Cornell University

Rahul Chatterjee
রাহুল চ্যাটার্জ্জী

PhD Student
Computer Science
Cornell University

Cornell Tech
111 8th Ave #302, New York,
NY 10011, USA

Who am I?

I am a graduate student in the department of Computer Science at Cornell University under the able guidance of Prof. Thomas Ristenpart. I graduated with a Bachelor of Technology in Computer Science and Engineering in 2012 from Indian Institute of Technology Kharagpur, India. I received my Masters in Computer Science from University of Wisconsin-Madison. Prior to joining UW (Yes, the only real UW, not the one which should be called UWash or U-Dub), I worked for one year in an exciting company called Two Roads Technology Solutions on high frequency trading in Bangalore.

Research Interest

I am interested in security and privacy. I like building theoretically sound practical applications of cryptography to increase security and privacy of the digital world.


  1. Rahul Chatterjee, Anish Athalye, Devdatta Akhawe, Ari Juels, Thomas Ristenpart, pASSWORD tYPOS and How to Correct Them Securely, IEEE Security and Privacy - Oakland 2016. (PDF, Slides, Project Page) Distinguished Student Paper Award
  2. Adam Everspaugh, Rahul Chatterjee, Samuel Scott, Air Juels, Thomas Ristenpart The Pythia PRF Service, USENIX Security 2015. (PDF, Project Page)
  3. Rahul Chatterjee, Joseph Bonneau, Ari Juels, Thomas Ristenpart, Cracking-Resistant Password Vaults using Natural Language Encoders, Proc. IEEE Symposium on Security and Privacy - Oakland 2015. (PDF, Slides, Project Page)
  4. Anjan Sarkar, Rupert Reiger, Subhro Roy, Rahul Chatterjee, Amit Datta, Jai Prakash Gupta, Arvind Sowmyan, SLAM using relational Trees and Semantics, Proc. International Conference on Management, Manufacturing and Materials Engineering (ICMMM 2011), China, December, 2011. ( PDF)
  5. Subhro Roy, Rahul Chatterjee, Partha Bhowmick and Reinhard Klette, MAESTRO: Making Art-Enabled Sketches Through Randomized Operation, Proc. International Conference on Computer Analysis and Image Processing (CAIP) August, 2011, Seville, Spain. ( PDF)
  6. Rahul Chatterjee, Subhro Roy, Partha Bhowmick, A Simulation of Realistic Sketching by Randomized Pencil Strokes, Proc. 2011 IEEE Students' Technology Symposium (IEEE TechSym), IIT Kharagpur, January, 2011. ( PDF)


  • pASSWORD tYPOS and How to Correct Them Securely

    To typo is human, but it is extremely annoying when you make typographical mistakes in typing your long and complex login password and get rejected by the server for that small typo. Things become worse if you are using a touch-pad device, such as a tablet or smart phone. Wouldn't it be great if the server tolerates some small typos that users make frequently while entering their passwords. We investigated the impact of correcting some small set of typos in Dropbox production authentication server. We show that it is possible to allow a small set of typos to improve user experience without degrading the security (not more than negligible amount). For more details visit the project page.
  • NoCrack: Cracking Resistant Password Vault

    This is a new kind of password manager (a.k.a. password vault), that encrypts user-credentials under a master password, but resists offline brute-force decryption. Dictionary attack on stolen password vaults, where users store all of their usernames and passwords, is an increasing threat for password managers. Thanks to poor choice of passwords by significant portion of internet users, and easy repudiation of successful decryption under a candidate master password, it is easy to mount a dictionary attack on any ciphertext encrypted under traditional encryption schemes with human chosen master password as key. NoCrack solves this problem to great extent. When one tries to decrypt a NoCrack ciphertext with wrong master password, NoCrack generates fake, plausible looking passwords (decoys) making it hard for the attacker to figure out offline whether or not his guess was correct. Unlike traditional password vaults, it never fails to decrypt and always outputs passwords which looks correct.
  • Password Manager that cannot be Stolen

    Password managers are, now-a-days, very lucrative piece of information for hackers to steal and get access to all of the users credentials. We are trying to build a password manager that has no stored state in client machine and very minimal state in server. Thanks to no stored credential , it is impossible to steal the password manager. We also devloped the notion of Mutable Random Oracle (MRO), which can mutate its values of any input on users command. Using oblivious pseudo-random function (OPRF) and MRO, we created this stateless password manager where all the domain specific passwords are generated from the conjugation of master password and server secrets.
       Also we found many non-trivial application of our system in forward secure emailing system, secure effacing of harddrive etc.
  • Simultaneous Localization and Mapping using Relational Trees

    We developed an unsupervised method of learning with which a robot, which is flying over an unknown region and taking snaps periodically, can build a semantic map of the region and localize its position on the map using those pictures. This project was sponsored by, European Aeronautic Defence and Space Company (EADS), Germany. The work was acknowledged by ICMMM-2011, China by selecting for conference presentation [1].
  • Creating Artistic Effects on Image using Random Digital Curve

    Developed algorithm for generating irreducible simple random digital curves in a constrained domain. Drawing multiple of them on the edge of binary image and then setting the intensity of each pixel proportional to the number of times it was visited by the curves give nice real pencil sketch effect. This work is published in CAIP-2011, Seville, Spain [3].

Work Experience

  • Internship

    Dropbox, San Francisco, CA, USA. June 2016 - August 2016.
    Microsoft Research, Redmond, WA, USA. June 2015 - August 2015.
  • Teaching Assistant

    Computer Sciences, Univeristy of Wisconsin-Madison.
    - C++ for JAVA Programmers, Instructor: Jim Skrenteny. Fall 2013
    - Introduction to Cryptography, Instructor: Prof. Somesh Jha. Fall 2014
  • Software Developer and Analyst

    Tworoads Technology Pvt. Ltd., Bangalore, India. June 2012 - June 2013.
  • Internship

    Adobe Technology Lab, Adobe India Pvt. Ltd., Noida, India. June 2011 - August 2011.