PhD Student
Computer Science Department
Stony Brook University
I am a member of the Network Security and Applied Cryptography Lab, under the supervision of Radu Sion.
Research Interests
My subject interests include network security, distributed computing, systems security, cryptography, operating systems, storage, and databases. I am especially interested in securely outsourcing data and services, including secure indexes, private information retrieval, and trusted computing.
Research Projects
I am currently working on a secure searchable network storage project. The major goal of this project is to build a system that offers privacy guarantees on searchable, encrypted, untrusted storage. A secure index offering proofs of search correctness and completeness will be implemented on the untrusted server. Private information retrieval techniques will be employed to provide search privacy, as well as prevent document content leaks.
While I am pursuing information access privacy mainly in the context of search privacy, access privacy on outsourced storage is an important goal in itself. Specifically, encryption is not sufficient to guarantee privacy. By updating specific parts of a keyword index upon uploading a document, for example, a client can directly reveal to the storage provider the keywords in that document, even though the document itself (or even the index!) is encrypted. Moreover, simple obfuscation techniques are not enough to completely avoid leaking data; if the keyword index is randomly permuted, for example, the client may still reveal that two particular documents share a set of keywords.
Many techniques have been recently developed to efficiently provide access pattern privacy, such as Oded Goldreich's Oblivious RAM, and Dmitri Asonov's Querying Databases Privately. These techniques usually provide perfect computational access pattern privacy, but at costs which are not quite practical for many applications. I am developing and analyzing schemes that will sacrifice a small, quantifiable amount of privacy in order to achieve a more practical "statistical" access pattern privacy. Building on the instinctive notion that simple access pattern obfuscation makes it a lot more difficult for an adversary to reconstruct an access pattern, I am quantifying the amount of information leaked over time for various techniques.
Teaching
CSE 308 Software Engineering, Spring 2010
Selected Publications
Peter Williams, Radu Sion, Dennis Shasha. The Blind Stone Tablet: Outsourcing Durability. Network and Distributed System Security Symposium NDSS 2009. (acceptance rate: 11.7%) (abstract) (pdf)
Peter Williams, Radu Sion, Bogdan Carbunar. Building Castles out of Mud: Practical Access Pattern Privacy and Correctness on Untrusted Storage. ACM Conference on Computer and Communications Security CCS 2008. (acceptance rate: 18.1%) (abstract) (pdf)
Peter Williams, Radu Sion. Usable PIR. Network and Distributed System Security Symposium NDSS 2008. (acceptance rate: 17.8%) (abstract) (pdf)
Posters
Accelerating PIR. CCS 2009.
Outsourcing Durability. CCS 2009.
Privacty Threats in Online Stock Quotes. Financial Cryptography 2008.
NS3: Networked Secure Searchable Storage. Usenix Security 2007.
Non-academic Interests
I dabble in charcoal drawing, guitar playing and keyboard playing.
A competitive game of Ultimate will make my day
I enjoy reading science fiction, most recently Ursula LeGuin and Orson Scott Card.