Technology is reshaping the foundations of democratic society, from the notion of privacy to freedom of expression to the way we choose who will lead.  These changes raise new challenges for computer security by revealing limitations of traditional threat models, computational abstractions, and concepts about trust.  At the same time, they present opportunities to advance the science of security and to achieve significant positive real-world impacts by creating new technologies that reflect and support democratic values.

The first part of my talk will explore on the proliferation of mobile data storage and the danger posed by the cold boot attack, which exploits physical properties of RAM to reveal the cryptographic keys used by full disk encryption software.  I will show how imprecise hardware-software abstractions have concealed important threats to confidentiality and resulted in misinformed public policy approaches to data breaches.

The second part of the talk will focus on electronic voting, which presents some of the most difficult problems in computer security due to the simultaneous requirements of accurate results and ballot secrecy.  My work studying deployed voting systems has exposed critical weaknesses, impacted election policy, and revealed opportunities where new technology can be intelligently applied to safeguard elections.

The last part of the talk will concentrate on state-sponsored Internet censorship, which increasingly makes use of new technologies such as deep-packet inspection (DPI) to suppress and manipulate information.  I will show how DPI, together with public key steganography, can be repurposed to provide robust censorship resistance tools that could serve as a state-level response to state-level censorship.