Papers

Refereed

L.S. Figueiredo, B. Livshits, D. Molnar, and M. Veanes. "Prepose: Privacy, Security, and Reliability for Gesture-Based Programming." IEEE Symposium on Security and Privacy 2016.

J. Vilk, D. Molnar, E. Ofek, C. Rossbach, B. Livshits, A. Moshchuk, H. Wang, and R. Gal. "SurroundWeb:Mitigating Privacy Concerns in a 3D Web Browser." IEEE Symposium on Security and Privacy 2015.

M. Veanes, T. Mytkowicz, D. Molnar, and B. Livshits. "Data Parallel String Manipulating Programs." POPL 2015.

R. Cochran, L. D'Antoni, B. Livshits, D. Molnar, and M. Veanes. "Program Boosting: Program Synthesis via Crowd-Sourcing." POPL 2015.

I. Rae, G. Venolia, J. Tang, and D. Molnar. "A Framework for Understanding and Designing Telepresence." CSCW 2015.

F. Roesner, D. Molnar, A. Moshchuk, T. Kohno, and H.J. Wang. "World-Driven Access Control for Continuous Sensing." ACM CCS 2014.

Christopher Smowton, Jacob R. Lorch, David Molnar, Stefan Saroiu, and Alec Wolman. Zero-Effort Payments: Design, Deployment, and Lessons. Ubicomp 2014. PDF

Loris D'Antoni, Margus Veanes, Benjamin Livshits, and David Molnar. FAST: a Transducer-Based Language for Tree Manipulation, in PLDI 2014: Programming Language Design and Implementation, ACM, June 2014

F. Roesner, T. Kohno, D. Molnar. "Security and Privacy for Augmented Reality Systems." Communications of the ACM, April 2014 (cover story).

S. Jana, D. Molnar, A. Moshchuk, A. Dunn, B. Livshits, H.J. Wang, E. Ofek. "Enabling fine-grained permissions for augmented reality applications with recognizers." Usenix Security Symposium 2013.

L. D'Antoni, A. Dunn, S. Jana, T. Kohno, B. Livshits, D. Molnar A. Moshchuk, E. Ofek, F. Roesner, T. S. Saponas, M. Veanes, H. J. Wang. "Operating System Support for Augmented Reality Applications." Workshop on Hot Topics in Operating Systems (HotOS) 2013.

E. Bounimova, P. Godefroid, D. Molnar. "Billions and Billions of Constraints: Whitebox Fuzz Testing in Production" ICSE 2013.

P. Godefroid, M.Y. Levin, D. Molnar. "SAGE: Whitebox fuzzing for security testing." Communications of the ACM, pages 40-44 2012.

Margus Veanes, Pieter Hooimeijer, Benjamin Livshits, David Molnar, Nikolaj Bjorner "Symbolic Finite State Transducers: Algorithms and Applications" POPL 2012: 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2012) pp. 137-150, Philadelphia, Pennsylvania, January 2012

P. Saxena, D. Molnar, B. Livshits. "ScriptGard: Automatic Context-Sensitive Sanitization for Large-Scale Legacy Web Applications" ACM Computer and Communications Security 2011.

P. Hooimeijer, B. Livshits, D. Molnar, P. Saxena, M. Veanes. "Fast and Precise Sanitizer Analysis with BEK." Usenix Security 2011.

R. A. Popa, J. Lorch, D. Molnar, H. Wang, L. Zhuang. "Enabling Security in Cloud Storage SLAs with CloudProof." Usenix Technical Conference 2011.

D. Molnar, S. Egelman, and N. Christin. "This Is Your Data on Drugs: Lessons Computer Security Can Learn From The Drug War."
New Security Paradigms Workshop 2010.

D. Molnar, S. Schechter. "Self Hosting vs. Cloud Hosting: Accounting for the security impact of hosting in the cloud."
WEIS 2010.

S. Egelman, D. Molnar, N. Christin, A. Acquisti, C. Herley, and S. Krishnamurthi. "Please Continue to Hold: An empirical study on user tolerance of security delays."
WEIS 2010.

