Cornell University

Rahul Chatterjee
রাহুল চ্যাটার্জ্জী

PhD Student
Computer Science
Cornell University


Cornell Tech
2 W Loop Rd, New York,
NY 10044, USA
e-mail: github.com/rchatterjee

Who am I?

I am a graduate student in the department of Computer Science at Cornell University under the able guidance of Prof. Thomas Ristenpart. I graduated with a Bachelor of Technology in Computer Science and Engineering in 2012 from Indian Institute of Technology Kharagpur, India. I received my Masters in Computer Science from University of Wisconsin-Madison. Prior to joining UW (Yes, the only real UW, not the one which should be called UWash or U-Dub), I worked for one year in an exciting company called Two Roads Technology Solutions on high frequency trading in Bangalore.
    

Research Interest

I am interested in security and privacy of the digital world, in particular, how to build secure but human friendly authentication systems. Currently, I am working on making passwords secure and humane.

Selected Publications

  1. Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart, The TypTop System: Personalized Typo-tolerant Password Checking, ACM CCS 2017. (PDF, Slides (pptx), Slides (pdf), Project Page)
  2. Joanne Woodage, Rahul Chatterjee, Yevgeniy Dodis, Ari Juels, and Thomas Ristenpart. A New Distribution-Sensitive Secure Sketch and Popularity-Proportional Hashing. In Annual International Cryptology Conference 2017 (Crypto 2017). (PDF)
  3. Rahul Chatterjee, Anish Athalye, Devdatta Akhawe, Ari Juels, Thomas Ristenpart, pASSWORD tYPOS and How to Correct Them Securely, IEEE Security and Privacy - Oakland 2016. (PDF, Slides, Project Page) Distinguished Student Paper Award
  4. Adam Everspaugh, Rahul Chatterjee, Samuel Scott, Air Juels, Thomas Ristenpart The Pythia PRF Service, USENIX Security 2015. (PDF, Project Page)
  5. Rahul Chatterjee, Joseph Bonneau, Ari Juels, Thomas Ristenpart, Cracking-Resistant Password Vaults using Natural Language Encoders, Proc. IEEE Symposium on Security and Privacy - Oakland 2015. (PDF, Slides, Project Page)

Projects

  • The TypTop System

    We build a system that securely monitors pssword typing behaviors of a user, and allow log in with typos that the user frequently enter and safe to do so. More details about the project can be found in the project page.
  • pASSWORD tYPOS and How to Correct Them Securely

    To typo is human, but it is extremely annoying when you make typographical mistakes in typing your long and complex login password and get rejected by the server for that small typo. Things become worse if you are using a touch-pad device, such as a tablet or smart phone. Wouldn't it be great if the server tolerates some small typos that users make frequently while entering their passwords. We investigated the impact of correcting some small set of typos in Dropbox production authentication server. We show that it is possible to allow a small set of typos to improve user experience without degrading the security (not more than negligible amount). For more details visit the project page.
  • NoCrack: Cracking Resistant Password Vault

    This is a new kind of password manager (a.k.a. password vault), that encrypts user-credentials under a master password, but resists offline brute-force decryption. Dictionary attack on stolen password vaults, where users store all of their usernames and passwords, is an increasing threat for password managers. Thanks to poor choice of passwords by significant portion of internet users, and easy repudiation of successful decryption under a candidate master password, it is easy to mount a dictionary attack on any ciphertext encrypted under traditional encryption schemes with human chosen master password as key. NoCrack solves this problem to great extent. When one tries to decrypt a NoCrack ciphertext with wrong master password, NoCrack generates fake, plausible looking passwords (decoys) making it hard for the attacker to figure out offline whether or not his guess was correct. Unlike traditional password vaults, it never fails to decrypt and always outputs passwords which looks correct.
  • Simultaneous Localization and Mapping using Relational Trees

    We developed an unsupervised method of learning with which a robot, which is flying over an unknown region and taking snaps periodically, can build a semantic map of the region and localize its position on the map using those pictures. This project was sponsored by, European Aeronautic Defence and Space Company (EADS), Germany. The work was acknowledged by ICMMM-2011, China by selecting for conference presentation [1].
  • Creating Artistic Effects on Image using Random Digital Curve

    Developed algorithm for generating irreducible simple random digital curves in a constrained domain. Drawing multiple of them on the edge of binary image and then setting the intensity of each pixel proportional to the number of times it was visited by the curves give nice real pencil sketch effect. This work is published in CAIP-2011, Seville, Spain [3].

Work Experience

  • Internship

    Dropbox Inc, San Francisco, CA, USA. June 2016 - August 2016.
    Microsoft Research Technologies, Redmond, WA, USA. June 2015 - August 2015.
    Adobe Technology Lab, Adobe India Pvt. Ltd., Noida, India. June 2011 - August 2011.
  • Teaching Assistant

    Computer Sciences, Univeristy of Wisconsin-Madison.
    • C++ for JAVA Programmers. Fall, 2013
    • Introduction to Cryptography. Fall, 2014
    Computer Science, Cornell Tech, Cornell University
    • Building Startup Systems. Fall, 2017
    • Cryptography. Spring, 2016
    • Introduction to AI. Fall, 2015
  • Software Developer and Analyst

    Tworoads Technology Pvt. Ltd., Bangalore, India. June 2012 - June 2013.