Bryan Parno
Associate Professor, Computer Science Department, Electrical and Computer Engineering
Bryan Parno is an associate professor with a joint appointment in the Computer Science, and the Electrical and Computer Engineering departments. His research is primarily focused on investigating long-term, fundamental improvements in how to design and build secure systems. As a result, his work combines theory and practice to provide formal, rigorous security guarantees about concrete systems, with an emphasis on creating solid foundations for practical solutions.
Designing and Building Provably Secure Systems
Education
2010 Ph.D., Electrical and Computer Engineering, Carnegie Mellon University
2005 MA, Electrical and Computer Engineering, Carnegie Mellon University
2004 BA, Computer Science, Harvard University
Affiliations
Research Interests
- authentication and passwords
- blockchain
- cloud security
- computer engineering
- computer security
- cryptography
- cybersecurity
- data security and privacy
- distributed systems
- Formal methods
- formal methods for security
- hardware security
- Internet of Things (IoT)
- ML and AI
- network security
- operating systems
- privacy
- protocol security
- secure systems
- security of AI and ML
- software security
- systems security
- Usability and human behavior
- verification
Media mentions
CyLab Security and Privacy Institute
Award-winning research paves the way for provably-safe sandboxing using WebAssembly
Researchers at Carnegie Mellon have developed a pair of compilers enabling provably-safe multilingual software sandboxing using WebAssembly.
CyLab Security and Privacy Institute
CyLab names 2022 Presidential Fellows
Each year, CyLab recognizes high-achieving Ph.D. students pursuing security and/or privacy-related research with a CyLab Presidential Fellowship that covers one year of tuition.
CyLab Security and Privacy Institute
Carnegie Mellon faculty, students present at the 31st USENIX Security Symposium
An overview of papers, authored by members of CMU's CyLab Security and Privacy Institute, being presented at the 31st USENIX Security Symposium
CyLab Security and Privacy Institute
CyLab Ph.D. student receives honor for “highest quality” thesis
CyLab’s Aymeric Fromherz was recognized with an A.G. Milnes Award for his Ph.D. thesis work “judged to be of the highest quality and which has had, or is likely to have, significant impact in his or her field.”
CyLab Security and Privacy Institute
Undergrads around the nation partake in CyLab research
Roughly a dozen undergraduate students from as many colleges and universities around the country pursued security and/or privacy-focused research projects in this year’s REU program at CMU.
CyLab Security and Privacy Institute
New programming language and tool ensures code will compute as intended
A team of researchers including CyLab's Bryan Parno published a study about a new tool that mathematically proves that concurrent programs will compute correctly.
CyLab Security and Privacy Institute
Provably-secure code incorporated into Linux kernel
This month, code from the provably correct and secure “EverCrypt” cryptographic library, which CyLab’s Bryan Parno and his team helped develop and release last year, was officially incorporated into the Linux kernel — the core of the Linux operating system.
Computer Business Review
Parno collaborates on cryptographic provider and library
Team Everest, a joint Microsoft-academia collaboration, recently released a cryptographic provider and library called EverCrypt. ECE’s Bryan Parno, who worked on the project, says that it has “the same features, convenience, and performance as popular existing cryptographic libraries without the bugs that leave protocols and applications vulnerable.”
CMU Engineering
Achieving provably-secure encryption
Earlier this week, a team consisting of researchers from CyLab released the world’s first verifiably secure industrial-strength cryptographic library—a set of code that can be used to protect data and is guaranteed to protect against the most popular classes of cyberattacks.
Popular Science
Parno quoted in PopSci on end-to-end encryption
End-to-end encryption is essential to privacy. But as Facebook begins to incorporate encryption into its messaging services, it’s important to consider the caveats that come with it. ECE’s Bryan Parno weighs in on the conversation in Popular Science.
CyLab Security and Privacy Institute
Building a verifiably-secure internet
In security, almost nothing is guaranteed. It's impossible to test the infinite ways a criminal hacker may penetrate a proverbial firewall. But what if, by the laws of mathematics, something could be proven to be secure without running an infinite number of test cases?
CMU Engineering
Reducing complexity to increase security
Carnegie Mellon University team receives $7.5M ONR grant for software complexity reduction, or simplifying complex internet protocols to build greater security.