Cloudflare Research logo
 
Nick Sullivan Nick Sullivan
grey cloud FORMER TEAM MEMBER

Projects

Publications

2023RFC 9497: Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups

Internet Research Task Force (IRTF). 2023.
Alex Davidson, Armando Faz-Hernandez, Nick Sullivan, Christopher A. Wood

2023RFC 9380: Hashing to Elliptic Curves

Internet Research Task Force (IRTF). 2023.
Armando Faz-Hernandez, Sam Scott, Nick Sullivan, Riad S. Wahby, Christopher A. Wood

2023Portunus: Re-imagining access control in distributed systems

2023 USENIX Annual Technical Conference (USENIX ATC 23), pp. 35-52, Boston, MA, 2023.
Watson Ladd, Marloes Venema, Tanya Verma, Armando Faz-Hernandez, Brendan McMillion, Avani Wildani, Nick Sullivan

2023Evaluating practical QUIC website fingerprinting defenses for the masses

The 23rd Privacy Enhancing Technologies Symposium (PETS), July 10-15, Lausanne, Switzerland. 2023.
Sandra Siby, Ludovic Barman, Christopher A. Wood, Marwan Fayed, Nick Sullivan, Carmela Troncoso

2022This is not the padding you are looking for! On the ineffectiveness of QUIC PADDING against website fingerprinting

IETF 113 Conference. 2022.
Ludovic Barman, Sandra Siby, Christopher A. Wood, Marwan Fayed, Nick Sullivan, Carmela Troncoso

2022Might I Get Pwned: A Second Generation Compromised Credential Checking Service

31th USENIX Security Symposium (USENIX Security 22).
Bijeeta Pal, Mazharul Islam, Marina Sanusi Bohuk, Nick Sullivan, Luke Valenta, Tara Whalen, Christopher A. Wood, Thomas Ristenpart, Rahul Chattejee

2022Respect the ORIGIN! A Best-case Evaluation of Connection Coalescing

ACM Internet Measurement Conference 2022, October 25-27, France. 2022.
Sudheesh Singanamalla, Talha Paracha, Suleman Ahmad, Jonathan Hoyland, Luke Valenta, Yevgen Safronov, Peter Wu, Andrew Galloni, Kurtis Heimerl, Nick Sullivan, Christopher A. Wood, Marwan Fayed

2022RFC 9261: Exported Authenticators in TLS

Internet Engineering Task Force (IETF). 2022.
Nick Sullivan

2022A Fast and Simple Partially Oblivious PRF, with Applications

Advances in Cryptology – EUROCRYPT 2022: 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, May 30 – June 3, pp. 674–705, 2022.
Nirvan Tyagi, Sofía Celi, Thomas Ristenpart, Nick Sullivan, Stefano Tessaro, Christopher A. Wood

2022Let The Right One In: Attestation as a Usable CAPTCHA Alternative

Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022), Boston, MA. 2022.
Tara Whalen, Thibault Meunier, Mrudula Kodali, Alex Davidson, Marwan Fayed, Armando Faz-Hernandez, Watson Ladd, Deepak Maram, Nick Sullivan, Benedikt Christoph Wolters, Maxime Guerreiro, Andrew Galloni

2021Implementing and measuring KEMTLS

Progress in Cryptology – LATINCRYPT 2021, Lecture Notes in Computer Science(), vol 12912. Springer, 2021.
Sofía Celi, Armando Faz-Hernandez, Nick Sullivan, Goutam Tamvada, Luke Valenta, Thom Wiggers, Bas Westerbaan, Christopher A. Wood

2021The Ties that un-Bind: Decoupling IP from web services and sockets for robust addressing agility at CDN-scale

Proceedings of the 2021 ACM SIGCOMM 2021 Conference, pp. 433–446. 2021.
Marwan Fayed, Lorenz Bauer, Vasileios Giotsas, Sami Kerola, Marek Majkowski, Pavel Odinstov, Jakub Sitnicki, Taejoong Chung, Dave Levin, Alan Mislove, Christopher A. Wood, Nick Sullivan

