Talks

Enclosed below are slides from a few of my recent talks. Some are in Postscript®, in which case there is a PDF ® version as well; others are HTML converted from Powerpoint® or OpenOffice. (Note: If you need a Postscript viewer, try Ghostscript.)

I've played a bit with MagicPoint, a free presentation tool for X11-based systems. In such cases, I've included the derived HTML, Postscript, and PDF.

Regular Talks

Newspeak: A Paradigm for Architectural Security, Cybersecurity Summit 2008 for NSF Large Research Facilities, Arlington, VA, May 2008.
Issues in Routing Security, DIMACS Workshop on Secure Interdomain Routing, March 2008.
Internet Privacy: Big Brother and Little Brother, NICT Symposium on Internet Security and Privacy, Tokyo, Japan, February 2008; First International Symposium on Global Information Governance, Pisa, Italy, March 2008.
Configuration Management and Security, LISA Configuration Workshop, Dallas, TX, November 2007.
The Future of Internet Security , European Conference on Computer Network Defense, October 2007, Heraklion, Greece.
Routing Security Economics, DIMACS Workshop on Information Security Economics, 18-19 Jan 2007.
Where to Now?, acceptance talk, 2007 National Computer Systems Security Award, Miami Beach, FL.
Real Attacks and Threat Models, IETF 67, San Diego, CA, November 2006.
On the Brittleness of Software and the Infeasibility of Security Metrics, First Workshop on Security Metrics (MetriCon 1.0), Vancouver, BC, August 2006.
Routing Security, ARIN XVII, Montreal, April 2006. (PDF here.)
Square Wheels and Round Tuits, Keynote address, Workshop on Research Directions for Security and Networking in Critical Real-Time and Embedded Systems, San Jose, 2006. (PDF here.)
Encrypted Key Exchange, Stuyvesant High School, NY, February 2006. (PDF here.)
Cryptography and the Internet: Where It Is, Where It Isn't, Where it Should Be --- and Why It Isn't There, Cognos Innovation Lecture, Carleton University, Ottawa, ON, Dec 1, 2005. (PDF here.)
Deploying New Hash Functions, NIST Cryptographic Hash Workshop, Oct 31-Nov 1, 2005. (PDF here.)
Application Security: Threats and Architecture, FDIC Designing an Information Security Program, September 2005.
Application Security: Threats and Architecture, IETF 63, Paris, August 2005. (PDF here)
Lessons from IPv6. Next-Generation Secure Internet workshop, July 2005. (OpenOffice, PowerPoint)
IPv6 Threats to Communications, May 2005. (PDF here.)
Steven M. Bellovin, John Ioannidis, and Randy Bush. Operational Requirements for Secured BGP. DHS Secure Routing Workshop, March 2005. (OpenOffice here; PowerPoint here.)
Moving Application Security into the Network. End-to-End Meeting, January 2005. (PDF here.)
TCP/IP Security Holes: A Look Back. Invited talk, "classic papers" session, 20th Annual Computer Security Applications Conference, December 2004. (PDF version here.)
Security Challenges, TI Workshop on Dependability and Security, December 2004. (PDF here.)
Measurement and Security, AT&T IP Security Day, November 2004. (PDF here.)
Cryptography and the Internet: Where It Is, Where It Isn't, Where it Should Be --- and Why It Isn't There, DIMACS Workshop on Cryptography: Theory Meets Practice, October 2004. (PDF version here.)
Privacy, Anonynmity, and Security on the Internet, Australian Unix Users' Group, Melbourne, AU, August 2004. (PDF here.)
An Introduction to Cryptography, tutorial, Australian Unix Users' Group, Melbourne, AU, August 2004. (PDF here.)
Permissive Action Links and the History of Public Key Cryptography, invited talk, Usenix Security Symposium, August 2004. (PDF here.) An MP3 of the talk itself is here (99.41 MB).
Securing the Net: Where the Holes Are, INET 2004, Barcelona, May 2004. (PDF here, Powerpoint here.)
CALEA and VoIP: The Internet is not the PSTN. Computers, Freedom, and Privacy, April 2004. (OpenOffice, PowerPoint)
Internet Security: Then and Now, NANOG 30, Miami, FL, February 2004. (PDF here.)
Protocol Problems and Architectural Issues, ICANN DNS Security and Stability Advisory Committee meeting on wildcard DNS records in TLDs, Washington, DC, October 2003. (OpenOffice, HTML, PDF, Postscript, Powerpoint.)
Routing Security, British Columbia Institute of Technology, June 2003. (PDF here.)
SBGP -- Secure BGP. (PDF here.)
Where the Wild Things Are: BGP Threats. (PDF here.)
NANOG 28, June 2003, Salt Lake City, UT.
An Introduction to Modern Cryptography, Westfield High School Saturday Science Program, March 2003. (PDF here.)
The State of Software Security, Information Security Law: Software Security and Vulnerability Reporting, Seton Hall University School of Law, November 2002. (PDF here.)
A Technique for Counting NATted Hosts, Second Internet Measurement Workshop, Marseille, November 2002. (PDF here.)
Realistic Security, Management of Technologies Symposium, Stevens Institute of Technology, 23 October 2002. (PDF here.)
The IETF or Where do all those RFCs come from, anyway?, 13 June 2002, Usenix.
Security and Software Engineering, 17 January 2002, MIT.
ICANN and Internet Security, ICANN Open Meeting, 13 November 2001, Marina del Rey, CA.
Telephone versus Internet Wiretaps: A Technical and Legal Perspective, NAE/CSTB Workshop on Critical Infrastructure Protection and the Law, 22-23 October 2001.
Security and Software Engineering", Toolsmith Conference, University of North Carolina at Chapel Hill, 18 October 2001.
"Internet Security in my Crystal Ball", End-to-End Research Group, June 2001. (PDF here.)
"DDoS Attacks and Pushback", NANOG 21, February 2001. (PDF here.) (Note -- this talk is significantly different than the other talk of the same name.)
"DDoS Attacks and Pushback", December 2000. (PDF here.)
"Host versus Network Security", Center for Global Security Research (CGSR), Lawrence Livermore National Laboratory, University of California and Office of Engineering and Technology, Federal Communications Commission (FCC), Conference on Telecommunications Network Security and Reliability in the 21st Century, Washington, D.C., 31 October 2000.
"Security and IPv6", IPv6 Summit, Washington, D.C., 19 October 2000.
"Defense Strategies for DDoS Attacks", NISSC panel session, Baltimore, MD, 18 October 2000.
"Preventing Denial of Service Attacks", NISSC panel session, Baltimore, MD, 18 October 2000.
Key Agility Requirements for IPsec, August 2000, Works in Progress session, 9th Usenix Security Symposium, Denver, CO. (PDF here.)
Note: this talk is based a long note posted to a few mailing lists; you can find a copy here.
Extending Snoop to Handle IPSec Packets, August 2000, Works in Progress session, 9th Usenix Security Symposium, Denver, CO.
Security: Present and Future, June 2000.
Security Aspects of Napster and Gnutella, June 2000.
Distributed Denial of Service Attacks, February 2000.
Security for the Web, Seton Hall University, February 2000.
Distributed Denial of Service Attacks, NANOG, San Jose, February 2000.
Destroying the Net, RSA 2000, January 2000.
Distributed Firewalls, August 1999, Works in Progress session, 8th Usenix Security Symposium, Washington, D.C. (PDF here.)
Regulation, Cryptography, and Internet Security, July 1999, Multilateral Security in Communications, Stuttgart, Germany. (PDF here.)
"Network Security", tutorial, IM '99, Boston MA, May 28, 1999.
Authentication Architectures, February 1999.
Transport-Friendly ESP, or, Layer Violations for Fun and Profit, NDSS '99, February 1999.
Why Do We Need More Research?, NDSS '99, February 1999.
Security, Cryptography, and Magic, RSA '99, January 1999.
Computer Insecurity, 20 October 1998.
Network and Internet Security, September 1998. (Powerpoint here)
Cryptography and the Internet, CRYPTO '98, August 1998. (PDF here.)
Trends in Internet Security, September 1997.
Key Recovery, September 1997.
Network Layer Security -- Structure and Challenges, DIMACS, October 1997.
Trust Problems, NISSC panel session, Baltimore, MD, October 1997.
Security for the NGI, December 1997.
Where the Wild Things Are, NISSC panel session, Baltimore, MD, October 1996. (PDF here.)
Java -- Threat or Menace, NISSC panel session, Baltimore, MD, October 1996. (PDF here.)
IAB/IESG Statement on Cryptography, October 1996. (PDF here.)
Is Encryption Unbreakable?, NISSC panel session, Baltimore, MD, October 1996. (PDF here.)
WWW Problems, NISSC panel session, Baltimore, MD, October 1996. (PDF here.)
Java Security Model, April 1996. (PDF here.)
Shifting the Odds -- Writing More Secure Software, December 1994. (PDF here.)
An Introduction to Escrowed Encryption Systems, Boston Usenix, June 1994. (PDF here.)
Firewalls are Necessary, Oakland Symposium on Research in Security and Privacy, May 1994. (PDF here.)

