About

Srini Devadas is the Edwin Sibley Webster Professor at MIT in the Department of Electrical Engineering and Computer Science (EECS). His research areas include computer architecture, integrated circuits and systems, security and cryptography, systems and networking, and the theory of computation. His work involves designing systems that sense, process, and transmit energy and information, leveraging computational, theoretical, and experimental tools to develop groundbreaking sensors, energy transducers, new physical substrates for computation, and systems that address shared human challenges. As a faculty member, he contributes to the development of innovative solutions in electrical engineering and computer science, with a focus on advancing the understanding and application of these technologies.

Research topics

• Computer science
• Embedded system
• Computer security
• Parallel computing
• Operating system

Selected publications

• Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware

  Proceedings on Privacy Enhancing Technologies · 2025-05-19 · 1 citations

  articleOpen access

  We present Argos, a simple approach for adding verifiability to fully homomorphic encryption (FHE) schemes using trusted hardware. Traditional approaches to verifiable FHE require expensive cryptographic proofs, which incur an overhead of up to seven orders of magnitude on top of FHE, making them impractical. With Argos, we show that trusted hardware can be securely used to provide verifiability for FHE computations, with minimal overhead relative to the baseline FHE computation. An important contribution of Argos is showing that the major security pitfall associated with trusted hardware, microarchitectural side channels, can be completely mitigated by excluding any secrets from the CPU and the memory hierarchy. This is made possible by focusing on building a platform that only enforces program and data integrity and not confidentiality (which is sufficient for verifiable FHE, since all data remain encrypted at all times). All secrets related to the attestation mechanism are kept in a separate coprocessor (e.g., a TPM)---inaccessible to any software-based attacker. Relying on a discrete TPM typically incurs significant performance overhead, which is why (insecure) software-based TPMs are used in practice. As a second contribution, we show that for FHE applications, the attestation protocol can be adapted to only incur a fixed cost. Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward. Our prototype implementation introduces 3% overhead for FHE evaluation, and 8% for more complex protocols. In particular, we show that Argos can be used for real-world applications of FHE, such as private information retrieval (PIR) and private set intersection (PSI), where providing verifiability is imperative. By demonstrating how to combine cryptography with trusted hardware, Argos paves the way for widespread deployment of FHE-based protocols beyond the semi-honest setting, without the overhead of cryptographic proofs.

  PublisherDOI

• Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware

  arXiv (Cornell University) · 2024-12-04

  preprintOpen access

  We present Argos, a simple approach for adding verifiability to fully homomorphic encryption (FHE) schemes using trusted hardware. Traditional approaches to verifiable FHE require expensive cryptographic proofs, which incur an overhead of up to seven orders of magnitude on top of FHE, making them impractical. With Argos, we show that trusted hardware can be securely used to provide verifiability for FHE computations, with minimal overhead relative to the baseline FHE computation. An important contribution of Argos is showing that the major security pitfall associated with trusted hardware, microarchitectural side channels, can be completely mitigated by excluding any secrets from the CPU and the memory hierarchy. This is made possible by focusing on building a platform that only enforces program and data integrity and not confidentiality. All secrets related to the attestation mechanism are kept in a separate coprocessor (e.g., a TPM)-inaccessible to any software-based attacker. Relying on a discrete TPM typically incurs significant performance overhead, which is why (insecure) software-based TPMs are used in practice. As a second contribution, we show that for FHE applications, the attestation protocol can be adapted to only incur a fixed cost. Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward. Our prototype implementation introduces 3% overhead for FHE evaluation, and 8% for more complex protocols. In particular, we show that Argos can be used for real-world applications of FHE, such as private information retrieval (PIR) and private set intersection (PSI), where providing verifiability is imperative. By demonstrating how to combine cryptography with trusted hardware, Argos paves the way for widespread deployment of FHE-based protocols beyond the semi-honest setting, without the overhead of cryptographic proofs.