2021Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS

Proceedings on Privacy Enhancing Technologies 2021, Volume 4, pp. 575–592. 2021.
Sudheesh Singanamalla, Suphanat Chunhapanya, Jonathan Hoyland, Marek Vavruša, Tanya Verma, Peter Wu, Marwan Fayed, Kurtis Heimerl, Nick Sullivan, Christopher A. Wood

2020RFC 8937: Randomness Improvements for Security Protocols

Internet Research Task Force (IRTF). 2020.
Cas Cremers, Luke Garratt, Stanislav Smyshlyaev, Nick Sullivan, Christopher A. Wood

2019RPKI is coming of age: A longitudinal study of RPKI deployment and invalid route origins

Proceedings of the Internet Measurement Conference, pp. 406-419. 2019.
Taejoong Chung, Emile Aben, Tim Bruijnzeels, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Roland van Rijswijk-Deij, John Rula, Nick Sullivan

2019Measuring TLS key exchange with post-quantum KEM

Workshop Record of the Second PQC Standardization Conference. 2019.
Krzysztof Kwiatkowski, Nick Sullivan, Adam Langley, Dave Levin, Alan Mislove

2019Protocols for checking compromised credentials

Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1387-1403. 2019.
Lucy Li, Bijeeta Pal, Junade Ali, Nick Sullivan, Rahul Chatterjee, Thomas Ristenpart

2019RFC 8586: Loop Detection in Content Delivery Networks (CDNs)

Internet Engineering Task Force (IETF). 2019.
Stephen Ludin, Mark Nottingham, Nick Sullivan

2018Is the web ready for OSCP must-staple?

Proceedings of the Internet Measurement Conference 2018, pp. 105-118. 2018.
Taejoong Chung, Jay Lok, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, John Rula, Nick Sullivan, Christo Wilson

2018Privacy Pass: Bypassing Internet Challenges Anonymously

Proceedings on Privacy Enhancing Technologies, no. 3 (2018), pp. 164-180. 2018.
Alex Davidson, Ian Goldberg, Nick Sullivan, George Tankersley, Filippo Valsorda

2018nQUIC: Noise-based QUIC packet protection

EPIQ'18: Proceedings of the Workshop on the Evolution, Performance, and Interoperability of QUIC, pp. 22-28. 2018.
Mathias Hall-Andersen, David Wong, Nick Sullivan, Alishah Chator

2018403 Forbidden: A Global View of CDN Geoblocking

Proceedings of the Internet Measurement Conference 2018, pp. 218-230. 2018.
Allison McDonald, Matthew Bernhard, Luke Valenta, Benjamin VanderSloot, Will Scott, Nick Sullivan, J. Alex Halderman, Roya Ensafi

2018Geo Key Manager

Real World Crypto Symposium 2018. Zurich, Switzerland. January 2018.
Nick Sullivan, Brendan McMillion

2018In search of CurveSwap: Measuring elliptic curve implementations in the wild

2018 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 384-398. IEEE, 2018.
Luke Valenta, Nick Sullivan, Antonio Sanso, Nadia Heninger

2017Understanding the mirai botnet

26th USENIX security symposium (USENIX Security 17), pp. 1093-1110. 2017.
Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou

2017The Security Impact of HTTPS Interception

Network and Distributed System Security Symposium (NDSS) 2017.
Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman, Vern Paxson

2016Attacking White-Box AES Constructions

Proceedings of the 2016 ACM Workshop on Software Protection, pp. 85-90. 2016.
Brendan McMillion, Nick Sullivan

2015An analysis of TLS handshake proxying

2015 IEEE Trustcom/BigDataSE/ISPA, volume 1, pp. 279-286. 2015.
Douglas Stebila, Nick Sullivan

Blog posts