I am a graduate student in the department
of Computer Science at Cornell University
under the able guidance of Prof. Thomas Ristenpart
I graduated with a Bachelor of Technology in Computer
Science and Engineering in 2012 from Indian Institute of
, India. I received my Masters in Computer Science from
University of Wisconsin-Madison
Prior to joining UW (Yes, the only real UW
, not the one which should be called UWash or U-Dub), I
worked for one year in an exciting company called Two Roads Technology
on high frequency trading in Bangalore.
I am interested in security and privacy
of the digital world, in
particular, how to build secure but human friendly authentication systems.
Currently, I am working on making passwords secure and humane.
Selected Publications ↑
Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart,
The TypTop System: Personalized Typo-tolerant Password Checking,
ACM CCS 2017.
(PDF, Slides (pptx),
Joanne Woodage, Rahul Chatterjee, Yevgeniy Dodis, Ari
Juels, and Thomas Ristenpart. A New Distribution-Sensitive Secure
Sketch and Popularity-Proportional Hashing. In Annual International
Cryptology Conference 2017 (Crypto 2017).
Rahul Chatterjee, Anish Athalye, Devdatta Akhawe, Ari Juels, Thomas Ristenpart,
pASSWORD tYPOS and How to Correct Them Securely,
IEEE Security and Privacy - Oakland 2016.
Distinguished Student Paper Award
Adam Everspaugh, Rahul Chatterjee, Samuel Scott, Air Juels, Thomas Ristenpart
The Pythia PRF Service, USENIX Security 2015.
(PDF, Project Page)
Rahul Chatterjee, Joseph Bonneau, Ari Juels, Thomas
Ristenpart, Cracking-Resistant Password Vaults using Natural Language
Encoders, Proc. IEEE Symposium on Security and Privacy - Oakland 2015.
We build a system that securely monitors pssword typing behaviors of a user, and
allow log in with typos that the user frequently enter and safe to do so. More
details about the project can be found in the project page.
To typo is human, but it is extremely annoying when you make typographical mistakes
in typing your long and complex login password and get rejected by the server for
that small typo. Things become worse if you are using a touch-pad device, such as a
tablet or smart phone. Wouldn't it be great if the server tolerates some small typos
that users make frequently while entering their passwords. We investigated the
impact of correcting some small set of typos in Dropbox production authentication
server. We show that it is possible to allow a small set of typos to improve user
experience without degrading the security (not more than negligible amount). For
more details visit the project page.
| This is a new kind of password manager (a.k.a. password vault),
that encrypts user-credentials under a master password, but
resists offline brute-force decryption. Dictionary attack on
stolen password vaults, where users store all of their usernames
and passwords, is an increasing threat for password
managers. Thanks to poor choice of passwords by significant
portion of internet users, and easy repudiation of successful
decryption under a candidate master password, it is easy to
mount a dictionary attack on any ciphertext encrypted under
traditional encryption schemes with human chosen master password
NoCrack solves this problem to great extent. When one tries to
decrypt a NoCrack ciphertext with wrong master password, NoCrack
generates fake, plausible looking passwords (decoys) making it
hard for the attacker to figure out offline whether or not his
guess was correct. Unlike traditional password vaults, it never
fails to decrypt and always outputs passwords which looks
Simultaneous Localization and Mapping using Relational Trees
We developed an unsupervised method of learning with which a robot, which
is flying over an unknown region and taking snaps periodically, can build
a semantic map of the region and localize its position on the map using
those pictures. This project was sponsored by, European Aeronautic
Defence and Space Company (EADS), Germany. The work was acknowledged by
ICMMM-2011, China by selecting for conference presentation .
Creating Artistic Effects on Image using Random Digital Curve
Developed algorithm for generating irreducible simple random digital
curves in a constrained domain. Drawing multiple of them on the edge of
binary image and then setting the intensity of each pixel proportional to
the number of times it was visited by the curves give nice real pencil
sketch effect. This work is published in CAIP-2011, Seville, Spain .
Work Experience ↑
Dropbox Inc, San Francisco, CA, USA. June 2016 - August
Microsoft Research Technologies, Redmond, WA, USA. June 2015 - August
Adobe Technology Lab, Adobe India Pvt. Ltd., Noida, India. June
2011 - August 2011.
Computer Sciences, Univeristy of Wisconsin-Madison.
Computer Science, Cornell Tech, Cornell University
- C++ for JAVA Programmers. Fall, 2013
- Introduction to Cryptography. Fall, 2014
- Building Startup Systems. Fall, 2017
- Cryptography. Spring, 2016
- Introduction to AI. Fall, 2015
Software Developer and Analyst
Tworoads Technology Pvt. Ltd., Bangalore, India. June 2012 - June 2013.