Raluca Ada Popa

PhD advisees:

• Pratyush Mishra, co-advised with Prof. Alessandro Chiesa
• Weikeng Chen
• Yuncong Hu, co-advised with Prof. Alessandro Chiesa
• Sam Kumar, co-advised with Prof. Dave Culler
• Jean-Luc Watson, co-advised with Prof. Prabal Dutta
• Emma Dauterman, co-advised with Prof. Ion Stoica
• Vivian Fang
• Mayank Rathee

Postdocs:

• Sameer Wagh, July 2020 - present
• Ioannis Demertzis, August 2020 - present
• Katerina Sotiraki, August 2020 - present

Alumni:

• PhD advisees:
  
  • Wenting Zheng (→ assistant professor at Carnegie Mellon University)
  • Rishabh Poddar (→ CEO and co-founder of Opaque Systems, Inc.)
  • Ankur Dave (→ software engineer at Databricks)
  • Michael Andersen (→ CTO and co-founder of True)
  • (PhD mentee) I have worked closely with Justine Sherry (→ assistant professor at CMU)

• Masters including 5th year MS:
  • Ashwinee Panda (→ PhD student at Princeton),
  • Jianan Lu (→ PhD student at Princeton),
  • Tobias Boelter (→ Senior Security Research Engineer at Samsung),
  • Chester Leung (→ researcher at UC Berkeley),
  • Jeongseok Son (→ Senior Software Engineer at Google)

• Postdocs: Chia-Che Tsai (→ assistant professor at Texas A&M)

In addition, I have been working with a wonderful group of undergraduates.

My students and I focus on building secure systems with the help of modern cryptography. Instead of relying on a server that becomes a central point of attack, our research provides cryptographic guarantees of privacy or integrity even if the server is compromised. We have built a spectrum of systems within this paradigm, as follows.

Securing communication systems: Our work on WAVE and JEDI aims to bring the benefits of end-to-end encryption to challenging setups, such as publish-subscribe or access delegation systems as well as to resource constrained devices.

Securing storage systems: Popular systems for end-to-end encrypted file sharing reduce the amount of data an attacker can steal from a server. Nevertheless, the attacker can still learn significant metadata, or cause the server to misbehave (e.g., equivocate), problems that our systems Ghostor, Metal, WAVE, MiniCrypt, or Verena aim to prevent.

Securing computation systems: A large part of our work is dedicated to enabling untrusted servers to compute on sensitive data. For this, we have developed systems that can compute on encrypted data for: collaborative computation (machine learning: Helen, Delphi, Visor, Bost et al.; analytics: OCQ, Opaque), databases (Oblix, Opaque, Arx), network processing (SafeBricks, Embark, BlindBox), and general purpose programs (DIZK, Civet). Our works explore two separate approaches, secure multi-party computation and hardware enclaves (combined with cryptography), because of their tradeoffs. For our systems using hardware enclaves, we develop oblivious algorithms, which eliminate a large class of side-channel attacks (e.g., our Membuster attack).
Here is a talk on our secure collaborative computation work:

Papers

• Sam Kumar, David Culler, and Raluca Ada Popa.
  Nearly Zero-Cost Virtual Memory for Secure Computation.
  To appear in OSDI 2021 (USENIX Symposium on Operating Systems Design and Implementation).


• Yuncong Hu, Kian Hooshmand, Harika Kalidhindi, Seung Jin Yang, and Raluca Ada Popa.
  Merkle²: A Low-Latency Transparency Log System.
  IEEE S&P (Oakland) 2021 (IEEE Symposium of Security and Privacy).


• Ryan Lehmkuhl, Pratyush Mishra, Akshayaram Srinivasan, and Raluca Ada Popa.
  Muse: Secure Inference Resilient to Malicious Clients.
  USENIX Security 2021 (USENIX Security Symposium).
  


• Wenting Zheng, Ryan Deng, Weikeng Chen, Raluca Ada Popa, Aurojit Panda, and Ion Stoica.
  Cerebro: A Platform for Multi-Party Cryptographic Collaborative Learning.
  USENIX Security 2021 (USENIX Security Symposium).
  


