|
|
Chris Karlof
Software Engineering Director
|
I am currently an engineering director at Mozilla working on Firefox.
Interests. Identity systems. Computer security. Usable security. Web and mobile
security and privacy. Full stack software development.
I finished my Ph.D. at UC-Berkeley in February 2009. My advisors were David
Wagner and Doug Tygar. You can check out my recent work history
on LinkedIn.
Publications and Reports.
- Is it too late for PAKE?
- John Engler, Chris Karlof, Elaine Shi, and Dawn Song.
- Proceedings of the Web 2.0 Security and Privacy Workshop 2009 (W2SP 2009), May 2009.
[bibtex]
- Human Factors in Web Authentication
- Chris Karlof.
- Ph.D. dissertation, University of California Berkeley, February 2009.
[bibtex]
- Conditioned-safe Ceremonies and a User Study of an Application to Web Authentication
- Chris Karlof, J.D. Tygar, and David Wagner.
- Proceedings of the Sixteenth Annual Network and
Distributed Systems Security Symposium (NDSS 2009), February 2009.
[bibtex]
- Related: A User Study
Design for Comparing the Security of Registration Protocols.
The design of our user study previously appeared in the proceedings of the First USENIX Workshop
on Usability, Psychology, and Security (UPSEC 2008),
April 2008.
[bibtex]
- Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers
- Chris Karlof, Umesh Shankar, J.D. Tygar, and David Wagner.
- Proceedings of the Fourteenth ACM Conference on
Computer and Communications Security (CCS 2007), pages 58-71,
October 2007.
[bibtex]
- Source Code Review of the Sequoia Voting
System
- Matt Blaze, Arel Cordero, Sophie Engle, Chris Karlof, Naveen Sastry, Micah
Sherr, Till Stegers, Ka-Ping Yee.
- This report was part of the California Secretary
of State's "Top to Bottom Review" of electronic voting systems conducted during the
summer of 2007.
July 20, 2007.
[bibtex]
- A Practical Evaluation of Radio Signal Strength for Ranging-based
Localization
- Kamin Whitehouse, Chris Karlof, and David Culler.
- ACM Mobile Computing and Communications Review (MC2R), Special Issue on
Localization. Volume 11, Issue 1, pages 41-52, January 2007.
[bibtex]
- Doppelganger: Better Browser Privacy Without the Bother
- Umesh Shankar and Chris Karlof.
- Proceedings of the Thirteenth ACM Conference on
Computer and Communications Security (CCS 2006), pages 154-167,
November 2006.
[ps]
[bibtex]
- Also:
A Usability Study of Doppelganger, A Tool for Better Browser Privacy,
Technical Report UCB/EECS-2007-116,
University of California at Berkeley, September 2007.
[bibtex]
- Install
Doppelganger and try it out yourself.
- Security Analysis of the
Diebold AccuBasic Interpreter
- David Wagner, David Jefferson, Matt Bishop, Chris Karlof, and
Naveen Sastry.
- Report of the California Secretary of State's Voting Systems Technology Assessment Advisory Board (VSTAAB).
February 14, 2006.
[bibtex]
- Our report contains a detailed technical analysis of the
security issues associated with the AccuBasic interpreter in
Diebold voting machines.
The California Secretary of State's office
commissioned the report. Compare our results with the
analysis
done by
CIBER, an Independent Testing Authority
responsible for evaluating the trustworthiness of electionic voting
systems.
- Cryptographic Voting Protocols: A Systems Perspective
- Chris Karlof, Naveen Sastry, and David Wagner.
- Proceedings of the
Fourteenth USENIX Security
Symposium (USENIX Security 2005), pages 33-50, August 2005.
[ps]
[bibtex]
- Also: The Promise of Cryptographic Voting Protocols.
An opinion piece on cryptographic voting protocols.
June 2005.
[ps]
[bibtex]
- The Effects of Ranging Noise on Multihop Localization: An Empirical Study
- Kamin Whitehouse, Chris Karlof, Alec Woo, Fred Jiang, and David Culler.
- Proceedings of the Fourth
International Conference on Information Processing in Sensor Networks
(IPSN 2005), pages 73-80, April 2005.
[bibtex]
- Design and Implementation of a Sensor Network System for Vehicle Tracking and Autonomous Interception
- Cory Sharp, Shawn Schaffert, Alec Woo, Naveen Sastry, Chris Karlof, Shankar Sastry, and David Culler.
- Proceedings of the Second European Workshop on
Wireless Sensor Networks (EWSN 2005), pages 93-107, January 2005.
[ps]
[bibtex]
- TinySec: A Link Layer Security Architecture for Wireless Sensor Networks
- Chris Karlof, Naveen Sastry, and David Wagner.
- Proceedings of the
Second ACM Conference on Embedded Networked Sensor Systems (SenSys 2004), pages 162-175, November 2004.
[ps]
[bibtex]
- Also: the TinySec user manual
for TinyOS.
- Distillation Codes and Applications to DoS
Resistant
Multicast Authentication
- Chris Karlof, Naveen Sastry, Yaping Li, Adrian Perrig, and J.D. Tygar.
- Proceedings of the Eleventh Annual Network and
Distributed Systems Security Symposium (NDSS 2004), pages 37-56, February 2004.
[ps]
[bibtex]
- Hidden Markov Model Cryptanalysis
- Chris Karlof and David Wagner.
- Proceedings of the Fifth Workshop on Cryptographic
Hardware and Embedded Systems (CHES 2003), LNCS 2779, pages 17-34, September
2003.
[ps]
[bibtex]
- The full version: [ps]
[pdf] Technical Report UCB//CSD-03-1244,
University of California at Berkeley, June 2003.
- Secure Routing in
Wireless Sensor Networks: Attacks and Countermeasures
- Chris Karlof and David Wagner.
- Elsevier's AdHoc Networks
Journal, Special Issue on Sensor Network Applications and Protocols,
Volume 1, Issues 2-3, pages 293-315, September 2003.
[bibtex]
- A preliminary version of this paper appeared in proceedings of the
First IEEE International
Workshop on Sensor Network Protocols and Applications (SNPA 2003),
pages 113-127, May 2003.
- ARRIVE: Algorithm for Robust Routing in
Volatile Environments
- Chris Karlof, Yaping Li, Joe Polastre.
- Technical Report UCB/CSD-03-1233,
University of California at Berkeley, May 2002.
[bibtex]