Intro

Hello! My name is Meron Zerihun Demissie. I was born and raised in Addis Ababa, Ethiopia, a country located at the Horn of Africa. Currently, I am pursuing my Ph.D. in Computer Science and Engineering at the University of Michigan. I am advised by Prof. Todd Austin. My research focuses on identifying approaches to prevent vulnerabilities in existing sensitive applications and designing computer systems for private and verifiable computing.

I earned a Bachelor's degree in Software Engineering from Addis Ababa University's Institute of Technology. During my undergraduate studies, I participated in AURA, a research exchange program, where I worked in a team on a project called Privacy Enhanced Computer Architecture, which continues to inspire my current scholarly pursuit.

To learn more about my academic work and other activities, feel free to explore this website and don't hesitate to contact me.

Research

Going Beyond Encryption with Encrypted and Tamper-proof Computation | M. Zerihun Demissie, L. Biernacki, T. Ramotsoela, T. Austin | On-going

Summary

In this work, we design a practical, expressive, hardware-based secure computation framework. Secure computation is a specialized form of computation performed directly on encrypted data without software needing a data access key. The potential future existence of this form of computation would have a huge impact in the world of security and privacy. In the security arena, secure computation would create programs that are not vulnerable to any existing forms of hacking, because all a hacker could acquire from breaking into a secure computation is always-encrypted sensitive data. In the privacy arena, this form of computation could allow a system to process data that software, programmers, or administrators could never see. This hardware-based secure computation framework provides strong confidentiality guarantees, since by design, the software cannot see the data that it is processing. Currently, we are enhancing our secure computation framework, Sequestered Encryption, to verify the integrity of a computation so that clients know that the processed results they receive is a product of accurately performing the computation on the inputs they originally specified.



LOL: Leaky Operators in Languages | M. Zerihun Demissie, T. Austin | On-going

Summary

Language-based vulnerabilities are weaknesses in software that arise from how a language is semantically defined. C++ and many other imperative languages use semantics when defining certain operators for optimizing code and avoiding exceptions. Some of these semantics, however, can be exploited to leak sensitive (private) information. If such operators are used to compute on private data within a program, the instruction and memory trace can vary depending on the private data. This behavior causes an observable side-channel that can be used by an attacker to exfiltrate these sensitive data values. In this work, we seek to identify real-world sensitive applications that suffer from language-based vulnerabilities and provide mitigation that are reliable, easy to use, and portable to these applications.



ISPASS 2023 | Exploring the Efficiency of Data Oblivious Programs   |   L. Biernacki, B. Mengist Tiruye, M. Zerihun Demissie, F. Assamnew Andargie, B. Reagen, T. Austin

Summary

In this work, we present the first performance characterization of data-oblivious programs. Data-oblivious programs have gained popularity due to their application in security but are often dismissed because of the anticipated performance loss. We study mechanical data-oblivious transformations applied to twenty workloads from the VIP-Bench benchmark suite. Furthermore, we show that the per-instruction performance is improved as a result of these transformations due to better branch and memory performance. While data-oblivious program execution often incurs overheads, the contributions of this work show that these overheads are often small. In the contrary cases, it is sometimes possible to overcome these overheads with compiler and algorithmic optimizations, bringing us closer to achieving efficient and widely-used data-oblivious programs.



SEED 2022  |  Sequestered Encryption: A Hardware Technique for Comprehensive Data Privacy  |  L. Biernacki, M. Zerihun Demissie, K. Birkayehu Workneh, F. Assamnew Andargie, T. Austin

Summary

Data breaches that penetrate web-facing servers and exfiltrate sensitive user data have become pervasive. Insulating these systems from attack is seemingly impossible due to the pervasiveness of software vulnerabilities within these cloud applications. In this work, we explore how trusted hardware can be leveraged to provide data confidentiality while achieving practical performance overheads. We present Sequestered Encryption (SE)—a hardware technique for data privacy that sequesters sensitive plaintext data into a small hardware root of trust and encrypts this data in all external microarchitectural structures, thereby rendering secret values inaccessible to software.



SEED 2021  |  SEED 2021  |  VIP-Bench: A Benchmark Suite for Evaluating Privacy-Enhanced Computation Frameworks  |  L. Biernacki, M. Zerihun Demissie, K. Birkayehu Workneh, G. Basha Namomsa, P. Gebremedhin, F. Assamnew Andargie, B. Reagen, T. Austin

Summary

Privacy-enhanced computation enables the processing of encrypted data without exposing underlying sensitive information. Such technologies are extremely promising for the advancement of data privacy, as they remove plaintexts from the attackers' reach. However, each privacy technology provides varying degrees of computational capabilities and performance overheads, creating challenges for adoption. We propose VIP-Bench, a benchmark suite designed with varying operational complexity and computational depth to evaluate competing privacy frameworks fairly and directly. VIP-Bench defines a forward-looking privacy-enhanced computation model and then develops under that model an array of privacy-focused benchmarks. The benchmark set is designed to flexibly cover the whole range of expected computational power and capability, enabling VIP-Bench to evaluate the privacy-enhanced computation capabilities of both today and tomorrow.




Workshop Posters

DAC 2023  |  Going Beyond Hacking with Encrypted and Tamper-proof Computation   |   M. Zerihun Demissie, L. Biernacki, T. Ramotsoela, T. Austin.

Poster - Going Beyond Hacking with Encrypted and Tamper-proof Computation

WISE 2022  |  Verifying Computation In Sequestered Encryption   |   M. Zerihun Demissie, L. Biernacki, T. Austin.

Poster - Verifiable Computation in SE