Research

I do research on digital freedom and privacy with a focus on developing technologies to enhance freedom and privacy. Much of my work has been in communications, with projects relating to improving metadata privacy, privacy-preserving network measurement, and censorship circumvention. I have also worked on applications of differential privacy for data publishing.

Publications

  1. Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols [paper] [BibTeX]
    • Full version of CCS 2024 conference paper, adding appendices containing definitions, proofs, and experimental details.
    Ellis Fenske and Aaron Johnson
    In Proceedings of the 31st ACM Conference on Computer and Communications Security (CCS 2024), October 2024.
    Show abstract
  2. Repositioning Real-World Website Fingerprinting on Tor [paper] [BibTeX]
    Rob Jansen, Ryan Wails, and Aaron Johnson
    In Proceedings of the 23rd ACM Workshop on Privacy in the Electronic Society (WPES 2024), October 2024.
    Show abstract
  3. A Measurement of Genuine Tor Traces for Realistic Website Fingerprinting [paper] [BibTeX]
    Rob Jansen, Ryan Wails, and Aaron Johnson
    Technical Report (arXiv:2404.07892), April 2024.
    Show abstract
  4. Waks-On/Waks-Off: Fast Oblivious Offline/Online Shuffling and Sorting with Waksman Networks [paper] [code] [BibTeX]
    • Full version of CCS 2023 conference paper, adding appendices containing proofs, implementation optimizations, and additional experiments.
    Sajin Sasy, Aaron Johnson, and Ian Goldberg
    In Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS 2023), November 2023.
    Show abstract
  5. Throwing Your Weight Around: Fixing Tor's Positional Weighting [paper] [BibTeX]
    Aaron Johnson, Aaron D. Jaggard, and Paul Syverson
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2023), Vol. 2023, Issue 4, July 2023.
    Show abstract
  6. Proteus: Programmable Protocols for Censorship Circumvention [paper] [BibTeX]
    Ryan Wails, Rob Jansen, Aaron Johnson, and Micah Sherr
    In Free and Open Communications on the Internet (FOCI 2023), July 2023.
    Show abstract
  7. Security Notions for Fully Encrypted Protocols [paper] [BibTeX]
    Ellis Fenske and Aaron Johnson
    In Free and Open Communications on the Internet (FOCI 2023), February 2023.
    Show abstract
  8. Fast Fully Oblivious Compaction and Shuffling [paper] [code] [BibTeX]
    • Full version of CCS 2022 conference paper, including (1) appendices with proofs and experimental details, (2) small corrections and improvements to the pseudocode for ORCompact and ORCPar (Figures 2 and 4), and (3) small corrections and improvements to the pseudocode for BORPStream (Figures 9 and 10).
    Sajin Sasy, Aaron Johnson, and Ian Goldberg
    In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS 2022), November 2022.
    Show abstract
  9. Differentially Private Maximal Information Coefficients [paper] [code] [BibTeX]
    John Lazarsfeld, Aaron Johnson, and Emmanuel Adeniran
    In Proceedings of the 39th International Conference on Machine Learning (ICML 2022), PMLR Volume 162, July 2022.
    Show abstract
  10. Accountable Private Set Cardinality for Distributed Measurement [paper] [code] [BibTeX]
    • Journal version of CCS 2017 conference paper. Improvements over the conference version include (1) a modified protocol to provide accountability, (2) added measures to prevent input modification, and (3) a description of how to modify the protocol to compute set-intersection cardinality.
    Ellis Fenske, Akshaya Mani, Aaron Johnson, and Micah Sherr
    In ACM Transactions on Privacy and Security (TOPS), Volume 25, Number 4, Article No. 25, May 2022.
    Show abstract
  11. Consistency of the Maximal Information Coefficient Estimator [paper] [BibTeX]
    John Lazarsfeld and Aaron Johnson
    Technical Report (arXiv:2107.03836), July 2021.