• Jeongseok Son, Griffin Prechter, Rishabh Poddar, Raluca Ada Popa, and Koushik Sen.
  ObliCheck: Efficient Verification of Oblivious Algorithms with Unobservable State.
  USENIX Security 2021 (USENIX Security Symposium).
  


• Rishabh Poddar, Sukrit Kalra, Avishay Yanai, Ryan Deng, Raluca Ada Popa, and Joseph M. Hellerstein.
  Senate: A Maliciously-Secure MPC Platform for Collaborative Analytics.
  USENIX Security 2021 (USENIX Security Symposium).


• Emma Dauterman, Eric Feng, Ellen Luo, Raluca Ada Popa, and Ion Stoica.
  DORY: An Encrypted Search System with Distributed Trust.
  OSDI 2020 (USENIX Symposium on Operating Systems Design and Implementation).
  


• Pratyush Mishra, Ryan Lehmkuhl, Akshayaram Srinivasan, Wenting Zheng, and Raluca Ada Popa.
  Delphi: A Cryptographic Inference Service for Neural Networks.
  USENIX Security 2020 (USENIX Security Symposium).


• Rishabh Poddar, Ganesh Ananthanarayanan, Srinath Setty, Stavros Volos, and Raluca Ada Popa.
  Visor: Privacy-Preserving Video Analytics as a Cloud Service.
  USENIX Security 2020 (USENIX Security Symposium).


• Chia-Che Tsai, Jeongseok Son, Bhushan Jain, John McAvey, Raluca Ada Popa, and Donald E. Porter.
  Civet: An Efficient Java Partitioning Framework for Hardware Enclaves.
  USENIX Security 2020 (USENIX Security Symposium).


• Dayeol Lee, Donha Jung, Chia-che Tsai, Ian Fang, and Raluca Ada Popa.
  An Off-Chip Attack on Hardware Enclaves via the Memory Bus.
  USENIX Security 2020 (USENIX Security Symposium).


• Yuncong Hu, Sam Kumar, and Raluca Ada Popa.
  Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust.
  NSDI 2020 (USENIX Symposium of Networked Systems Design and Implementation).


• Ankur Dave, Chester Leung, Raluca Ada Popa, Joseph E. Gonzalez, and Ion Stoica.
  Oblivious Coopetitive Analytics Using Hardware Enclaves.
  EuroSys 2020 (European Conference on Computer Systems).


• Rishabh Poddar, Stephanie Wang, Jianan Lu, and Raluca Ada Popa.
  Practical Volume-Based Attacks on Encrypted Databases.
  EuroSP 2020 (IEEE European Symposium on Security and Privacy).


• Weikeng Chen and Raluca Ada Popa.
  Metal: A Metadata-Hiding File Sharing System.
  NDSS 2020 (Network and Distributed System Security Symposium).


• Michael P Andersen, Sam Kumar, Moustafa AbdelBaky, Gabe Fierro, John Kolb, Hyung-Sin Kim, David E. Culler, and Raluca Ada Popa.
  WAVE: A Decentralized Authorization Framework with Transitive Delegation.
  USENIX Security 2019 (USENIX Security Symposium).


• Sam Kumar, Yuncong Hu, Michael P Andersen, Raluca Ada Popa, and David E. Culler.
  JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT.
  USENIX Security 2019 (USENIX Security Symposium).


• Rishabh Poddar, Tobias Boelter, and Raluca Ada Popa.
  Arx: An Encrypted Database using Semantically Secure Encryption.
  VLDB 2019 (International Conference on Very Large Data Bases).


• Wenting Zheng, Raluca Ada Popa, Joseph Gonzalez, and Ion Stoica.
  Helen: Maliciously Secure Coopetitive Learning for Linear Models.
  IEEE S&P (Oakland) 2019 (IEEE Symposium of Security and Privacy).
  Extended paper, arXiv:1907.07212.


• Eric Jonas, Johann Schleier-Smith, Vikram Sreekanti, Chia-Che Tsai, Anurag Khandelwal, Qifan Pu, Vaishaal Shankar, Joao Menezes Carreira, Karl Krauth, Neeraja Yadwadkar, Joseph Gonzalez, Raluca Ada Popa, Ion Stoica and David A. Patterson.
  Cloud Programming Simplified: A Berkeley View on Serverless Computing.
  Technical Report 2019, UCB/EECS-2019-3, UC Berkeley.


