Bryan Parno is an associate professor with a joint appointment in the Computer Science, and the Electrical and Computer Engineering departments. His research is primarily focused on investigating long-term, fundamental improvements in how to design and build secure systems. As a result, his work combines theory and practice to provide formal, rigorous security guarantees about concrete systems, with an emphasis on creating solid foundations for practical solutions.
Designing and Building Provably Secure Systems
2010 Ph.D., Electrical and Computer Engineering, Carnegie Mellon University
2005 MA, Electrical and Computer Engineering, Carnegie Mellon University
2004 BA, Computer Science, Harvard University
- authentication and passwords
- cloud security
- computer engineering
- computer security
- data security and privacy
- distributed systems
- Formal methods
- formal methods for security
- hardware security
- Internet of Things (IoT)
- ML and AI
- network security
- operating systems
- protocol security
- secure systems
- security of AI and ML
- software security
- systems security
- Usability and human behavior
Computer Business Review
Parno collaborates on cryptographic provider and library
Team Everest, a joint Microsoft-academia collaboration, recently released a cryptographic provider and library called EverCrypt. ECE’s Bryan Parno, who worked on the project, says that it has “the same features, convenience, and performance as popular existing cryptographic libraries without the bugs that leave protocols and applications vulnerable.”
Achieving provably-secure encryption
Earlier this week, a team consisting of researchers from CyLab released the world’s first verifiably secure industrial-strength cryptographic library—a set of code that can be used to protect data and is guaranteed to protect against the most popular classes of cyberattacks.
Parno quoted in PopSci on end-to-end encryption
End-to-end encryption is essential to privacy. But as Facebook begins to incorporate encryption into its messaging services, it’s important to consider the caveats that come with it. ECE’s Bryan Parno weighs in on the conversation in Popular Science.
Parno develops Vale to mathematically verify code security
ECE/CyLab’s Bryan Parno, in collaboration with his Ph.D. student and researchers from Microsoft, has developed a programming tool called “Vale.” The tool can mathematically verify the security of low-level assembly code, such as the cryptographic code that runs when one browses the Internet. Vale can verify security up to 10 times faster than other tools without sacrificing performance.
Building a verifiably-secure internet
In security, almost nothing is guaranteed. It's impossible to test the infinite ways a criminal hacker may penetrate a proverbial firewall. But what if, by the laws of mathematics, something could be proven to be secure without running an infinite number of test cases?
Reducing complexity to increase security
Carnegie Mellon University team receives $7.5M ONR grant for software complexity reduction, or simplifying complex internet protocols to build greater security.
The Wall Street Journal
Parno quoted by WSJ on Intel chip flaws
CyLab/ECE’s Bryan Parno was quoted about a jump in computer hardware security papers submitted to an IEEE conference in response to Intel's Spectre and Meltdown chip flaws.
The CONIX Center is creating the architecture for networked computing to better connect edge devices to the cloud in the IoT.
CyLab’s Bryan Parno receives 2018 Sloan Research Fellowship
CyLab’s Bryan Parno is one of five Carnegie Mellon recipients of the 2018 Sloan Research Fellowship.
Parno quoted on Chronicle, Alphabet's newest cybersecurity company
Although machine learning is a powerful tool, ECE/CyLab’s Bryan Parno says in an article for Popular Science that, historically, its been challenging to use for security problems.
Smarter networks to connect the edge to the cloud
Carnegie Mellon University will lead a $27.5 million Semiconductor Research Corporation (SRC) initiative to build more intelligence into computer networks.
Celebrating “SSL,” the unsung hero of online shopping
In the time it takes you to read this sentence, Americans are spending somewhere between $50,000 and $100,000 on retail online. In those mere seconds of time, few thought twice about sharing their credit card numbers with Amazon, or banking routing numbers with PayPal or social security numbers with their banks. We have the Secure Socket Layer (SSL) to thank for that.