  PublisherOA PDFDOI

• Guest Editors’ Introduction: Special Issue on 2021 Top Picks in Hardware and Embedded Security

  IEEE Design and Test · 2022-06-22 · 1 citations

  articleOpen access1st authorCorresponding

  <bold xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Hardware is the</b> foundation of many systems ranging from embedded systems, and Internet of Things devices, to cyber–physical systems. The increasing design complexity of hardware continues to challenge our ability to provide robust security guarantees, thereby undermining the security of systems and resulting in security breaches and leakage of private information. The direct and indirect costs of addressing security vulnerabilities (e.g., root cause analysis, deploying fixes and mitigations, and risk of product recalls) not only damage the reputation of a company, but also prolong time-to-market deadlines, thereby squeezing the supply chain. To this end, researchers from academia and industry have been developing tools and techniques that can help identify and mitigate security issues in hardware, thereby building a bedrock for system security. One important task toward this ambitious goal is to identify the best set of attack and defense tools and techniques in hardware and embedded security, which typically spans many communities ranging from devices to circuits to architecture to CAD to cryptography. This special issue presents the articles selected during the third edition of the workshop “Top Picks in Hardware and Embedded Security” (shortly, Top Picks) held virtually (due to COVID-19) on November 5, 2021, “co-located” with the IEEE/ACM International Conference on Computer- Aided Design.

  PublisherOA PDFDOI

• F1: A Fast and Programmable Accelerator for Fully Homomorphic Encryption (Extended Version)

  arXiv (Cornell University) · 2021-09-11 · 25 citations

  preprintOpen access

  Fully Homomorphic Encryption (FHE) allows computing on encrypted data, enabling secure offloading of computation to untrusted serves. Though it provides ideal security, FHE is expensive when executed in software, 4 to 5 orders of magnitude slower than computing on unencrypted data. These overheads are a major barrier to FHE's widespread adoption. We present F1, the first FHE accelerator that is programmable, i.e., capable of executing full FHE programs. F1 builds on an in-depth architectural analysis of the characteristics of FHE computations that reveals acceleration opportunities. F1 is a wide-vector processor with novel functional units deeply specialized to FHE primitives, such as modular arithmetic, number-theoretic transforms, and structured permutations. This organization provides so much compute throughput that data movement becomes the bottleneck. Thus, F1 is primarily designed to minimize data movement. The F1 hardware provides an explicitly managed memory hierarchy and mechanisms to decouple data movement from execution. A novel compiler leverages these mechanisms to maximize reuse and schedule off-chip and on-chip data movement. We evaluate F1 using cycle-accurate simulations and RTL synthesis. F1 is the first system to accelerate complete FHE programs and outperforms state-of-the-art software implementations by gmean 5400x and by up to 17000x. These speedups counter most of FHE's overheads and enable new applications, like real-time private deep learning in the cloud.

  PublisherOA PDFDOI

• On Differentially Private Stochastic Convex Optimization with\n Heavy-tailed Data

  arXiv (Cornell University) · 2020-10-21 · 3 citations

  preprintOpen access

  In this paper, we consider the problem of designing Differentially Private\n(DP) algorithms for Stochastic Convex Optimization (SCO) on heavy-tailed data.\nThe irregularity of such data violates some key assumptions used in almost all\nexisting DP-SCO and DP-ERM methods, resulting in failure to provide the DP\nguarantees. To better understand this type of challenges, we provide in this\npaper a comprehensive study of DP-SCO under various settings. First, we\nconsider the case where the loss function is strongly convex and smooth. For\nthis case, we propose a method based on the sample-and-aggregate framework,\nwhich has an excess population risk of $\\tilde{O}(\\frac{d^3}{n\\epsilon^4})$\n(after omitting other factors), where $n$ is the sample size and $d$ is the\ndimensionality of the data. Then, we show that with some additional assumptions\non the loss functions, it is possible to reduce the \\textit{expected} excess\npopulation risk to $\\tilde{O}(\\frac{ d^2}{ n\\epsilon^2 })$. To lift these\nadditional conditions, we also provide a gradient smoothing and trimming based\nscheme to achieve excess population risks of $\\tilde{O}(\\frac{\nd^2}{n\\epsilon^2})$ and\n$\\tilde{O}(\\frac{d^\\frac{2}{3}}{(n\\epsilon^2)^\\frac{1}{3}})$ for strongly\nconvex and general convex loss functions, respectively, \\textit{with high\nprobability}. Experiments suggest that our algorithms can effectively deal with\nthe challenges caused by data irregularity.\n

  PublisherOA PDFDOI

• On Privacy-preserving Decentralized Optimization through Alternating Direction Method of Multipliers.