IETF Talks
I often give talks at IETF meetings. Since these are generally not very comprehensible out of context, I've broken them out and listed them separately.

67th IETF, San Diego, CA, November 2006.

Towards a TCP Security Option

56th IETF, San Francisco, CA, March 2003.

Access Control Prefix Router Advertisement Option for IPv6 (PDF here.)

54th IETF, Yokohama, Japan, July 2002.

(Ab?)Using IPsec for SEND.

47th IETF, Adelaide, SA, March 2000.

Protecting SCTP with IPsec (PDF here.)
Supporting IPsec with Legacy Credentials (PDF here.)
ICMP Traceback Messages (PDF here.)
IPsec Issues for SCTP (PDF here.)

46th IETF, Washington, DC, November 1999
iaPCBC for IPsec (PDF here.

44th IETF, Minneapolis, MN, March 1999

Transport-Friendly ESP BoF, (You can find HTML here, but the title page is hosed. Postscript is here; PDF is here.)

43rd IETF, Orlando, FL, December 1998
Proposed Modifications to ESP (PDF here.)
RUTS Security (PDF here.)

41th IETF, Los Angeles, CA, March 1998
Coordination with Other Areas (PDF here.)
EIDs, IPsec, and HostNAT (PDF here.)

40th IETF, Washington, D.C., December 1997
PINT Security Requirements (PDF here.)

39th IETF, Munich, Germany, August 1997
Further work on IP-layer Security -- A Personal Opinion, (PDF here.)

37th IETF, San Jose, CA, December 1996
Naming and Certificates, (PDF here.)

32nd IETF, Danvers, MA, April 1995
Problems with Hostpair Keying (PDF here.)

smb home

Updated 07 May 08