Alumnus wins cybersecurity award

  • July 24, 2013
Alumnus wins cybersecurity award

Joseph Bonneau has been awarded the National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

A Gates Cambridge alumnus has been awarded the prestigious National Security Agency Award for Best Scientific Cybersecurity Paper of 2012 for research he conducted for his PhD.

Joseph Bonneau’s winning paper is entitled “The Science of Guessing:  Analysing an Anonymised Corpus of 70 Million Passwords”.

The NSA, the central producer and manager of signals intelligence for the United States, said the paper offered “careful and rigorous measurements of password use in practice and theoretical contributions to how to measure and model password strength” and reflected many dimensions of good science. It also praised its innovation and ethical methodology and said it would have impact beyond the particular issue it discussed.

The paper is based on Joseph’s PhD research at Cambridge, which he completed last year and which showed that passwords in general only contain between 10 and 20 bits of security against an online or offline attack. For his research, Joseph was given access to 70 million anonymous passwords through Yahoo! – the biggest sample to date – and, using statistical guessing metrics, trawled them for information, including demographic information and site usage characteristics.

He found that for all demographic groups password security was low, even where people had to register to pay by a debit or credit card. Proactive measures to prompt people to consider more secure passwords roughly doubled password strength.

Even people who had had their accounts hacked did not opt for passwords which were significantly more secure.

Joseph [2008], who is currently working as an engineer at Google, said: “This award was a nice honour, though I was also conflicted about receiving it. While the award was chosen by an independent academic panel that I greatly respect, it is not free of politics as recent disclosures about the extent and nature of the NSA’s surveillance activities have outraged many people around the world, particularly researchers in cryptography and computer security.

“We’ve been dealing with this conflict for decades in our field. On balance, I believe technology has increased freedom and democracy around the globe and those goals motivate my research. While I strongly oppose most of the NSA’s activities, I appreciate getting the opportunity to share some of my research with them. I hope that more engagement with the academic cryptography community is a small step forward.”

Picture credit: www.freedigitalphotos.net and foto76.

Latest News

Scholar wins prestigious MLA award

Gates Cambridge Scholar Anna Kathryn Kendrick has won the 31st annual Katherine Singer Kovacs Prize for an outstanding book published in English or Spanish in the field of Latin American and Spanish literatures and cultures from the Modern Language Association of America. Anna [2011], who did her PhD in Spanish at the University of Cambridge […]

Scholars address sustainability at internal symposium

Five Gates Cambridge Scholars will take part in an internal symposium this week, discussing research on sustainability issues ranging from legal avenues to tackle the climate crisis to educational resilience. Each scholar will outline their research at the symposium on 1st December. They are: Jillian Sprenger [2021], who is doing an MPhil in Environmental Policy, […]

‘Heritage is not just about monuments’

Heritage studies tend to be based on Western models and case studies, with a lot of emphasis on monuments and tangible artefacts. “That’s quite a Western lens,” says Stanley Onyemechalu, who has just started his PhD at Cambridge. “I argue that Archaeology in a lot of the global north is obsessed with material things, but […]

New model developed for understanding biomolecular condensates

Our planet contains an outstandingly diverse population of species, from plants and animals, to microbes and viruses. Yet not all species are found everywhere, but rather, smaller subsets of them occupy different geographical regions, creating a wide-range of co-existing microenvironments that thrive under different climates and function in unique ways. The same can be said […]