M. Stevens, A. Sotirov, J. Appelbaum, A. Lenstra, D. Molnar, D. A. Osvik, B. de Weger "Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate."
CRYPTO 2009.

D. Molnar, X. C. Li, and D. Wagner "Dynamic Test Generation To Find Integer Bugs in x86 Binary Linux Programs."
USENIX Security 2009, to appear. See our draft paper. Comments welcomed!

P. Godefroid, M.Y. Levin, and D. Molnar "Active Property Checking."
EMSOFT 2008. See also Microsoft Technical Report MSR-TR-2007-91, July 2007

P. Godefroid, M.Y. Levin, and D. Molnar "Automated Whitebox Fuzz Testing."
Network Distributed Security Symposium (NDSS) 2008.
See also Microsoft Technical Report MSR-TR-2007-58, May 2007

N. Hopper, D. Molnar, and D. Wagner "From Weak to Strong Watermarking." Theory of Cryptography Conference (TCC) 2007.
eprint page

C. Crutchfield, D. Molnar, and D. Turner "Approximate Measurement of Voter Privacy Loss in an Election With Precinct Reports." NIST/NSF Voting Systems Rating Workshop. 2006.
Workshop version.

D. Molnar, T. Kohno, N. Sastry, and D. Wagner "Tamper-Evident, History-Independent, Subliminal-Free Data Structures on PROM Storage -or- How to Store Ballots on a Voting Machine." Extended abstract (6 pages) in IEEE Security and Privacy ("Oakland") 2006.
Short version: PS PDF Long version: eprint page

C. Crutchfield, D. Molnar, D. Turner, and D. Wagner "Generic On-line/Off-line Threshold Signatures." Public Key Cryptography (PKC) 2006.
eprint page

D. Molnar, M. Piotrowski, D. Schultz, and D. Wagner "The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks." ICISC 2005.
Conference version: PDF Long version: eprint page Source code (NO SUPPORT OFFERED): .TGZ

D. Molnar, A. Soppera, and D. Wagner "RFID Privacy Through Trusted Computing." (Short Paper) WPES 2005.
PDF

C. Gentry, D. Molnar, and Z. Ramzan "Efficient Designated Confirmer Signatures Without Random Oracles or General Zero-Knowledge Proofs." ASIACRYPT 2005.
Springer-Verlag online proceedings.

R. Jain, D. Molnar, and Z. Ramzan "Towards Understanding Algorithmic Factors Affecting Energy Consumption: Switching Complexity, Randomness, and Preliminary Experiments." DIAL M / POMC 2005.
PS PDF

D. Molnar, A. Soppera, and D. Wagner "A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags." Selected Areas in Cryptography 2005.
Conference version: PDF Long version: eprint page

A. Juels, D. Molnar, and D. Wagner "Security and Privacy Issues in E-Passports." IEEE SecureComm 2005.
PDF eprint page

S. Draper, P. Ishwar, D. Molnar, V. Prabhakaran, K. Ramchandran, D. Schonberg, and D. Wagner "An Analysis of PMF Based Tests for Detection of Least Significant Bit Image Steganography." Information Hiding Workshop 2005 (IH 2005).
PDF

R. Jain, D. Molnar, and Z. Ramzan "Towards A Model of Energy Complexity for Algorithms." (Invited talk) in IEEE Wireless Communications and Networking Conference (WCNC) 2005.
PDF

N. Good, J. Han, E. Miles, D. Molnar, D. Mulligan, L. Quilter, J. Urban, and D. Wagner "Radio Frequency Id and Privacy with Information Goods." (Short Paper) in WPES 2004.
DOC

D. Molnar and D. Wagner "Privacy and Security in Library RFID : Issues, Practices, and Architectures." ACM CCS 2004.
PS PDF

T.Vila, R. Greenstadt, and D. Molnar "Why We Can't Be Bothered To Read Privacy Policies: Models of Privacy Economics as a Lemons Market." Appeared at the Second International Workshop on Economics and Information Security. Also appears in a book on Economics and Information Security comprising selected papers from the first and second Workshops.
PDF

R. Johnson, D. Molnar, D. Song, and D. Wagner "Homomorphic Signature Schemes."
RSA2002 Conference, Cryptographer's Track. LNCS 2271.
PDF.

