current
- 1. electronic voting systems. 2. usable security architectures for the web. 3. practical peer-to-peer systems.
On voting:
The secrecy of the ballot continues to vex those who would design secure electronic voting systems. Voting equipment must resist tampering and manipulation from every involved party—from the developer to the administrator to the voter—without compromising the secrecy of the ballot. If we are to solve this problem, we must somehow capture the voter's intent in such a way as to prove, with scarce evidence, that we have done so correctly. It is therefore a “paradigmatic hard problem” to develop a trustworthy electronic voting machine.
—from a paper in progress (Jan 2008)
projects
-
2006–present | Research into digital election systems, encompassing the entire spectrum of computer systems and human procedures that make up the modern enterprise of voting.
I am supported in part by the NSF-funded ACCURATE: A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections. Adviser: Dan S. Wallach in the Rice Computer Security Lab.
-
2004–2006 |
FeedTree, a peer-to-peer network for
distributing micronews (RSS and Atom feeds) promptly and
efficiently. As seen
on Slashdot. (This project is no longer under active development,
but the code is still available and usable for RSS
multicast.)
Adviser: Peter
Druschel.
refereed publications
-
D. R. Sandler, K. Derr, and D. S. Wallach.
VoteBox: a tamper-evident, verifiable electronic voting
system.
To appear
in Proceedings of the 17th USENIX Security Symposium (USENIX Security ’08), 2008.
[PDF/HTML |
Show BibTeX]
@inproceedings{sandler08votebox, Author = {Daniel R.~Sandler and Kyle Derr and Dan S.~Wallach}, Title = {{VoteBox:} a tamper-evident, verifiable electronic voting system}, Keywords = {votebox;voting;auditorium;hash-chains;logging;audit;challenge;network;homomorphic;nizk} Booktitle = {Proceedings of the 17th USENIX Security Symposium (USENIX Security '08)}, Address = {San Jose, CA}, Month = aug, Year = 2008} -
D. R. Sandler and D. S. Wallach.
The case for networked remote voting precincts.
To appear
in Proceedings of the 3rd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT ’08), 2008.
[PDF/HTML |
Show BibTeX]
@inproceedings{sandler08remote-voting, Author = {Daniel R.~Sandler and Dan S.~Wallach}, Title = {The case for networked remote voting precincts}, Keywords = {votebox;voting;auditorium;network;remote-voting;anonymity;absentee-voting;provisional-voting} Booktitle = {Proceedings of the 3rd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT '08)}, Address = {San Jose, CA}, Month = aug, Year = 2008} -
D. R. Sandler and D. S. Wallach.
<input type="password"> must die!
In W2SP 2008: Web 2.0
Security & Privacy, 2008.
[PDF |
Show BibTeX]
@inproceedings{sandler08password-must-die, Author = {Daniel R.~Sandler and Dan S.~Wallach}, Title = {<input type="password"> must die!}, Keywords = {html;passwords;javascript;keylogging}, Booktitle = {Proceedings of W2SP 2008: Web 2.0 Security & Privacy 2008}, Address = {Oakland, CA}, Month = may, Year = 2008} -
D. Sandler, K. Derr, S. Crosby, and D. S. Wallach. Finding the evidence in tamper-evident logs.
In Proceedings of the 3rd International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE’08), 2008.
[PDF |
Show BibTeX]
@inproceedings{sandler08evidence, Author = {Daniel Sandler and Kyle Derr and Scott Crosby and Dan S.~Wallach}, Title = {Finding the evidence in tamper-evident logs}, Keywords = {querifier;hash-chains;tamper-evidence;logging;logic}, Booktitle = {Proceedings of the 3rd International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'08)}, Address = {Oakland, CA}, Month = may, Year = 2008} -
D. Sandler and D. S. Wallach. Casting
Votes in the Auditorium. In Proceedings of the 2nd USENIX/ACCURATE
Electronic Voting Technology Workshop (EVT’07), 2007.
[PDF/HTML
|
[Show BibTeX]
@inproceedings{sandler07auditorium, Author = {Daniel Sandler and Dan S.~Wallach}, Title = {Casting Votes in the {Auditorium}}, Keywords = {auditorium;timeline;entanglement;voting;votebox}, Url = {http://accurate-voting.org/wp-content/uploads/2007/08/evt07-sandler.pdf}, Booktitle = {Proceedings of the 2nd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT'07)}, Address = {Boston, MA}, Month = aug, Year = {2007}} - D. Sandler, A. Mislove, A. Post, and P. Druschel. FeedTree: Sharing micronews with peer-to-peer event
notification. In Proceedings of the 4th International Workshop on
Peer-to-Peer Systems (IPTPS'05), Ithaca, NY, Feburary 2005.
[PDF |
Show BibTeX]
@inproceedings{sandler05feedtree, Author = {Daniel Sandler and Alan Mislove and Ansley Post and Peter Druschel}, Title = {FeedTree: Sharing Web micronews with peer-to-peer event notification}, Booktitle = {Proceedings of the 4th International Workshop on Peer-to-Peer Systems (IPTPS'05)}, Url = {http://www.cs.rice.edu/~dsandler/pub/FeedTree-IPTPS05-draft.pdf}, Year = 2005, Address = {Ithaca, NY}, Month = feb }
other pubs
- D. Sandler, K. Derr, S. Crosby, and D. S. Wallach. Finding the evidence in tamper-evident logs. Technical
Report TR08-01, Department of Computer Science, Rice University,
Jan. 2008.
