Cryptography, Security, and Privacy (CrySP)

You are here

Cryptography, Security, and Privacy (CrySP) »

CrySP Speaker Series on Privacy

This speaker series is made possible by an anonymous charitable donation in memory of cypherpunks and privacy advocates Len Sassaman, Hugh Daniel, Hal Finney, and Caspar Bowden.

Most of the talks are video recorded, and are viewable on this site or on our YouTube channel.

Upcoming speakers

For All Tomorrow's Survivors: Computer Security in Interpersonal Threat Models

Thomas Ristenpart, University of Toronto

March 24, 2026 1:30pm, in DC 1304 and Zoom

Abstract

Computer security is traditionally about the protection of digital systems from adversaries such as criminals or governments. In this talk, I will explore interpersonal threat models, in which the adversary is a member of the victim's social circles---an intimate partner, family member, or other close acquaintance---and who seeks to cause harm to the victim, not just their technology. Such known-adversary threat models are a widespread and increasingly severe problem, and their study opens up a new frontier for computer security research and practice.

This perspective has emerged from my research and advocacy in the context of interpersonal abuse contexts such as intimate partner violence (IPV) and human trafficking. Our research details the multifaceted and damaging ways in which abusers exploit technology to harass, impersonate, threaten, monitor, intimidate, and otherwise harm their target via spyware, social media, tracking tools, account compromise, and more. To make progress, I take an advocate-scientist approach that blends ongoing evidence-based design and delivery of clinics that directly assist survivors suffering tech abuse; systemic advocacy for new laws and policies; and basic research into how to design technology to improve its security in the face of known-adversary threats. The latter requires understanding and resolving complex tensions between known-adversary and traditional threat models, with result being principled reworkings of some of our most fundamental security tools to increase security and safety for all users.

The talk will include discussion of physical, sexual, and emotional violence.

Bio

Thomas Ristenpart is a professor at the University of Toronto. He has been faculty at Cornell Tech and the department of computer science at Cornell University since May, 2015, and before that spent four and a half years as an assistant professor at the University of Wisconsin-Madison. He completed his PhD at UC San Diego in 2010. His research spans a wide range of computer security topics, with recent focuses including digital privacy and safety in interpersonal violence, anti-abuse mitigations for encrypted messaging systems, improvements to authentication mechanisms including passwords, and topics in applied and theoretical cryptography. His work is routinely featured in the media and has been recognized by numerous distinguished paper awards, three ACM CCS test-of-time awards, one USENIX Security test-of-time awards, an Advocate of New York City award, an NSF CAREER Award, and a Sloan Research Fellowship.

Past speakers

2025-2026

27 Jan 2026: Bruce Schneier, Fellow and Lecturer, Harvard Kennedy School and the Munk School at the University of Toronto
"Integrity in a World of AI"
7 Aug 2025: Mauro Conti, University of Padua and Örebro University
"Brave New Threat: The Rise of Covert and Side Channels" Video YouTube

2024-2025

21 Oct 2024: Alex Ozdemir, Stanford University
"Collaborative zk-SNARKs: Zero-Knowledge Proofs for Distributed Secrets" Video YouTube
6 May 2024: Colin Bennett, University of Victoria
"Profiling the Political Influence Industry in Canada in the age of AI: Privacy Protection and Democratic Accountability" Video YouTube

2023-2024

3 Apr 2024: Kathrin Hövelmanns, Eindhoven University of Technology
"Fujisaki-Okamoto — a recipe for post-quantum public key encryption" Video YouTube
15 Mar 2024: Yibin Yang, Georgia Institute of Technology
"Zero-Knowledge Proofs Beyond Circuits and Constraints — How to Efficiently Build a “ZK CPU”" Video YouTube
6 Feb 2024: Alex Zhang, GFW Report
"How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic"
2 Feb 2024: Yan Shvartzshnaider, York University
"PrivaCI — Privacy through Contextual Integrity" Video YouTube
23 Nov 2023: Kevin Yeo, Google and Columbia University
"Private Information Retrieval: Improvements and Limitations" Video YouTube
19 Oct 2023: Marina Blanton, University at Buffalo
"A Bigger Picture of Secure Multi-Party Computation" Video YouTube
25 Sep 2023: Gururaj Saileshwar, University of Toronto
"Micro-Architectural Side-Channel Attacks and Defenses: CPU Caches, Schedulers, and Beyond!" Video YouTube
2 Jun 2023: Joel Reardon, University of Calgary
"CVE-2022-23491, or Why PO boxes can't be root certificate authorities anymore" Video YouTube