• Howard Wu, Wenting Zheng, Alessandro Chiesa, Raluca Ada Popa, and Ion Stoica.
  DIZK: Distributing Zero Knowledge Proof Systems.
  Extended paper: Crypto ePrint Archive, 2018/691.
  USENIX Security 2018 (USENIX Security Symposium).


• Pratyush Mishra, Rishabh Poddar, Jerry Chen, Alessandro Chiesa, and Raluca Ada Popa.
  Oblix: An Efficient Oblivious Search Index.
  IEEE S&P (Oakland) 2018 (IEEE Symposium of Security and Privacy).


• Rishabh Poddar, Chang Lan, Raluca Ada Popa, and Sylvia Ratnasamy.
  SafeBricks: Securing Network Functions in the Cloud.
  NSDI 2018 (USENIX Symposium of Networked Systems Design and Implementation).


• Daniel Ho, Xin Wang, Wenting Zheng, Joseph Gonzalez, Raluca Ada Popa, and Ion Stoica.
  High Accuracy Approximation of Secure Multiparty Neural Network Training.
  AISys 2018.


• Wenting Zheng, Frank Li, Raluca Ada Popa, Ion Stoica, and Rachit Agarwal.
  MiniCrypt: Reconciling Encryption and Compression for Big Data Stores.
  EuroSys 2017 (European Conference on Computer Systems).


• Michael P Andersen, John Kolb, Kaifei Chen, Gabriel Fierro, David E. Culler and Raluca Ada Popa.
  WAVE: A Decentralized Authorization System for IoT via Blockchain Smart Contracts.
  Technical Report 2017, UCB/EEECS-2017-234, UC Berkeley.


• Ion Stoica, Dawn Song, Raluca Ada Popa, David A. Patterson, Michael W. Mahoney, Randy H. Katz, Anthony D. Joseph, Michael Jordan, Joseph M. Hellerstein, Joseph Gonzalez, Ken Goldberg, Ali Ghodsi, David E. Culler and Pieter Abbeel.
  A Berkeley View of Systems Challenges for AI.
  Technical Report 2017, UCB/EECS-2017-159, UC Berkeley.


• Wenting Zheng, Ankur Dave, Jethro Beekman, Raluca Ada Popa, Joseph Gonzalez, and Ion Stoica.
  Opaque: An Oblivious and Encrypted Distributed Analytics Platform.
  NSDI 2017 (USENIX Symposium of Networked Systems Design and Implementation).


• Nikolaos Karapanos, Alexandros Filios, Raluca Ada Popa, and Srdjan Capkun.
  Verena: End-to-End Integrity Protection for Web Applications.
  IEEE S&P 2016 (Oakland) (IEEE Symposium of Security and Privacy).


• Chang Lan, Justine Sherry, Raluca Ada Popa, and Sylvia Ratnasamy.
  Embark: Securely Outsourcing Middleboxes to the Cloud.
  NSDI 2016 (USENIX Symposium on Networked Design and Implementation).


• Rishabh Poddar, Tobias Boelter, and Raluca Ada Popa.
  Arx: A Strongly Encrypted Database System.
  Cryptology ePrint Archive, Report 2016/591.


• Tobias Boelter, Rishabh Poddar, and Raluca Ada Popa.
  A Secure One-Roundtrip Index for Range Queries.
  Cryptology ePrint Archive, Report 2016/568.


• Justine Sherry, Chang Lan, Raluca Ada Popa, and Sylvia Ratnasamy.
  BlindBox: Deep Packet Inspection for Encrypted Traffic.
  SIGCOMM 2015 (ACM Special Interest Group on Data Communication).


• Raphael Bost, Raluca Ada Popa, Stephen Tu, and Shafi Goldwasser.
  Machine Learning Classification Over Encrypted Data.
  NDSS 2015 (Network and Distributed System Security Symposium).


• Raluca Ada Popa and Nickolai Zeldovich.
  How to Compute With Data You Can't See.
  IEEE Spectrum 2015, 52(8):42-47.


• Raluca Ada Popa, Nickolai Zeldovich and Hari Balakrishnan.
  Guidelines for Using the CryptDB System Securely.
  Cryptology ePrint Archive, Report 2015/979.


