Alumnus wins cybersecurity award

  • July 24, 2013
Alumnus wins cybersecurity award

Joseph Bonneau has been awarded the National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

A Gates Cambridge alumnus has been awarded the prestigious National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

Joseph Bonneau’s winning paper is entitled “The Science of Guessing:  Analysing an Anonymised Corpus of 70 Million Passwords”.

The NSA, the central producer and manager of signals intelligence for the United States, said the paper offered “careful and rigorous measurements of password use in practice and theoretical contributions to how to measure and model password strength” and reflected many dimensions of good science. It also praised its innovation and ethical methodology and said it would have impact beyond the particular issue it discussed.

The paper is based on Joseph’s PhD research at Cambridge, which he completed last year and which showed that passwords in general only contain between 10 and 20 bits of security against an online or offline attack. For his research, Joseph was given access to 70 million anonymous passwords through Yahoo! – the biggest sample to date – and, using statistical guessing metrics, trawled them for information, including demographic information and site usage characteristics.

He found that for all demographic groups password security was low, even where people had to register to pay by a debit or credit card. Proactive measures to prompt people to consider more secure passwords roughly doubled password strength.

Even people who had had their accounts hacked did not opt for passwords which were significantly more secure.

Joseph [2008], who is currently working as an engineer at Google, said: “This award was a nice honour, though I was also conflicted about receiving it. While the award was chosen by an independent academic panel that I greatly respect, it is not free of politics as recent disclosures about the extent and nature of the NSA’s surveillance activities have outraged many people around the world, particularly researchers in cryptography and computer security.

“We’ve been dealing with this conflict for decades in our field. On balance, I believe technology has increased freedom and democracy around the globe and those goals motivate my research. While I strongly oppose most of the NSA’s activities, I appreciate getting the opportunity to share some of my research with them. I hope that more engagement with the academic cryptography community is a small step forward.”

Picture credit: www.freedigitalphotos.net and foto76.

Latest News

Addressing the mental health emergency

Mental health has been rising up the global health priority list over the last few years, but Covid accelerated it. Yet the resources available to those in crisis situations are few. Gates Cambridge Scholar Usama Mirza is addressing one particular gap in his home country of Pakistan, having recently launched Asia’s first mental health ambulance […]

Food security in Africa through a multi-disciplinary lens

Three Gates Cambridge Scholars are collaborating on an innovative project to map and address the disappearance of historically undervalued African indigenous and traditional food crops at a time of climate crisis. The project is the brainchild of Dr Carol Ibe, founder of the JR Biotek Foundation, a charity which trains, upskills and empowers present and […]

Double winner

Jenna Armstrong has done it again. Last year she was part of the winning Cambridge women’s rowing team and her team did it again last weekend. Jenna [2020] started rowing in 2011 as an undergraduate, but took five years off from 2015 to 2020 until she picked it up again when she started at Cambridge. She […]

What does extreme weather mean for us?

Three Gates Cambridge Scholars from China, the US and India are taking part in the third episode of the Gates Cambridge podcast, So, now what? which is out today [26th March] as part of the Cambridge Festival’s Festival of Podcasts. The episode, featuring Victoria Herrmann [2015], Songqiao Yao [2014] and Ramit Debnath [2018] and hosted […]