2022-2023

2 Nov 2022: Sri AravindaKrishnan Thyagarajan, NTT Research
"Cryptographic Locks For Cryptocurrency Payments" Video YouTube
17 May 2022: Pamela Wisniewski, University of Central Florida
"Risk and Resilience: Promoting Adolescent Online Safety and Privacy through Human-Centered Computing" Video YouTube

2021-2022

8 Apr 2022: Smith Oduro-Marfo, University of Victoria
"Surveillance for Development? Implications of Surveillance-oriented Citizen Identification Systems in Global South countries" Video YouTube
19 Jan 2022: Sarah Lamdan, The City University of New York
"Data Analytics Companies in Academia" Video YouTube
24 Nov 2021: Wouter Lueks, EPFL
"Privacy-friendly presence and proximity tracing" Video YouTube
4 Oct 2021: Glencora Borradaile, Oregon State University
"Cybersecurity and the Protection of Dissent" Video YouTube
23 Jul 2021: Angela Sasse, Ruhr Universität Bochum
"Digital fitness instead of blame and entrapment: re-framing "security awareness"" Video YouTube
27 May 2021: Lorrie Faith Cranor, Carnegie Mellon University
"Designing Useful and Usable Privacy Interfaces" Video YouTube

2020-2021

29 Mar 2021: David Evans, University of Virginia
"When Models Learn Too Much" Video YouTube
30 Oct 2020: Riana Pfefferkorn, Stanford Center for Internet and Society
"What's New in the U.S. Crypto Wars?" Video YouTube
6 Oct 2020: Safiya Umoja Noble, UCLA
"Taking on Big Tech: New Paradigms for New Possibilities" Video YouTube

2019-2020

28 Feb 2020: Cat Coode, Binary Tattoo
"GDPR and CPPA and PIPEDA, Oh my!" Video YouTube
28 Feb 2020: Oliver Linow, Deutsche Welle
"Using Tor as a Public Broadcaster" Video YouTube
28 Feb 2020: Scott Millar, Communications Security Establishment
"Trust and Confidence: The Symbiotic Relationship of Privacy and Intelligence in Protecting Canada" Video YouTube
28 Feb 2020: Maura Grossman, University of Waterloo
"Bias in Data-Driven Decision Making" Video YouTube
28 Feb 2020: Julia Angwin, The Markup
"Data is the New Narrative" Video YouTube
1 Nov 2019: Crispin Cowan, Leviathan Security Group
"Privacy: Who Ya Gonna Trust?" Video YouTube
24 Oct 2019: Stefan Saroiu, Microsoft Research
"Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers" Video YouTube
13 May 2019: Sarah Roberts, UCLA
"Doing the Internet's Dirty Work: Commercial Content Moderators as Social Media's Gatekeepers" Video YouTube

2018-2019

2 Nov 2018: Nate Cardozo, Electronic Frontier Foundation
"Fantastically Bad Laws and Where to Find Them" Video YouTube
25 Sep 2018: Adam Molnar, Deakin University
"Evaluating the Australian Government’s Legislative Response to the Encryption Debate" Video YouTube
9 Aug 2018: Aiman Erbad, Qatar University
"When A Small Leak Sinks A Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis" Video YouTube
31 Jul 2018: Vern Paxson, University of California, Berkeley / Corelight, Inc. / International Computer Science Institute
"Finding Very Damaging Needles in Very Large Haystacks" Video YouTube
10 Jul 2018: Matthew Finkel, The Tor Project
""Where's Waldo?" - Privacy in the age of Internet-connected mobile technology" Video YouTube
9 Jul 2018: Chelsea Komlo, HashiCorp
"Where Theory Meets Practice for Privacy Enhancing Technologies" Video YouTube

2017-2018

19 Apr 2018: Joel Reardon, University of Calgary
"“Won’t Somebody Think of the Children?” Examining COPPA Compliance at Scale" Video YouTube
6 Feb 2018: Micheal Vonn, BC Civil Liberties Association
"CSIS Bulk Data Collection and National Security Surveillance" Video YouTube
8 Nov 2017: Andreas Peter, University of Twente
"Somewhat Homomorphic Encryption and its Attractiveness in Privacy-Enhancing Technologies" Video YouTube
27 Oct 2017: Lex Gill, The Citizen Lab
"Rearranging Power Through Law and Code: Deciphering the Canadian Encryption Debate" Video YouTube
26 Jul 2017: Ross Anderson, University of Cambridge
"Making Security Sustainable" Video YouTube
16 Jun 2017: Prashant Nalini Vasudevan, MIT
"Average-Case Fine-Grained Hardness, and What To Do With It" Video YouTube
5 May 2017: Lisa Austin, University of Toronto
"Access to basic subscriber information and the Spencer Decision: disentangling normative and technological questions" Video YouTube

