My research interests lie primarily in the area of Computer and Network security spanning both cryptography and systems research. I have theorized about electronic voting protocols and built web proxies to collect ephemeral authentication cookies on the web and greatly enjoyed both. As a result, I find myself drawn to the strong programs CMU offers, both in Algorithms, Combinatorics and Optimization and in Computer Systems Research. I was particularly intrigued by the Secure Continuous Biometric-Enhanced Authentication project and I was thrilled to read that the project addresses the privacy risks inherent in biometric systems. I would also relish the opportunity to work with Manuel Blum on more theoretical projects. Currently my interests lie in information hiding technologies (described more thoroughly in section 3). I know that at CMU I will find distinguished faculty interested in advising me in pursuit of those interests.
I wish to pursue a Ph.D. in computer science with the ultimate goal of becoming a professor and having the opportunity to teach and do research at a university. In the year that I have spent as a teaching assistant I have discovered a strong passion for sharing my knowledge and fostering enthusiasm for my field in others. I have thrived in the rich intellectual climate of academia and I want to contribute more actively to it. I have strong interests in the field of secure systems which compel me to pursue further research in that area.
I was advised to apply to Carnegie Mellon by Professor Leiserson who supervised my teaching assistantship this fall. Several students who were undergraduates at CMU and are now MIT graduate students expressed tremendous enthusiasm for the program. I am impressed with how strong the program is, and anticipate that the environment on campus must be truly intellectually stimulating. CMU continually attracts and produces brillant and accomplished faculty members and has a rich heritage of great research projects in systems and theory. I know that at CMU I will be exposed to new and varied perspectives and paradigms while still having the opportunity to explore my interests in secure systems. I visited Pittsburgh in April for the 4th International Information Hiding Workshop and I enjoyed the city and could see myself residing there.
My current research involves investigating how can people communicate privately and unobservably, particularly when some large, powerful and unscrupulous adversary is attempting to detect and prevent such communication. Such an adversary could ban standard cryptography forcing the communication itself to be hidden. In these cases, steganography, the hiding of an encrypted message and the extraction of it at its destination, becomes extremely relevant. A related concept is a covert channel, a communications channel which violates some security policy.
I had been exposed to the covert channel idea in my reading and I was further inspired to work on this topic by attending the 4th International Information Hiding Workshop where I was able to exchange ideas with many people as excited about the subject as I was. I also became more aware of the relationships between the fields of steganography, covert channels, watermarking, and anonymous systems. Furthermore I became aware of the important social implications of this work in privacy protection, censorship resistance and intellectual property protection.
The covert channel I am developing is based on embedding encrypted data in the timestamp field for TCP. TCP is a great place to hide information because it is so ubiquitous, and others before me have identified it as a possible covert channel. However, these schemes were detectable by an adversary who knew what to look for and their implementations were not complete. By using the timestamp field and careful protocol design, I intend to make this a secure and usable covert channel. The largest challenges in this project have been dealing with reliably sending data over an unreliable channel which only sends one bit of ciphertext per packet. I am working on this with a group of friends as a project for my Computer and Network Security class (6.857) and we have submitted our paper to a conference.
My Master's Thesis project also is related to information hiding and unobservable communication. I am working with Prof. Robert Morris on building a system for steganographically embedding data in a series of images such that it is undetectable and robust against compression. The security of steganography rests on the plausibility of sending the cover medium, and plausibility is a fundamentally human concept. One could imagine a perfect steganographic system in which one could embed encrypted data in random data and send it around.
In most cases, however, this solution is not practical since sending random data around is not plausible. I have designed a system based on embedding data in images. The system chooses images whose hashed values coincide with the data I would like to send. This avoids the risk of modifying images and disturbing their statistical properties. The problem becomes more complex when you consider an active adversary who can make any changes they wish without disturbing the way the images look. Currently I have a working design for my project and am beginning to implement it.
I hope by researching these issues, I will contribute to a generalized theory of steganography and information hiding. I know there is a lot to be done in this area and I intend for my Ph.D. work to delve deeper into these issues. Steganography is fascinating because it is such an open field. It has been done for thousands of years, but most of its security has been based on security through obscurity and there is no framework for proving the security of any schemes out there, let alone determining properties like the capacity of a channel.
Over the past two terms I have had one of the most rewarding experiences of my life teaching Introduction to Algorithms, 6.046. I have devoted the vast majority of my time to planning recitation sections which present material my students have never seen before, coming up with new problems for problem sets and exams and dealing with students' questions and concerns during office hours. Recently, I taught the dynamic programming paradigm in recitation and it was very heady to see students grasp the concepts I was presenting as the class went on. It is a very exciting experience to teach students of such high caliber. They have challenged me with questions which have caused my knowledge of the material to grow immensely. The opportunity to continue to teach students of CMU's caliber (and the opportunity to continue to teach later on as a professor) is a large part of my motivation to attend graduate school.