R. Dingledine, M. Freedman, D. Hopwood, and D. Molnar "A Reputation Scheme To Increase MIX-net Reliability."
2001 Information Hiding Workshop (IH 2001). LNCS 2137.
PS

R. Dingledine, M. Freedman, and D. Molnar "Free Haven - A Distributed Anonymous Storage System."
Berkeley Workshop on Design Issues in Anonymity and Unobservability. LNCS 2009.
PS

Non-Refereed

Shengye Wan, Cyrus Nikolaidis, Daniel Song, David Molnar, James Crnkovich, Jayson Grace, Manish Bhatt, Sahana Chennabasappa, Spencer Whitman, Stephanie Ding, Vlad Ionescu, Yue Li, Joshua Saxe, "Cyberseceval 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models"

Manish Bhatt, Sahana Chennabasappa, Yue Li, Cyrus Nikolaidis, Daniel Song, Shengye Wan, Faizan Ahmad, Cornelius Aschermann, Yaohui Chen, Dhaval Kapil, David Molnar, Spencer Whitman, Joshua Saxe, "CyberSecEval 2: A Wide-Ranging Cybersecuity Evaluation Suite for Large Language Models"

D. Wilkerson, D. A. Molnar, M. Harren, and J. D. Kubiatowicz, "Hard-Object: Enforcing Object Interfaces Using Code-Range Data Protection,"
EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2009-97, July 2009.

D. Molnar and D. Wagner. Catchconv : Symbolic execution and run-time type inference for integer conversion errors.
UCB EECS Technical Report 2007-23.
Sourceforge project

A. Soppera, T. Burbridge, and D. Molnar. "RFID Security and Privacy -- Issues, Standards, and Solutions"
Chapter in Intelligent Spaces: The Application of Pervasive Information and Communication Technology, Alan Steventon and Steven Wright, eds., Springer-Verlag Publishers. February 2006.
Springer-Verlag book page

D. Molnar, R. Stapleton-Gray, and D. Wagner. "Killing, Recoding, and Beyond."
Chapter in RFID Applications, Security and Privacy, Simson Garfinkel and Beth Rosenberg eds., Addison/Wesley Publishers. July 2005.
DOC

R. Dingledine, M. Freedman, and D. Molnar. "Accountability in Peer-to-Peer Systems."
Chapter in Peer-to-Peer: Harnessing The Benefits of a Disruptive Technology , Andy Oram ed., O'Reilly Publishers. March 2001.
HTML

Manuscripts

My senior thesis on "Homomorphic Signature Schemes." Warning: it's remarkably buggy.
My master's report on "Security and Privacy in Two RFID Deployments, With New Methods For Private Authentication and RFID Pseudonyms."
My PhD thesis on "Dynamic Test Generation for Large Binary Programs."

Co-Authors

Here's a list of my co-authors and links to their pages.

Trevor Burbridge
Chris Crutchfield
Roger Dingledine
Stark Draper
Michael J. Freedman
Craig Gentry
Patrice Godefroid
Nathan Good
Rachel Greenstadt
John Han
Nicholas Hopper
David Hopwood
Prakash Ishwar
Ravi Jain
Rob Johnson
Ari Juels
Tadayoshi Kohno
Michael Y. Levin
Elizabeth Miles
Deirdre Mulligan
Matt Piotrowski
Vinod Prabhakaran
Laura Quilter
Kannan Ramchandran
Zulfikar Ramzan
Naveen Sastry
Dan Schonberg
David Schultz
Dawn Song
Andrea Soppera
Ross Stapleton-Gray
David Turner
Tony Vila
David Wagner