2016-2017

13 Mar 2017: Josh Benaloh, Microsoft Research
"Elections with both Privacy and Integrity" Video YouTube
3 Feb 2017: Nikita Borisov, University of Illinois, Urbana-Champaign
"The State of Secure Messaging: Ratchets, Keys, and Metadata" Video YouTube
2 Feb 2017: Sarah Jamie Lewis, OnionScan
"OnionScan: Practical Deanonymization of Hidden Services" Video YouTube
1 Feb 2017: Frank Wang, MIT
"Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds" Video YouTube
1 Dec 2016: David Murakami Wood, Queen's University
"Hack the Planet! From phone phreaking to subverting planetary infrastructures" Video YouTube
15 Sep 2016: Valerie Steeves, University of Ottawa
"What Hello Barbie Can Tell Us About Behavioural Targeting" Video YouTube
7 Jul 2016: Paul van Oorschot, Carleton University
"Password expiration policies: quantifying assumed security benefits" Video YouTube
10 May 2016: David Wu, Stanford University
"Constraining Pseudorandom Functions Privately" Video YouTube

2015-2016

1 Apr 2016: Seda Gürses, Princeton University
"PET Sematary: Privacy's return from the dead and the rise of Privacy Engineering" Video YouTube
11 Mar 2016: Eva Infeld, Darthmouth College
"Matching Theory and Anonymity" Video YouTube
2 Feb 2016: Alison Macrina, Library Freedom Project
"Grassroots surveillance resistance at your local library" Video YouTube
20 Jan 2016: Rob Jansen, Naval Research Laboratory
"Shadow: Scalable Simulation for Systems Security Research" Video YouTube
2 Dec 2015: Matthew Wright, University of Texas at Arlington
"Teaching Users Random System-Assigned Passwords" Video YouTube
1 Sep 2015: Nicholas Hopper, University of Minnesota
"Secure Load Balancing in Tor with Peerflow" Video YouTube
27 Jul 2015: Amir Herzberg, Bar Ilan University
"Cross-site Search Attacks: Practical Side-channel Privacy Attacks on Web Services" Video YouTube

2014-2015

5 Aug 2014: Nicholas Hopper, University of Minnesota
"New adversary models for censorship circumvention schemes" Video YouTube
25 Jul 2014: Joseph Bonneau, Center for Information Technology Policy
"Storing 56-bit keys in human memory" Video YouTube
4 Jul 2014: Christopher Parsons, University of Toronto
"Stuck on the Agenda—Lesson drawing from 'lawful access' issues in Canada" Video YouTube
18 Jun 2014: Radu Sion, Stony Brook University
"Modern Secure Data Management" Video YouTube

2013-2014

24 Apr 2014: Rajesh Krishna Balan, Singapore Management University
"The LiveLabs Urban LifeStyle Innovation Platform: Opportunities, Challenges, and Current Results" Video YouTube
27 Mar 2014: Kevin Dyer, Portland State University
"Libfte: A User-Friendly Toolkit for Constructing Practical Format-Abiding Encryption Schemes" Video YouTube
31 Jan 2014: Rob Johnson, Stony Brook University
"Website Fingerprinting Attacks and Defenses" Video YouTube
16 Dec 2013: N. Asokan, Aalto University
"On Mobile Malware" Video YouTube
21 Oct 2013: Kelly Caine, Clemson University
"A human-centered tool for enhancing patient privacy in electronic medical record systems" Video YouTube
9 Oct 2013: Patrick Traynor, Georgia Institute of Technology
"Chasing Telephony Security: Where the Wild Things... Are?" Video YouTube
26 Jun 2013: Vaibhav Garg, Drexel University
"Cars, Condoms, and the Privacy Paradox: A Case Study with Facebook" Video YouTube