• Raluca Ada Popa, Emily Stark, Jonas Helfer, Steven Valdez, Nickolai Zeldovich, M. Frans Kaashoek, and Hari Balakrishnan.
  Building Web Applications on Top of Encrypted Data Using Mylar.
  USENIX ;login:, 29(4):22-27, August 2014.


• Raluca Ada Popa, Emily Stark, Jonas Helfer, Steven Valdez, Nickolai Zeldovich, M. Frans Kaashoek, and Hari Balakrishnan.
  Building Web Applications on Top of Encrypted Data Using Mylar.
  NSDI 2014 (USENIX Symposium of Networked Systems Design and Implementation).


• Raluca Ada Popa, Frank H. Li, and Nickolai Zeldovich.
  An Ideal-Security Protocol for Order-Preserving Encoding. [BibTeX] [extended paper]
  IEEE S&P (Oakland) 2013 (IEEE Symposium on Security and Privacy).


• (Alphabetical order:) Shafi Goldwasser, Yael Kalai, Raluca Ada Popa, Vinod Vaikuntanathan, and Nickolai Zeldovich.
  How to Run Turing Machines on Encrypted Data. [BibTeX]
  CRYPTO 2013 (International Cryptology Conference).
  


• (Alphabetical order:) Shafi Goldwasser, Yael Kalai, Raluca Ada Popa, Vinod Vaikuntanathan, and Nickolai Zeldovich.
  Reusable Garbled Circuits and Succinct Functional Encryption. [BibTeX]
  Extended paper: Crypto ePrint Archive, 2012/733.
  STOC 2013 (ACM Symposium on Theory of Computing).
  Selected for SIAM Journal of Computing Special Issue.


• Raluca Ada Popa and Nickolai Zeldovich.
  Multi-Key Searchable Encryption. (This is the searchable encryption scheme used in Mylar.)
  Cryptology ePrint Archive, 2013/508.


• Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan.
  CryptDB: Processing Queries on an Encrypted Database.
  CACM 2012 (Communications of the ACM), 55(9):103-111, with accompanying technical perspective.


• Meelap Shah, Emily Stark, Raluca Ada Popa, and Nickolai Zeldovich.
  Language Support for Efficient Computation over Encrypted Data.
  Off the Beaten Track Workshop: Underrepresented Problems for Programming Language Researchers, 2012.
  



• Raluca Ada Popa and Nickolai Zeldovich.
  Cryptographic Treatment of CryptDB's Adjustable Join.
  MIT-CSAIL-TR-2012-006, 2012.


• Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan.
  CryptDB: Protecting Confidentiality with Encrypted Query Processing. [BibTeX]
  SOSP 2011 (ACM Symposium on Operating Systems Principles).
  Selected as a CACM Research Highlight of 2011.


• Raluca Ada Popa, Andrew J. Blumberg, Hari Balakrishnan, and Frank H. Li.
  Privacy and Accountability for Location-Based Aggregate Statistics. [BibTeX]
  CCS 2011 (ACM Conference on Computer and Communications Security).


• Raluca Ada Popa, Jay Lorch, David Molnar, Helen J. Wang, and Li Zhuang.
  Enabling Security in Cloud Storage SLAs with CloudProof. [BibTeX]
  USENIX 2011 (USENIX Annual Technical Conference).
  


• Carlo Curino, Evan P. C. Jones, Raluca Ada Popa, Nirmesh Malviya, Eugene Wu, Sam Madden, Hari Balakrishnan, and Nickolai Zeldovich.
  Relational Cloud: A Database-as-a-Service for the Cloud. [BibTeX]
  CIDR 2011 (Biennial Conference on Innovative Data Systems Research).


• Raluca Ada Popa, Alessandro Chiesa, Tural Badirkhanli, and Muriel Médard.
  Going Beyond Pollution Attacks: Forcing Byzantine Clients to Code Correctly.
  (Work resulting from class project.) CoRR abs/1108.2080: 2011.


• Raluca Ada Popa, Hari Balakrishnan, and Andrew J. Blumberg.
  Protecting Privacy in Location-Based Vehicular Services. [BibTeX]
  USENIX Security 2009 (USENIX Security Symposium).


