J. Alex Halderman is an Associate Professor of Electrical Engineering and Computer Science at the University of Michigan, and continues to hold an appointment as a Visiting Research Collaborator at Princeton’s Center for Information Technology Policy. Professor Halderman has served as a technical expert in federal court, submitted multiple expert reports, and worked as a technical consultant and analyst on several matters. His research focuses on computer security and privacy, with an emphasis on problems that broadly impact society and public policy. He has studied software security, network security, data privacy, anonymity, electronic voting, censorship resistance, digital rights management, computer forensics, ethics, cybercrime, and technological aspects of intellectual property law and government regulation.
Professor Halderman’s work has received worldwide press coverage. He is widely known for his research into how digital rights management can be a threat to users’ security; his analysis of touch-screen voting machines, which demonstrated the first voting machine virus; and his “cold boot” research into recovering data from RAM even while a computer is off. More recently, he revealed security flaws in China’s Green Dam Youth Escort censorware software.
Honors & Distinctions
- Named one of Popular Science’s “Brilliant 10,” 2015
- Pwnie Award, Most Innovative Research for “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice,” Black Hat USA, 2015
- Alfred P. Sloan Research Fellowship, 2015
- College of Engineering 1938E Award, University of Michigan, 2015
- Morris Wellman Faculty Development Assistant Professorship, University of Michigan, 2015
- Best Paper Award, 14th ACM Internet Measurement Conference for “The Matter of Heartbleed,” 2014
- Best Paper Award, 21st USENIX Security Symposium for “Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices,” 2012
- Runner-up, PET Award for Outstanding Research in Privacy Enhancing Technologies for “Telex: Anticensorship in the Network Infrastructure,” 2012
- John Gideon Memorial Award, Election Verification Network, 2011
- Best Student Paper Award, 17th USENIX Security Symposium for “Lest We Remember: Cold Boot Attacks on Encryption Keys,” 2008
- Pwnie Award, Most Innovative Research for “Lest We Remember: Cold Boot Attacks on Encryption Keys,” 2008
- Charlotte Elizabeth Procter Honoriﬁc Fellowship, Princeton University, 2007
- National Science Foundation Graduate Research Fellowship, 2004 – 2007
- Computer Science Department Fellowship, Princeton University, 2003 – 2004
- Best Paper Award, 8th International Conference on 3D Web Technology for “Early Experiences with a 3D Model Search Engine,” 2003
- Phi Beta Kappa, 2003
- Sigma Xi, 2003
- Computer Science Department Senior Award, Princeton University, 2003
- Accenture Prize in Computer Science, Princeton University, 2002
- Martin A. Dale ’53 Summer Award, Princeton University, 2000
- USA Computing Olympiad National Finalist, 1996, 1997
- “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice.” David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. A. Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, and Paul Zimmermann. Forthcoming in Proc. 22nd ACM Conference on Computer and Communications Security (CCS), October 2015.
- “A Search Engine Backed by Internet-Wide Scanning.” Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. A. Halderman. Forthcoming in Proc. 22nd ACM Conference on Computer and Communications Security (CCS), October 2015.
- “Neither Snow Nor Rain Nor MITM. . . An Empirical Analysis of Email Delivery Security.” Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Elie Bursztein, Nicholas Lidzborski, Kurt Thomas, Vijay Eranti, Michael Bailey, and J. A. Halderman. Forthcoming in Proc. 15th ACM Internet Measurement Conference (IMC), October 2015.
- “Umbra: Embedded Web Security through Application-Layer Firewalls.” Travis Finkenauer and J. Alex Halderman. In Proc. 1st Workshop on the Security of Cyberphysical Systems (WOS-CPS ’15), September 2015.
- “The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election.” J. A. Halderman and Vanessa Teague. In Proc. 5th International Conference on E-Voting and Identity (VoteID), September 2015.
- “Security Analysis of the Estonian Internet Voting System.” Drew Springall, Travis Finkenauer, Zakir Durumeric, Jason Kitcat, Harri Hursti, Margaret MacAlpine, and J. A. Halderman. In Proc. 21st ACM Conference on Computer and Communications Security (CCS’14), November 2014.
- “The Matter of Heartbleed.” Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. A. Halderman. In Proc. 14th ACM Internet Measurement Conference (IMC’14), November 2014.
- “Security Analysis of India’s Electronic Voting Machines.” Scott Wolchok, Eric Wustrow, J. Alex Halderman, Hari K. Prasad, Arun Kankipati, Sai Krishna Sakhamuri, Vasavya Yagati, and Rop Gonggrijp. In Proc. 17th ACM Conference on Computer and Communications Security (CCS’10), October 2010.
- “To Strengthen Security, Change Developers’ Incentives.” J. Alex Halderman. IEEE Security and Privacy 8 no. 2 (2010):79-82. doi:10.1109/MSP.2010.85
- “Lest We Remember: Cold Boot Attacks on Encryption Keys.” J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. In Proc. 17th USENIX Security Symposium, July 2008.
- Controlling download and playback of media content. Wai Fun (Aaron) Lee, Marius P. Schilder, Jason D. Waddle, and J. A. Halderman. US Patent No. 8,074,083, issued December 6, 2011.
- System and method for machine-assisted election auditing. Edward W. Felten, Joseph A. Calandrino, and J. Alex Halderman. US Patent No. 8,033,463, issued October 11, 2011.
- On e-voting topics: Fox News and CNN, CBS Evening News, New York Times, LA Times, USA Today, Wall Street Journal, Washington Post, Newark Star-Ledger, Time, Fortune, MIT Tech Review, Harper’s Index, NPR Science Friday, BBC World Service, Slashdot.org, among others.
On Digital Rights Management: MSNBC, CNBC, and MTV, USA Today, New York Times, Washington Post, Boston Globe, Reuters, San Jose Mercury News, Newark Star-Ledger, New Scientist, Wired, NPR, CNET, Slashdot.org, BoingBoing, among others