2012-2013

16 Apr 2013: Michael Reiter, University of North Carolina
"How to Misuse, Use, and Mitigate Side Channels in Virtualized Environments"
5 Apr 2013: Claudia Diaz, KU Leuven
"Two tales of privacy in online social networks" Video YouTube
3 Apr 2013: Michael Brennan, SecondMuse
"Catalyzing Social Change as a Privacy and Security Technologist" Video YouTube
14 Mar 2013: Dawn Song, UC Berkeley
"Privacy in Emerging Technologies: Challenges, Attacks, and Defenses"
28 Jan 2013: Gabriella Coleman, McGill University
"Weapons of the Geek" Video YouTube
10 Oct 2012: Ian Kerr, University of Ottawa
"Repo Men Are Coming: Body EULAs, Privacy and Security of the Person" Video YouTube
11 Sep 2012: Patrick Ball, Benetech
"Human rights, data analysis, and the truth: technical and epistemological reflections from twenty years building software and doing analysis to study mass atrocities" Video YouTube
14 Aug 2012: Joel Reardon, ETH Zurich
"Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory" Video YouTube
2 Aug 2012: Micah Sherr, Georgetown University
"Security and Privacy of Legally Authorized Telephone Surveillance" Video YouTube

2011-2012

19 Jan 2012: Sonia Chiasson, Carleton University
"The convergence of human factors and computer security"
12 Dec 2011: Nadia Heninger, UC San Diego
"Approximate common divisors via lattices"
14 Nov 2011: Eugene Vasserman, Kansas State University
"Censorship Resistant Overlay Publishing"
21 Nov 2011: Vinod Vaikuntanathan, University of Toronto
"Computing Blindfolded: New Developments in Fully Homomorphic Encryption"
24 October 2011: Kevin Bauer, University of Waterloo
"Improving Security and Performance in Low-Latency Anonymity Networks"
7 September 2011: Tamir Tassa, The Open University of Israel
"Generalized Oblivious Transfer by Secret Sharing"
8 August 2011: Ahmad-Reza Sadeghi, Technical University Darmstadt
"Cloudy and Phony: On the Convergence of Cloud and Smartphone Security"
26 July 2011: Jean-Pierre Hubaux, EPFL
"Two Short Talks about the Security of Web Applications"
28 May 2011: Ryan Henry, University of Waterloo
"Formalizing and Extending Anonymous Blacklisting Systems"

2010-2011 (MITACS Speaker Series on Privacy)

1 April 2011: Matthew Wright, University of Texas at Arlington
"Removing Detectable Statistics from Covert Channels"
11 March 2011: Prateek Mittal, University of Illinois, Urbana-Champaign
"Throughput Fingerprinting-based Traffic Analysis of Low Latency Anonymous Communication"
8 Mar 2011: Mohammad Hossein Manshaei, EPFL
"Game Theory Meets Network Security and Privacy"
15 Dec 2010: Femi Olumofin, University of Waterloo
"Preserving Access Privacy Over Large Databases"
10 Dec 2010: Aleksander Essex, University of Waterloo
"Eperio: Mitigating Technical Complexity in Cryptographic Election Verificaiton"
9 Dec 2010: Ryan Henry, University of Waterloo
"Nymbler: Privacy-enhanced Protection from Abuses of Anonymity"
3 Dec 2010: Jeremy Clark, University of Waterloo
"Selections: An Internet Voting System with Over-the-shoulder Coercion Resistance"
1 Dec 2010: Femi Olumofin, University of Waterloo
"Revisiting the Computational Practicality of Private Information Retrieval"
26 Nov 2010: Aleksander Essex, University of Waterloo
"Hacking Democracy: An Election Fraudster's Tricks of the Trade"
12 Nov 2010: Stacey Jeffery, University of Waterloo
"Dealing with Ghosts: Trading Robustness for Correctness and Privacy in Certain Multiparty Functions, Beyond an Honest Majority"
22 October 2010: Kevin Bauer, University of Colorado
"Toward Improving Tor's Security and Performance"
24 September 2010: Alessandro Acquisti, Carnegie Mellon University
"Privacy, Behavioral Economics, and the Control Paradox"
9 Sep 2010: Christian Henrich, Karlsruhe Institute of Technology
"Bingo Voting — Verifiable Voting Scheme Based on a Trusted Random Number Generator"
26 July 2010: Maura Paterson, Birkbeck, University of London
"Distinct-difference configurations: multihop paths and key predistribution in sensor networks"
14 July 2010: Atefeh Mashatan, EPFL
"A Message Recognition Protocol Based on Standard Assumptions"
12 July 2010: Tara Whalen, Office of the Privacy Commissioner of Canada
"Technology and Privacy: A Short Tour through an Emerging Landscape"

A video of the talk is available.

