Alumnus wins cybersecurity award

  • July 24, 2013
Alumnus wins cybersecurity award

Joseph Bonneau has been awarded the National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

A Gates Cambridge alumnus has been awarded the prestigious National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

Joseph Bonneau’s winning paper is entitled “The Science of Guessing:  Analysing an Anonymised Corpus of 70 Million Passwords”.

The NSA, the central producer and manager of signals intelligence for the United States, said the paper offered “careful and rigorous measurements of password use in practice and theoretical contributions to how to measure and model password strength” and reflected many dimensions of good science. It also praised its innovation and ethical methodology and said it would have impact beyond the particular issue it discussed.

The paper is based on Joseph’s PhD research at Cambridge, which he completed last year and which showed that passwords in general only contain between 10 and 20 bits of security against an online or offline attack. For his research, Joseph was given access to 70 million anonymous passwords through Yahoo! – the biggest sample to date – and, using statistical guessing metrics, trawled them for information, including demographic information and site usage characteristics.

He found that for all demographic groups password security was low, even where people had to register to pay by a debit or credit card. Proactive measures to prompt people to consider more secure passwords roughly doubled password strength.

Even people who had had their accounts hacked did not opt for passwords which were significantly more secure.

Joseph [2008], who is currently working as an engineer at Google, said: “This award was a nice honour, though I was also conflicted about receiving it. While the award was chosen by an independent academic panel that I greatly respect, it is not free of politics as recent disclosures about the extent and nature of the NSA’s surveillance activities have outraged many people around the world, particularly researchers in cryptography and computer security.

“We’ve been dealing with this conflict for decades in our field. On balance, I believe technology has increased freedom and democracy around the globe and those goals motivate my research. While I strongly oppose most of the NSA’s activities, I appreciate getting the opportunity to share some of my research with them. I hope that more engagement with the academic cryptography community is a small step forward.”

Picture credit: www.freedigitalphotos.net and foto76.

Latest News

Affecting change for the Māori community

Self-determination lies at the centre of Māori culture. “It’s a way of life,” says Chris Tooley. That idea is also at the heart of his PhD studies at Cambridge and his subsequent work in Parliament and in the community. Chris grew up with a strong sense of being part of the Māori community. He has ancestral […]

On the COVID frontline

Three Gates Cambridge scholars who have been on the medical frontline during the COVID-19 pandemic will be speaking about their experiences at a virtual event next weekend. The event, organised by the Gates Cambridge Alumni Association, will be moderated by Elizabeth Dzeng, Assistant Professor of Medicine at the University of California, San Francisco in the […]

New game tackles Covid conspiracies

A new online game that puts players in the shoes of a purveyor of fake pandemic news is the latest tactic in the UK Government’s efforts to tackle the deluge of coronavirus misinformation that is misleading many and costing lives across the world. Launched to the public today, the Go Viral! game has been developed by the […]

“Democracy does not work on a ‘trust me’ basis”

When Jennifer Gibson started her MPhil at Cambridge in 2001 as part of the inaugural class of Gates Scholars, no-one knew what it meant to be a Gates Cambridge Scholar. Twenty years later, Jennifer is now a human rights lawyer focused on national security issues, something she never could have anticipated, but which she credits in no small part […]