    Show abstract
  12. FlashFlow: A Secure Speed Test for Tor [paper] [BibTeX]
    Matthew Traudt, Rob Jansen, and Aaron Johnson
    In Proceedings of the 41st IEEE International Conference on Distributed Computing Systems (ICDCS 2021), July 2021.
    Show abstract
  13. On the Accuracy of Tor Bandwidth Estimation [paper] [code & data] [BibTeX]
    Rob Jansen and Aaron Johnson
    In Proceedings of the 22nd Passive and Active Measurement Conference (PAM 2021), March 2021.
    Show abstract
  14. CLAPS: Client-Location-Aware Path Selection in Tor [paper] [BibTeX]
    Florentin Rochet, Ryan Wails, Aaron Johnson, Prateek Mittal, and Olivier Pereira
    In Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS 2020), November 2020.
    Show abstract
  15. Stormy: Statistics in Tor by Measuring Securely [paper] [BibTeX]
    Ryan Wails, Aaron Johnson, Daniel Starin, Arkady Yerukhimovich, and S. Dov Gordon
    In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS 2019), November 2019.
    Show abstract
  16. Guard Placement Attacks on Path Selection Algorithms for Tor [paper] [BibTeX]
    Gerry Wan, Aaron Johnson, Ryan Wails, Sameer Wagh, and Prateek Mittal
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2019), Vol. 2019, Issue 4, July 2019.
    Show abstract
  17. Understanding Tor Usage with Privacy-Preserving Measurement [paper] [BibTeX]
    Akshaya Mani, T Wilson-Brown, Rob Jansen, Aaron Johnson, and Micah Sherr
    In Proceedings of the Internet Measurement Conference 2018 (IMC 2018).
    Show abstract
  18. Tempest: Temporal Dynamics in Anonymity Systems [paper] [BibTeX]
    Ryan Wails, Yixin Sun, Aaron Johnson, Mung Chiang, and Prateek Mittal
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2018), Vol. 2018, Issue 3, July 2018.
    Show abstract
  19. Distributed Measurement with Private Set-Union Cardinality [paper] [BibTeX]
    Ellis Fenske, Akshaya Mani, Aaron Johnson, and Micah Sherr
    In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS 2017).
    Show abstract
  20. PeerFlow: Secure Load Balancing in Tor [paper] [BibTeX]
    Aaron Johnson, Rob Jansen, Nicholas Hopper, Aaron Segal, and Paul Syverson
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2017), Vol. 2017, Issue 2, April 2017.
    Show abstract
  21. Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection [paper] [BibTeX]
    Aaron Johnson, Rob Jansen, Aaron D. Jaggard, Joan Feigenbaum, and Paul Syverson
    In Proceedings of the 24th Network and Distributed System Security Symposium (NDSS 2017).
    Show abstract
  22. Safely Measuring Tor [paper] [BibTeX]
    Rob Jansen and Aaron Johnson
    In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS 2016).
    Show abstract
  23. Defending Tor from Network Adversaries: A Case Study of Network Path Prediction [paper] [BibTeX]
    Joshua Juen, Aaron Johnson, Anupam Das, Nikita Borisov, and Matthew Caesar
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2015), Vol. 2015, Issue 2, June 2015.
    Show abstract
  24. Hidden-service statistics reported by relays [paper] [BibTeX]
    David Goulet, Aaron Johnson, George Kadianakis, and Karsten Loesing
    Tor Technical Report 2015-04-001, April 2015.
    Media coverage of resulting statistics: BBC News, Ars Technica
    Show abstract
  25. 20,000 In League Under the Sea: Anonymous Communication, Trust, MLATs, and Undersea Cables [paper] [BibTeX]
    Aaron D. Jaggard, Aaron Johnson, Sarah Cortes, Paul Syverson, and Joan Feigenbaum
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2015), Vol. 2015, Issue 1, April 2015.
    Show abstract
  26. Security Analysis of Accountable Anonymity in Dissent [paper] [BibTeX]
    Ewa Syta, Aaron Johnson, Henry Corrigan-Gibbs, Shu-Chun Weng, David Wolinsky, and Bryan Ford
    In ACM Transactions on Information and System Security (TISSEC), Volume 17, Issue 1, Article No. 4, August 2014.
