Raluca Ada Popa

Raluca Ada Popa

Robert E. and Beverly A. Brooks Assistant professor, UC Berkeley
Department of Electrical Engineering and Computer Science
UC Berkeley
Address: 729 Soda Hall, Berkeley, CA, 94720
Email: raluca AT eecs DOT berkeley DOT edu

I am an assistant professor at UC Berkeley. I am interested in security, systems, and applied cryptography.
I co-founded the RISELab, whose aim is to build systems that are secure and intelligent.

I am also a co-founder and the CTO of PreVeil, a security startup based on my research.

Before joining UC Berkeley, I did a one-year postdoc at ETH Zürich in the System Security group led by Prof. Srdjan Capkun. Before that, I completed my Ph.D. in computer science at MIT, my thesis being about building practical systems that compute on encrypted data. My advisor was Professor Nickolai Zeldovich, and I was also fortunate to work closely with: Professor Hari Balakrishnan (in systems), Professor Shafi Goldwasser, Professor Yael Kalai, and Professor Vinod Vaikuntanathan (in cryptography). I earned my Masters of Engineering in Computer Science in 2010 and my two Bachelors in Computer Science and Mathematics in 2009 also from MIT. My PhD thesis was awarded a George M. Sprowls Award for best MIT CS doctoral theses. As a professor, I was awarded a Sloan Research Fellowship, Microsoft Research Faculty Fellowship, Bakar Faculty Fellowship, and I was named as in the list of 35 innovators under 35 by MIT Technology Review.

Graduate students I'm currently advising:
(by reverse seniority) I also work closely with Sukrit Kalra and Dayeol Lee.

Past students/postdocs I advised:


In the past, I have also worked closely with Justine Sherry for two years during her PhD.

Masters: Postdocs:

Undergraduate students:
My graduate students and I have worked with a number of undergraduate students over time at UC Berkeley: Jerry Chen, Ian Fang, Ruta Jawale, Kelly Liu, Jianan Lu, Takeshi Mochida, Karthik Shanmugam, Eric Wang, and Michelle Yang.

My goal is to build secure systems, and my approach involves both systems and theory work. My group develops new security protocols, systems and architectures, as well as cryptographic schemes.

Open source




Open source

My group has released as open-source a number of software artifacts over time.


A few companies or organizations used, adopted, or took some inspiration from CryptDB. Many of these got in touch with us and gave credit to CryptDB.

SAP AG's system SEEED
SAP AG developed a system called SEEED, which implements CryptDB's design on top of their HANA database system. SEEED uses most of the building blocks of CryptDB as well as the adjustable encryption (onion) strategy. Here are some references: Project SEEED, white paper.

Google's Encrypted BigQuery
Google has developed an experimental extension of the BigQuery client, known as Encrypted BigQuery, which was informed and motivated by the CryptDB paper. It offers client-side encryption for a subset of query types, using encryption building blocks similar to the RND, HOM, and DET used in CryptDB. Their code is available here.

Lincoln Laboratory
Lincoln Labs added the CryptDB design on top of their D4M Accumulo no-SQL engine (using the RND, DET, OPE and HOM building blocks).
Microsoft's Always Encrypted SQL Server Microsoft's Always Encrypted SQL Server enables administrators to encrypt columns with building blocks like RND and DET in CryptDB. The service is now distributed as part of Microsoft's SQL Server. Microsoft's Cipherbase team worked on the creation of AlwaysEncrypted. Cipherbase is a follow-up system to CryptDB.

Skyhigh Networks
Skyhigh networks seems to be using most of the encryption building blocks in CryptDB. Skyhigh discusses these schemes here.

sql.mit.edu is a SQL server at MIT hosting many MIT-ran applications. Volunteering users of Wordpress switched to running Wordpress through CryptDB, using our source code.

Startups based on CryptDB
Privic, a startup in Silicon Valley, and Cryptonor, a startup in Europe, are both based on CryptDB's design. CryptonorDB targets no-SQL databases.
All the companies above except two have been in touch with us already and confirmed the relationship of their system to CryptDB. We have not yet been in touch with Skyhigh networks and Microsoft's Always Encrypted team.

Mylar was used for a medical application:
Newton-Wellesley Hospital, Boston
The endometriosis medical application of this hospital is a web application that collects private information from patients suffering from the disease endometriosis. It was secured with the Mylar core package (no search). The application, together with Mylar, obtained approval from the Institutional Review Board (IRB), and was used for a study.



Functional encryption:
Securing the cloud. Larry Hardesty, MIT news (frontpage), June 2013.

CS 294-163: Decentralized Security: Theory and Systems, Fall 2019, graduate

CS 161: Computer Security, Spring 2019, undergraduate, ≈600 students

CS 261: Security in Computer Systems, Fall 2018, graduate

CS 161: Computer Security, Spring 2018, undergraduate, ≈625 students

CS 261: Security in Computer Systems, Fall 2017, graduate

CS 161: Computer Security, Fall 2016, undergraduate, ≈380 students!

CS 294: RISE Lab: Real-time, Intelligent, and Secure Systems, Fall 2016, graduate

CS 161: Computer Security, Spring 2016, undergraduate, ≈500 students!

CS 261: Security in Computer Systems, Fall 2015, graduate

PC committees

I am originally from Sibiu, a medieval town in the southern part of Transylvania in Romania somewhere close to Dracula's castle...

I enjoy long-distance running, nature, and people.

Some miscellaneous topics of potential interest: