Cătălin Hriţcu

Starting in May 2011 I am Research Associate at the University of Pennsylvania, working on the CRASH/SAFE project under the guidance of Benjamin C. Pierce. I'm a member of the Penn PL Club.

I received my PhD (summa cum laude) from Saarland University. While in Saarbrücken, I was a member of the Information Security and Cryptography Group and held fellowships from the International Max Planck Research School for Computer Science and Microsoft Research Cambridge. My current webpage is still hosted here.

Contact

E-mail (preferred): catalin.hritcu@gmail.com                   Office: Towne 223

Address: University of Pennsylvania, 3330 Walnut Street, Philadelphia, PA 19104-6389

News

• FCS'13 Workshop on Foundations of Computer Security (PC member)

Research Interests

My research is primarily focused on developing rigorous formal techniques for solving security problems. I am particularly interested in:

• formal methods for computer and network security: security protocols, privacy, anonymity, zero-knowledge, information flow control, access control, integrity protection
• programming-languages techniques: rigorous semantics, type systems, verification, automatic testing, formal metatheory, formally certified tools
• design and verification of security-critical systems: microkernel components, electronic voting systems, crypto devices, security-preserving compilers, mobile devices, etc.

Recent Publications and Drafts

For a complete list of my publications please look here (also on Google Scholar).

• Cătălin Hriţcu, John Hughes, Benjamin C. Pierce, Antal Spector-Zabusky, Dimitrios Vytiniotis, Arthur Azevedo de Amorim, Leonidas Lampropoulos. Testing Noninterference, Quickly. Submitted to ICFP 2013. March 2013.
  • Long version
• Cătălin Hriţcu, Michael Greenberg, Ben Karel, Benjamin C. Pierce, Greg Morrisett. All Your IFCException Are Belong To Us. In 34th IEEE Symposium on Security and Privacy (Oakland), May 2013. To appear.
  • Coq formalization and proofs are available here.
  • Breeze interpreter, libraries, and sample applications are available here.
  • A previous version of this work was called Exceptionally Available Dynamic IFC, July 2012.
• Udit Dhawan, Albert Kwon, Edin Kadric, Cătălin Hriţcu, Benjamin C. Pierce, Jonathan M. Smith, Gregory Malecha, Greg Morrisett, Thomas F. Knight, Jr., Andrew Sutherland, Tom Hawkins, Amanda Zyxnfryx, David Wittenberg, Peter Trei, Sumit Ray, Greg Sullivan, and André DeHon, Hardware Support for Safety Interlocks and Introspection. In SASO Workshop on Adaptive Host and Network Security, September 2012.
• Michael Backes, Alex Busenius, Cătălin Hriţcu. On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols. 4th NASA Formal Methods Symposium (NFM 2012), pages 371-387, April 2012.
  • Online appendix containing details that had to be omitted in the NFM paper due to the lack of space.
  • Implementation, case studies, documentation, Coq formalization, and proofs are all available on the page of the expi2java project.
• Michael Backes, Cătălin Hriţcu, and Matteo Maffei. Union, Intersection, and Refinement Types and Reasoning About Type Disjointness for Secure Protocol Implementations, Submitted to special issue of the Journal of Computer Security (JCS) for TOSCA-SecCo, January 16, 2012.
  • Preliminary version appeared in Theory of Security and Applications (TOSCA'11), Invited paper, April 2011.
  • Machine-checked soundness proof in Coq by Cătălin Hriţcu, February 2011.
  • Prototype implementation (F5) by Thorsten Tarrach and Cătălin Hriţcu, November 2010.
• Gavin M. Bierman, Andrew D. Gordon, Cătălin Hriţcu, David Langworthy. Semantic Subtyping with an SMT Solver. Journal of Functional Programming, 22(1):31-105, Cambridge University Press, March 2012.
  • More information can be found on the Dminor project website at Microsoft Research.
  • An abridged version appeared in 15th ACM SIGPLAN International Conference on Functional Programming (ICFP 2010), September 2010
  • The Dminor model and some of the proofs in this paper are formalized in Coq, November 2010.

Recent and Upcoming Talks

For a complete list of my talks please look here.

• Upcoming: TBD
  • INRIA Paris-Rocquencourt (2013-05-30)
• Fresh:: All Your IFCException Are Belong To Us
  • IEEE Symposium on Security & Privacy (Oakland): slides (2013-05-20)
• Fresh: Testing Noninterference, Quickly
  • Stanford Security Lunch: slides (2013-05-15)
• CRASH/SAFE: Clean-slate Co-design of a Secure Host Architecture
  • Microsoft Research Cambridge: slides; video(2013-03-28)
  • Prosecco team at INRIA Paris-Rocquencourt: slides (2013-01-04)
  • InfSec group at Saarland University: slides (2012-12-18)
  • EC SPRIDE at TU Darmstadt: slides (2012-12-18)
• All Your IFCException Are Belong To Us
  • New Jersey Programming Languages and Systems Seminar: slides (2012-11-14)
  • IFIP Working Group 2.8 - Functional Programming: slides (2012-11-05)
  • Harvard Programming Languages Group: slides (2012-10-15)
• Poison-pills and dynamic information flow control
  • Penn PLClub: slides (2012-05-11)
• On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols
  • 4th NASA Formal Methods Symposium (NFM 2012): slides (2012-04-03)
• Union, Intersection, and Refinement Types and Reasoning About Type Disjointness for Security Protocol Analysis
  • Thesis defense, Saarland University: slides (2012-01-10)
• Breeze: A Language For Writing Secure Software
  • Stevens Institute of Technology: slides (2011-11-28)
• Union, Intersection, and Refinement Types and Reasoning about Type Disjointness for Analyzing Protocol Implementations
  • Penn PLClub: slides (2011-07-20)
  • MSR-INRIA Joint Centre, Parc Orsay Université: slides (2010-12-07)
• Semantic Subtyping with an SMT Solver
  • 15th ACM SIGPLAN International Conference on Functional Programming (ICFP 2010): slides; video (2010-09-27)
  • Workshop on Relations and Data Integrity Constraints and Languages (RADICAL 2010): slides; video
    (2010-05-10)
  • Information Security and Cryptography Group: slides (2009-12-16)