    Show abstract
  27. The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network [paper] [BibTeX]
    Rob Jansen, Florian Tschorsch, Aaron Johnson, and Björn Scheuermann
    In Proceedings of the 21st Network and Distributed System Security Symposium (NDSS 2014).
    Show abstract
  28. Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries [paper] [BibTeX]
    Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson
    In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013).
    Media coverage: The Register, Vice, The Irish Times, Ars Technica, Finnish Broadcasting Company (YLE), NewScientist, MIT Technology Review
    Show abstract
  29. Privacy-Preserving Data Exploration in Genome-Wide Association Studies
    Aaron Johnson and Vitaly Shmatikov
    In Proceedings of the 19th ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD 2013).
    Show abstract
  30. Poster: Onions for Sale: Putting Privacy on the Market [paper] [slides]
    Aaron Johnson, Rob G. Jansen, and Paul Syverson
    In Proceedings of the 17th International Conference on Financial Cryptography and Data Security (FC 2013).
    Show abstract
  31. LIRA: Lightweight Incentivized Routing for Anonymity [paper] [BibTeX]
    Rob G. Jansen, Aaron Johnson, and Paul Syverson
    In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS 2013).
    Show abstract
  32. Dissent in Numbers: Making Strong Anonymity Scale [paper] [BibTeX]
    David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson
    In Proceedings of the Tenth USENIX Symposium on Operating Systems Design and Implementation (OSDI '12).
    Show abstract
  33. Probabilistic Analysis of Onion Routing in a Black-box Model [paper] [BibTeX]
    Joan Feigenbaum, Aaron Johnson, and Paul Syverson
    In ACM Transactions on Information and System Security (TISSEC), Volume 15 Issue 3, November 2012.
    Show abstract
  34. Scalable Anonymous Group Communication in the Anytrust Model [paper] [BibTeX]
    David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson
    In Proceedings of the Fifth European Workshop on System Security (EuroSec 2012).
    Show abstract
  35. Trust-based Anonymous Communication: Adversary Models and Routing Algorithms [paper] [BibTeX]
    Aaron Johnson, Paul Syverson, Roger Dingledine, and Nick Mathewson
    In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS 2011).
    Show abstract
  36. Preventing Active Timing Attacks in Low-Latency Anonymous Communication (Extended Abstract) [paper] [BibTeX]
    Joan Feigenbaum, Aaron Johnson, and Paul Syverson
    In Proceedings of the 10th Privacy Enhancing Technologies Symposium (PETS 2010).
    Show abstract
  37. More Anonymous Onion Routing Through Trust [paper] [BibTeX]
    Aaron Johnson and Paul Syverson
    In Proceedings of the 22nd IEEE Computer Security Foundations Symposium (CSF 2009).
    Show abstract
  38. Online and Offline Selling in Limit Order Markets [paper] [BibTeX]
    Kevin L. Chang and Aaron Johnson
    In Proceedings of the 4th International Workshop on Internet and Network Economics (WINE 2008).
    Show abstract
  39. Probabilistic Analysis of Onion Routing in a Black-box Model (Extended abstract) [paper] [BibTeX]
    Joan Feigenbaum, Aaron Johnson, and Paul Syverson
    In Proceedings of the 2007 ACM Workshop on Privacy in the Electronic Society (WPES 2007).
    Show abstract
  40. Private Web Search [paper] [BibTeX] [software]
    Felipe Saint-Jean, Aaron Johnson, Dan Boneh, and Joan Feigenbaum
    In Proceedings of the 2007 ACM Workshop on Privacy in the Electronic Society (WPES 2007).
    Show abstract
  41. A Model of Onion Routing with Provable Anonymity [paper] [BibTeX]
    Joan Feigenbaum, Aaron Johnson, and Paul Syverson
    In Proceedings of Financial Cryptography and Data Security '07 (FC 2007).
    Show abstract