  2019-02-16 · 3 citations

  articleSenior author

  Privacy concerns with sensitive data in machine learning are receiving increasing attention. In this paper, we study privacy-preserving distributed learning under the framework of Alternating Direction Method of Multipliers (ADMM). While secure distributed learning has been previously exploited in cryptographic or non-cryptographic (noise perturbation) approaches, it comes at a cost of either prohibitive computation overhead or a heavy loss of accuracy. Moreover, convergence in noise perturbation is hardly explored in existing privacy-preserving ADMM schemes. In this work, we propose two modified private ADMM schemes in the scenario of peer-to-peer semi-honest agents: First, for bounded colluding agents, we show that with merely linear secret sharing, information-theoretically private distributed optimization can be achieved. Second, using the notion of differential privacy, we propose first-order approximation based ADMM schemes with random parameters. We prove that the proposed private ADMM schemes can be implemented with a linear convergence rate and with a sharpened privacy loss bound in relation to prior work. Finally, we provide experimental results to support the theory.

  Publisher

• Mission Assurance: Beyond Secure Processing

  2018-07-01 · 3 citations

  articleSenior author

  The processor of a drone runs essential functions of sensing, communications, coordination, and control. This is the conventional view. But in today's cyber environment, the processor must also provide security to assure mission completion. We have been developing a secure processing architecture for mission assurance. A study on state-of-the-art secure processing technologies has revealed that no one-size-fits-all solution can fully meet our requirements. In fact, we have concluded that the provision of a secure processor as a mission assurance foundation must be holistic and should be approached from a systems perspective. We have thus applied a systems analysis approach to create a secure base for the system. This paper describes our journey of adapting and synergizing various secure processing technologies into a baseline asymmetric multicore processing architecture. We will also describe a functional and security co-design environment, created to customize and optimize the architecture in a design space consisting of hardware, software, performance, and assurance.

  PublisherDOI

• Secure high-performance computer architectures: Challenges and opportunities

  2018-12-01

  article1st authorCorresponding

  Summary form only given. Recent work has shown that architectural isolation can be violated through software side channel attacks that exploit microarchitectural performance optimizations such as speculation to leak secrets. While turning off microarchitectural optimizations can preclude some classes of attacks, we argue that performance and security do not have be in conflict, provided processors are designed with security in mind. We espouse a principled approach to eliminating entire attack surfaces through microarchitectural isolation, rather than plugging attack-specific privacy leaks. We argue that minimal modifications to hardware can defend against all currently-practical side channel attacks and without significant performance impact. As an application of this approach, we describe the Sanctum processor architecture that offers strong provable isolation of software modules running concurrently and sharing resources, and Sanctoom, a speculative, out-of-order variant with similar properties. These processors provide isolation even when large parts of the operating system are compromised, and their open-source implementations allow security properties to be independently verified.

  PublisherDOI

• PriviPK: Certificate-less and secure email communication

  Computers & Security · 2017-05-04 · 6 citations

  articleSenior author
  PublisherDOI

• MIT CSAIL and Lincoln Laboratory Task Force Report

  2016-08-01

  article
  Publisher

Frequent coauthors

• Ilya Lebedev

  State Research Center of the Russian Federation

  5 shared

• Alin Tomescu

  4 shared

• Dimitrios Serpanos

  University of Patras

  4 shared

• Hanshen Xiao

  Nvidia (United States)

  3 shared

• Erik Altman

  IBM (United States)

  2 shared

• Larry Rudolph

  2 shared

• Aamer Jaleel

  2 shared

• Mike O’Connor

  University of Tennessee at Knoxville

  2 shared

Labs

• MIT EECS - Srini Devadas LabPI

Awards & honors

• 2026 MacVicar Faculty Fellows