[PDF]
[Show BibTeX]
@techreport{sandler08querifier, Address = {Houston, TX}, Author = {Daniel Sandler and Kyle Derr and Scott Crosby and Dan S.~Wallach}, Institution = {Department of Computer Science, Rice University}, Month = jan, Number = {TR08-01}, Title = {Finding the evidence in tamper-evident logs}, Year = 2008, Url = {http://cohesion.rice.edu/engineering/computerscience/TR/TR_Download.cfm?SDID=238}} - D. Sandler. FeedTree: Scalable and prompt delivery for Web feeds.
Master’s thesis, Rice University, April 2007.
[PDF]
(Thesis adviser: Peter
Druschel.)
- P. Gerecht, R. McDonald, D. Sandler, A. Thomas-Stivalet, D. Wallach. Taking TrackBack Back (from Spam). Technical report TR06-876, Department of Computer Science, Rice University, May 2006. [PDF].
talks
- 22-May-08: Two workshop talks (co-located with Oakland ’08) in one day: (Slides and audio forthcoming.)
- 06-Aug-07: I presented Auditorium (see above) at
EVT'07, and VoteBox at the ACCURATE
PIs meeting (07-Aug)
[slides].
- 30-Nov-06: I delivered a short introduction to Python at a meeting of the Rice CS Club; you can find the slides on my python resources page.
- 20-Oct-06: I presented the results of my FeedTree work to the comp600 seminar
[slides].
This talk was a condensed (~45 min.) version of my MS thesis defense.
- 24-Feb-05: I presented FeedTree at IPTPS ‘05 [slides].
- 07-Nov-04: I spoke at the IRIS project Student Workshop 2004 about A Plan to Save RSS [slides].
teaching
- spring 2007
-
COMP314: Applied algorithms and data structures. Instructor, with Seth Nielson.Office hours: most evenings, on IRC.
-
- fall 2006
-
Unofficial course flyers: (Apologies to Judge Robert Rosenberg for flyer #2)
- spring 2006
-
Office hours: most evenings, on IRC.Infrastructure: We set up a Subversion repository for all student work and turnins. Read more in my Slashdot post.Projects:Lectures:
- Project 2: ADVENTURE. (I designed and wrote the project requirements and most of the bonus features [link withheld].) The project has finished and we're currently grading the submissions. Hopefully we'll be able to post some of them online for everyone to play.
- 2006-03-10: Python in 90 minutes (or your money back (note: Python is free)).
- fall 2005
- COMP210:
Principles of Computing and Programming.
School of Engineering TA.
Office hours: Friday, 12PM-2PM.Lectures:
- 2005-09-28: Mutually recursive datatypes. (HTDP ch.15)
- 2005-10-28: A new form of recursion, or, “Party-hat quicksort.” (HTDP ch.25)
- 2005-11-04: Algorithms that backtrack, or, “The Legend of Lambda.” (HTDP ch.28)
- spring 2005
- COMP420: Introduction to distributed computer systems. TA (I designed most of the project suggestions).
coursework
- spring 2006–present
- fall 2005
- COMP412 » Topics in Compiler Construction
- COMP527 » Computer Systems Security
- COMP690 » Thesis and research
- summer 2005
- COMP690 » Thesis and research
- spring 2005
- COMP481 » Automata, formal languages, & computability
- COMP620 » Graduate seminar in distributed systems
- ECON472 » Introduction to game theory
- COMP590 » Computer science projects
- fall 2004
recent hacks of no real significance
-
14-Nov-06:
iV-Drip version 0.1 contains scripts to parse and compare event
logs and votes (“image logs”) from ES&S iVotronic voting
machines, version 8. The first version is very rough, based on code I
wrote while investigating the Webb County election in Laredo, TX in 2006.
Very lightly documented; contact me with questions or feature requests.
Software released under the GPL v2.
- download: ivdrip-0.1.zip
- download: sample-files.zip -- votes and events from the Webb County 2006 Democratic primary
- 24-Aug-06: A new, Web-based, fancy-pants version of the Duncan Hall office sign generator.
- 14-May-06: Illuminati plugin for WordPress (allows your WP blog to participate in Mike Freedman's Internet measurement project; see illuminati.coralcdn.org).
- 05-Mar-06:
minipng.py,
a teeny-tiny PNG graphics library for Python (more
info) - 25-Feb-06: send an email to dsandler PLUS ktru AT cs.rice to find out what's playing on KTRU right now (handy for identifying unidentifiable music from your phone)
- 16-Sep-05: fix-scm script for extracting (most of) the Scheme program text out of one of DrScheme’s binary “multimedia files”
- [What is Atom?]20-Jul-05: Atom feed for the Rice Greensheet (refreshed daily).
- 29-Jun-05: rice academic calendars in iCal (.ics) format: F05, S06, F06, S07
- 08-Sep-04: dupr - duplex printing helper (use it just like lpr)
- 08-Sep-04: ph.py - trivial Ph (RFC2378) query library for python; also implements a mutt-compatible Rice-address-lookup shell tool
dsandler.org