Talks

  1. Bytes to Schlep? Use a FEP: Hiding Protocol Metadata with Fully Encrypted Protocols [slides]
    At the Cryptographic Applications Workshop (CAW 2024).
    May 26, 2024. Zurich, Switzerland.
  2. Throwing Your Weight Around: Fixing Tor's Positional Weighting [slides]
    At the 23rd Privacy Enhancing Technologies Symposium (PETS 2023).
    July 12, 2023. Lausanne, Switzerland.
  3. Fast Fully Oblivious Compaction and Shuffling [slides]
    Invited talk at the U.S. Naval Academy Cybersecurity Seminar.
    May 19, 2023. Annapolis, MD, USA.
    Slides by Sajin Sasy
  4. Security Notions for Fully Encrypted Protocols [slides]
    At Free and Open Communications on the Internet (FOCI 2023).
    February 15, 2023. Virtual.
  5. Client-Location-Aware Path Selection in Tor [slides]
    Invited talk at the George Washington University Computer Science Colloquium.
    September 29, 2021. Washington, DC, USA.
  6. Stormy: Statistics in Tor by Measuring Securely [slides]
    Invited talk at the University of Massachusetts Amherst Computer Science Seminar.
    November 8, 2019. Amherst, MA, USA.
  7. Improving the Security of the Tor Network [slides]
    Invited talk at the University of Iowa Computer Science Colloquium.
    October 25, 2019. Iowa City, IA, USA.
  8. Secure Computation in the Tor Network [slides]
    At the DIMACS/MACS Workshop on Usable, Efficient, and Formally Verified Secure Computation.
    March 15, 2019. Boston, MA, USA.
  9. Measuring and Monitoring the Tor Network [slides]
    At the Encryption and Surveillance Workshop.
    August 19, 2018. Santa Barbara, CA, USA.
  10. The Tor Network: Freedom and Privacy Online [slides]
    At the 2018 Computational Decision Making and Data Science Workshop (CDMDSW 2018).
    July 21, 2018. Belgrade, Serbia.
  11. PeerFlow: Secure Load Balancing in Tor [slides]
    At the 17th Privacy Enhancing Technologies Symposium (PETS 2017).
    July 18, 2017. Minneapolis, MN.
  12. Privacy-Preserving Measurement of the Tor Network [slides]
    Invited talk at the Center for Disclosure Avoidance Research, U.S. Census.
    May 30, 2017. U.S. Census, Washington, DC.
  13. Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection [slides]
    At the 24th Network and Distributed System Security Symposium.
    February 28, 2017. San Diego, CA.
  14. Improving Tor's Security with Trust-Aware Path Selection [slides]
    Invited talk at the Tulane University Computer Science Colloquium.
    January 30, 2017. Tulane University, New Orleans, LA.
  15. Private Measurement of Tor
    Invited talk at the Workshop: Theory and Practice of Secure Multiparty Computation 2016.
    June 2, 2016. Aarhus University, Aarhus, Denmark.
  16. Location-Aware Onion Routing [slides] [paper]
    Short talk at the 36th IEEE Symposium on Security and Privacy.
    May 19, 2015. San Jose, CA.
  17. Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries [slides]
    Invited talk at the Max Planck Institute for Software Systems.
    July 29, 2013. MPI-SWS, Saarbrücken, Germany.
  18. LIRA: Lightweight Incentivized Routing for Anonymity [slides]
    At the 20th Network and Distributed System Security Symposium.
    February 27, 2013. San Diego, CA.
  19. Onion Routing Security Analysis [slides]
    At the DC-Area Anonymity, Privacy, and Security Seminar.
    January 18, 2012. University of Maryland, College Park, MD.
  20. Proving Security in Dissent [slides]
    At the DC-Area Anonymity, Privacy, and Security Seminar.
    October 26, 2012. Georgetown University, Washington, DC.
  21. Anonymity Analysis of Onion Routing in the Universally Composable Framework [slides]
    At the Provable Privacy Workshop.
    July 9, 2012. Vigo, Spain.
  22. Trust-based Anonymous Communication: Adversary Models and Routing Algorithms [slides]
    At the 18th ACM Conference on Computer and Communications Security (CCS 2011).
    October 19, 2011. Chicago, IL.
  23. Preventing Active Timing Attacks in Low-Latency Anonymous Communication [slides]
    At the 10th Privacy Enhancing Technologies Symposium (PETS 2010).
    July 22, 2010. Berlin, Germany.
  24. More Anonymous Onion Routing Through Trust [slides]
    At the 22nd IEEE Computer Security Foundations Symposium (CSF 2009).
    July 8, 2009. Port Jefferson, New York.
  25. Online and Offline Selling in Limit Order Markets [slides]
    At the 4th International Workshop on Internet and Network Economics (WINE 2008).
    December 17, 2008. Shanghai, China.
  26. Towards a Theory of Onion Routing [slides]
    Invited talk, Department of Electrical and Computer Engineering, Iowa State University.
    May 27, 2008. Iowa State University, Ames, Iowa.
  27. A Probabilistic Analysis of Onion Routing in a Black-box Model [slides]
    At the 2007 ACM Workshop on Privacy in the Electronic Society (WPES 2007).
    October 29, 2007. Alexandria, VA.
  28. A Formal Analysis of Onion Routing [slides]
    At the Protocol Exchange Seminar.
    October 26, 2007. University of Maryland, Baltimore County, MD.
  29. A Model of Onion Routing with Provable Anonymity [slides]
    At the 11th Financial Cryptography and Data Security Conference (FC 2007).
    February 12, 2007. Lowlands, Scarborough, Trinidad/Tobago.

