

Startup Project - Cache side channel attacks

Kevin Fu had a great idea for a new PhD student. Spend 4 weeks reimplementing a recent conference paper to

  1. learn something new
  2. get back into the research swing of things
I chose to reimplement FLUSH+RELOAD, a cool cache side-channel attack that uses instruction cache leakage instead of the more-common technique of analyzing data cache leakage.