SIGCOMM 2015, Joint work with: Justine Sherry, Chang Lan, and Sylvia Ratnasamy
Many network middleboxes perform deep packet inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include intrusion detection (IDS), exfiltration detection, and parental filtering. However, a long-standing issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable properties: the functionality of middleboxes and the privacy of encryption.
We propose BlindBox, the first system that simultaneously provides both of these properties. The approach of BlindBox is to perform the deep-packet inspection directly on the encrypted traffic. BlindBox realizes this approach through a new protocol and new encryption schemes. We demonstrate that BlindBox enables applications such as IDS, exfiltration detection and parental filtering, and supports real rulesets from both open-source and industrial DPI systems. We implemented BlindBox and showed that it is practical for settings with long-lived HTTPS connections. Moreover, its core encryption scheme is 3-6 orders of magnitude faster than existing relevant cryptographic schemes.
Raluca Ada Popa is an assistant professor of computer science at UC Berkeley. She is interested in security, systems, and applied cryptography. Raluca developed practical systems (such as CryptDB and Mylar) that protect data confidentiality by computing over encrypted data, as well as designed new encryption schemes that underlie these systems. Some of her work has had early impact, with Google applying CryptDB's design to their SQL-like BigQuery service and surgeons at Boston's Newton-Wellesley hospital using Mylar to secure their medical application. Raluca has received her PhD in computer science as well as her two BS degrees, in computer science and in mathematics, from MIT. She is the recipient of a George M. Sprowls Award for best MIT CS doctoral thesis, a Google PhD Fellowship, a Johnson award for best CS Masters of Engineering thesis from MIT, and a CRA Outstanding undergraduate award from the ACM.