Teaching

• Advanced Martial Arts in Coq - CIS670 at UPenn, Fall 2012. Guest lecturer for 2 lectures:
  • An Introduction to Coinduction (2012-09-26)
  • Coinductive Operational Semantics (2012-10-01)
  • Full Coq development including my coind tactic (more details on my blog)
• Software Foundations - CIS500 at UPenn, Spring 2012. Guest lecturer for 6 lectures:
  • More About Coq and Varying the Induction Hypothesis (2012-01-25)
  • Coq Automation and While Programs (2012-02-20 and 2012-02-22)
  • Properties of Relations (2012-03-21)
  • Properties of the Simply Typed Lambda-Calculus (2012-04-16)
  • Simple Extensions to the Simply Typed Lambda-Calculus (2012-04-18)
• Advanced Topics in Programming Languages - CIS670 at UPenn, Fall 2011. Guest lecturer for 2 lectures:
  • Featherweight Breeze: step1, step2, step3, step4 (2011-11-30 and 2011-12-05)
• Security - Core Lecture, Saarland University, Winter 2010/11. Guest lecturer for 1 lecture:
  • Control Hijacking: Defenses (2010-10-28)
• Practical Aspects of Security Lecture - Advanced Lecture, Saarland University, Summer 2009 (Best lecture award). Guest lecturer for 3 lectures:
  • Control Hijacking: Defenses (2009-05-22)
  • Control Hijacking Attacks (2009-05-15)
  • Security problems in network protocols; TLS (2009-06-26)
• Selected Topics of Information Security and Cryptography - Seminar, Saarland University, Winter 2008/09. Organizer; advised students on the following topic:
  • Observational Equivalence for Security Protocols
• Selected Topics of Information Security and Cryptography - Seminar, Saarland University, Winter 2007/08. Organizer; advised students on the following topics:
  • The Analysis of Electronic Voting Protocols
  • The Secure Implementation of Cryptographic Protocols
• Introduction to Computational Logic - Core Lecture, Saarland University, Summer 2007. Teaching assistant.
• Language-based Security - Advanced Lecture, Saarland University, Winter 2006/07. Teaching assistant; conducted weekly recitation sections.

Advised Students

• Sam Panzer & Nick Watson
  • Senior design project at UPenn, 2011-10 to 2012-04:
    Zephyr: A Content Management System in Breeze
• Alex Busenius
  • Master's Thesis, Finished 2011-04-04:
    Mechanized Formalization of a Transformation from an Extensible Spi Calculus to Java
  • Bachelor's Thesis, Finished 2008-10-28:
    Expi2Java - An Extensible Code Generator for Security Protocols
  [First employment Capgemini]
• Thorsten Tarrach
  • Master's Thesis, Finished 2010-08-31:
    Automatically Verifying "M" Modeling Language Constraints
  • Bachelor's Thesis, Finished 2008-10-27:
    Spi2F# - A Prototype Code Generator for Security Protocols
  [First employment Troxo/Atomia] [Now PhD student at IST Austria]
• Martin Grochulla
  • Master's Thesis, Finished 2009-01-06 (co-advised with Matteo Maffei)
    Security Despite System Compromise with Zero-Knowledge Proofs
  [Now PhD student at the MPI-INF]

Software

• New: CRASH/SAFE: clean-slate co-design of a secure architecture, including novel hardware, zero-kernel operating system, and programming language (team effort)
• New: Breeze: a programming language with dynamic information flow control and label-based access control, with Michael Greenberg, Ben Karel, Benoît Montagu, Benjamin C. Pierce, Jesse A. Tov, and others
• F5: a tool-chain for RCF, with Thorsten Tarrach
• DVerify: a verification tool for the "M" language by Thorsten Tarrach
• Dminor: a type-checker using semantic subtyping with Gavin Bierman and Andy Gordon
• Expi2Java: an extensible code generator for security protocols by Alex Busenius
• Protocol transformation for achieving security despite compromise by Martin Grochulla
• Zero-knowledge type-checker with Stefan Lorenz, Kim Pecina and Thorsten Tarrach

Misc

• My curriculum vitae
• My blog (Smiling)
• Pronouncing my name: /kətəlin hritsku/, mp3, aiff
• Spelling my name in LaTeX: C\u{a}t\u{a}lin Hri\c{t}cu
• Spelling my name in HTML: Cătălin Hriţcu