• James Cowling, Dan Ports, Barbara Liskov, Raluca Ada Popa, and Abhijeet Gaikwad.
  Census: Location-Aware Membership Management for Large-Scale Distributed Systems. [BibTeX]
  USENIX 2009 (USENIX Annual Technical Conference).


• (Alphabetical order:) Javed A. Aslam, Raluca Ada Popa, and Ronald L. Rivest.
  On Auditing Elections When Precincts Have Different Sizes. [BibTeX]
  EVT 2008 (USENIX/ACCURATE Electronic Voting Technology Workshop).


• (Alphabetical order:) Javed A. Aslam, Raluca Ada Popa, and Ronald L. Rivest.
  On Estimating the Size and Confidence of a Statistical Audit. [BibTeX]
  EVT 2007 (USENIX/ACCURATE Electronic Voting Technology Workshop).


• Shan Lu, Soyeon Park, Chongfeng Hu, Xiao Ma, Weihang Jiang, Zhenmin Li, Raluca Ada Popa, and Yuanyuan Zhou.
  MUVI: Automatically Inferring Multi-Variable Access Correlations and Detecting Related Semantic and Concurrency Bugs. [BibTeX]
  SOSP 2007 (ACM Symposium on Operating Systems Principles).
  

Theses

• Raluca Ada Popa.
  Building Practical Systems That Compute on Encrypted Data.
  Ph.D. thesis, 2014.
  Awarded the 2014 George Sprowls Ph.D. Thesis Award, MIT EECS.
• Raluca Ada Popa.
  Provable and Practical Location Privacy for Vehicular and Mobile Systems.
  Masters thesis, 2010.
  Awarded the 2010 Johnson award for best MIT CS Masters of Engineering thesis.
• Raluca Ada Popa.
  VPriv: Protecting Privacy in Location-Based Vehicular Services.
  Bachelors thesis, 2009.
  CRA Outstanding Undergraduate Award, Winner, nationwide.

As professor:

• 2020 NSF CAREER
• 2019 Robert E. and Beverly A. Brooks Endowed Chair
• 2019 Microsoft Research Faculty Fellowship
• 2019 Technology Review 35 Innovators Under 35
• 2019 Bakar Fellow
• 2019 Okawa Foundation Research Grant
• 2018 Sloan Research Fellowship
• 2018 Hellman Faculty Award
• 2018 NSF Expedition Award for RISELab, $10 million
• 2015 Intel Early Career Faculty Award

As graduate student:

• 2014 George Sprowls Ph.D. Thesis Award, MIT EECS
• 2011-2013 Google Ph.D. Fellowship for Secure Cloud Computing
• 2013 Departmental teaching award, honorable mention, MIT EECS
• 2012 CACM research highlight for CryptDB
• 2010 Johnson award for best CS Masters of Engineering thesis, MIT
  
• 2010 Morris Joseph Levin Award for best MasterWorks presentation, MIT EECS
  
• 2009 Jacobs Presidential Fellowship for graduate studies, MIT

As undergraduate student:

• 2009 CRA Outstanding Undergraduate Award
  (one female and one male winner nationwide)
• 2009 Pogosyants Award for undergraduate research, MIT CSAIL
• 2008 Google Anita Borg Scholarship
• 2006 Caltech Upper Class Merit Award, Carnation Scholarship
• 2006 CRA - Women Distributed Mentor Project Award for Summer Research

DARE

In early 2019, I launched , a diversity program aiming to match strong undergraduates, many from underrepresented backgrounds, with EECS professors for research. With help from EECS, we developed a web application system for DARE. As of June 2020, 30 professors are part of DARE, and a total of about 41 undergraduate students, many from underrepresented backgrounds, have engaged in research with EECS faculty.

Workshop

I am a Program Chair and organizer of CCS 2020 workshop PPMLP: Privacy-preserving machine learning in practice.

PC committees

• SOSP 2021
• IEEE S&P (Oakland) 2020
• SOSP 2019
• NSDI 2019
• OSDI 2018
• NSDI 2018
• NDSS 2017
• Eurosys 2017
• VLDB 2017
• CCS 2016
• Usenix Security 2016 (also served as the poster chair)
• Eurosys 2016
• IEEE S&P (Oakland) 2015