Prateek Mittal

ACM Grace Murray Hopper Award

USA - 2023

citation

For exposing critical vulnerabilities in encrypted internet communication systems and developing multi-vantage-point domain validation countermeasures

Mittal?s research upended decades of conventional wisdom by demonstrating how attackers can completely undermine the protections offered by encryption by targeting internet mechanisms that aid in bootstrapping cryptographic keys. His research showed that an adversary can exploit the insecurity of internet routing to intercept traffic from trusted certificate authorities that help bootstrap/authenticate encryption keys and allow an adversary to obtain a cryptographic key that is vouched by trusted authorities. The research ethically demonstrated the feasibility of such attacks in the wild using internet-scale experiments with over 50,000 routers.

To mitigate these attacks, Mittal developed the idea of trusted certificate authorities validating website domain ownership from multiple vantage points on the Internet (multi-VA defense). He led a multi-year collaboration with Let?s Encrypt to design, implement, and evaluate the multi-VA defense in production settings, demonstrating practical feasibility. The technology has already led to the secure issuance of over 2.5 billion digital certificates serving 350 million websites impacting the integrity of global commerce, financial services, online healthcare, and everyday communications.

Press Release

ACM Senior Member

USA - 2017