8 July 2010: Greg Zaverucha, University of Waterloo
"Constant-Size Commitments to Polynomials and Their Applications"
5 July 2010: Qi Xie, University of Waterloo
"Privacy-Preserving Interest Matching for Mobile Social Networking"
25 June 2010: Michael Reiter, University of North Carolina
"Defending Against Client Compromises in Client-Server Applications"
21 Jun 2010: Can Tang, University of Waterloo
"An Improved Algorithm for Tor Circuit Scheduling"
27 May 2010: Aniket Kate, University of Waterloo
"Distributed Private-Key Generators for Identity-Based Cryptography"
11 May 2010: Roger Dingledine, The Tor Project
"Tor and censorship: lessons learned"
7 May 2010: Rachel Greenstadt, Drexel University
"Privacy & Stylometry: Exploring the Limitations and Potential of Automated Authorship Recognition"

2009-2010 (MITACS Speaker Series on Privacy)

19 March 2010: Rosario Gennaro, IBM Research
"Non-Interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers"
9 March 2010: Tadayoshi Kohno, University of Washington
"Increasing Privacy with Self-destructing Data"
5 March 2010: Wanying Luo, University of Waterloo
"Designing a Privacy-Aware Location Proof Architecture"
5 February 2010: Jeremy Clark, University of Waterloo
"The First Governmental Election with a Voter Verifiable Tally: Experiences using Scantegrity II at Takoma Park"
15 January 2010: Nick Hopper, University of Minnesota
"Scalable Anonymous Overlay Networks"
14 January 2010: Aniket Kate, University of Waterloo
"Using Sphinx to Improve Onion Routing Circuit Construction"
3 December 2009: Sherman Chow, New York University
"Improving Privacy and Security in Multi-Authority Attribute-Based Encryption"
1 December 2009: Periklis Papakonstantinou, University of Toronto
"On the Impossibility of Basing Identity Based Encryption on Trapdoor Permutations"
29 October 2009: Berkant Ustaoğlu, NTT Information Sharing Platform Laboratories
"Multi-party Off-the-Record Messaging"
15 October 2009: Greg Zaveruca, University of Waterloo
"The Identity Mixer Anonymous Credential System"
1 October 2009: Jason Hinek, University of Calgary
"Towards Attribute-Based Encryption Without Key Delegation"
22 July 2009: Ian Goldberg, University of Waterloo
"Sphinx: A Compact and Provably Secure Mix Format"
15 June 2009: Aniket Kate, University of Waterloo
"Distributed Key Generation for the Internet"
27 May 2009: Aniket Kate, University of Waterloo
"Anonymous Key Agreement in an Identity-Based Infrastructure"
8 May 2009: Prof. Nikita Borisov, University of Illinois, Urbana-Champaign
"Peer-to-peer Anonymous Communication: Approaches and Pitfalls"

2008-2009 (MITACS Speaker Series on Privacy)

30 March 2009: Chris Alexander, University of Waterloo
"Plinko: Polling with a Physical Implementation of a Noisy Channel"
23 February 2009: Jennifer Granick, Electronic Frontier Foundation
"Cutting Edge Cases in Digital Privacy and Crime"
18 February 2009: Greg Zaverucha, University of Waterloo
"Private Intersection of Certified Sets"
11 November 2008: Atefeh Mashatan, University of Waterloo
"Message recognition protocols for ad hoc networks"
29 September 2008: Ontario Information and Privacy Commissioner Ann Cavoukian
"Change the Paradigm: Embed Privacy into Technology and Ride the Next Wave"

A video of the talk is available.

18 September 2008: Joel Reardon, University of Waterloo
"Improving Tor using a TCP-over-DTLS tunnel"
19 August, 2008: Kevin Henry, University of Waterloo
"The theory and applications of homomorphic cryptography"
16 July 2008: Ge Zhong, University of Waterloo
"Distributed approaches for location privacy"
9 July 2008: Ryan Stedman, University of Waterloo
"A user study of Off-the-Record Messaging"
2 July 2008: Maura Paterson, Royal Holloway, University of London
"Aspects of key management in wireless sensor networks"
9 June 2008: Chengxi Zhang, University of Waterloo
"On achieving security and privacy preservation for vehicular communications"
8 April 2008: Stefan Saroiu, University of Toronto
"Towards eradicating phishing attacks"