Education

Yale University, New Haven, CT U.S.A.
  • Ph.D., Computer Science, December 2009
    Dissertation advisor: Professor Joan Feigenbaum
    Dissertation: Design and Analysis of Efficient Anonymous-Communication Protocols
  • M.S., Computer Science, May 2005
Northwestern University, Evanston, IL U.S.A.
  • B.S. cum laude with honors, Computer Science, June 2004
    Honors thesis advisor: Professor Ming-Yang Kao
    Honors thesis: Routing Network Flow Among Selfish Agents

Employment

September 2011 – present Computer scientist / Security theorist
Formal Methods Section
Center for High Assurance Computer Systems
United States Naval Research Laboratory
Washington, DC
September 2009 – August 2011 Postdoctoral fellow
Department of Computer Science
The University of Texas at Austin
Austin, TX
Advisor: Prof. Vitaly Shmatikov

Service

Organizer

Editorial Board Member

Program Committee Member

External Reviewer

  • Conferences: ICML 2022, CCS 2019, CRYPTO 2016, IEEE S&P 2015, USENIX Security 2014, PETS 2014, CSF 2013, IEEE S&P 2013, NDSS 2013, CCS 2012, NDSS 2012, CSF 2011, ESA 2011, ICALP 2010, IFIP SEC 2010, IEEE S&P 2010, ESORICS 2009, PODC 2009, WWW 2009, PETS 2008
  • Journals: ACM Transactions on Networking (TON), ACM Transactions on Internet Technology (TOIT), IEEE Transactions on Information Theory, Proceedings on Privacy Enhancing Technologies (PoPETs), ACM Transactions on Information and System Security (TISSEC), IEEE Transactions on Dependable and Secure Computing (TDSC), Journal of Computer Security (JCS), Cambridge Journals: Mathematical Structures in Computer Science (MSCS)

Awards

  • 2024 Alan Berman Research Publication Award
    Awarded April 27th, 2024, by the U.S. Naval Research Laboratory
    For best paper in the Information Technology Division:
    Throwing Your Weight Around: Fixing Tor's Positional Weighting
    In Proceedings on Privacy Enhancing Technologies (PoPETS 2023).
  • 2020 Alan Berman Research Publication Award
    Awarded July 22nd, 2021, by the U.S. Naval Research Laboratory
    For best paper in the Information Technology Division:
    CLAPS: Client-Location-Aware Path Selection in Tor
    In Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS 2020).
  • 47th Annual Alan Berman Research Publication Award
    Awarded April 17th, 2015, by the U.S. Naval Research Laboratory
    For best paper in the Information Technology Division:
    The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network
    In Proceedings of the 21st Annual Network & Distributed System Security Symposium (NDSS '14).
  • 44th Annual Alan Berman Research Publication Award
    Awarded March 16th, 2012, by the U.S. Naval Research Laboratory
    For best paper in the Information Technology Division:
    Trust-based Anonymous Communication: Adversary Models and Routing Algorithms
    In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS 2011).