photo of Nadia Heninger

Nadia Heninger

Magerman Term Assistant Professor
Computer and Information Science
University of Pennsylvania

3330 Walnut St.
Philadelphia, PA 19104-3409

Email: nadiah at cis dot upenn dot edu

Office: 604 Levine

Phone: +1 215 898 9252

My primary research interests are in cryptography and security, with particular interest in cryptography in practice, cryptanalysis, privacy, lattices, computational number theory, and coding theory. I am part of the Security Laboratory and the Theory Group at Penn.

In 2019 I will be moving to UC San Diego. If you are a prospective student interested in working with me, please apply there. I will be visiting Microsoft Research New England from January through June 2019.

Previously, I was a postdoctoral visiting researcher at Microsoft Research New England in Cambridge, MA, and an NSF mathematical sciences postdoctoral fellow in the Department of Computer Science and Engineering at UC San Diego. I have a Ph.D. in computer science from Princeton University and a B.S. in electrical engineering and computer science from UC Berkeley.

curriculum vitae      short bio     bigger picture


CIS 331: Introduction to Networks & Security Fall 2017, Spring 2017, Spring 2016, Spring 2015, Spring 2014
CIS 556: Cryptography Fall 2018, Fall 2016, Fall 2015, Fall 2014
CIS 800: Topics in Cryptography Fall 2013

Seminars and reading groups

I organize a weekly security reading group.

PhD Students

Shaanan Cohney
Marcella Hastings
Luke Valenta


Barak Shani

Undergraduate Students

Paul Lou


Gabrielle De Micheli
Josh Fried
Daniel Genkin
Richard Roberts
Michael Rudow
Terry Sun


Properties of Constacyclic Codes Under the Schur Product. Brett Hemenway Falk, Nadia Heninger, and Michael Rudow. 2018. [arXiv]

The Proof is in the Pudding: Proofs of Work for Solving Discrete Logarithms. Marcella Hastings, Nadia Heninger, and Eric Wustrow. To appear at Financial Cryptography 2019. [ePrint]

Practical state recovery attacks against legacy RNG implementations. Shaanan Cohney, Matthew D. Green, and Nadia Heninger. CCS 2018. [web site]

Characterizing overstretched NTRU attacks. Gabrielle De Micheli, Nadia Heninger, and Barak Shani. MathCrypt 2018. [ePrint]

CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks. Fergus Dall, Gabrielle De Micheli, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, and Yuval Yarom. TCHES 2018.

In search of CurveSwap: Measuring elliptic curve implementations in the wild. Luke Valenta, Nick Sullivan, Antonio Sanso, and Nadia Heninger. EuroS&P 2018. [ePrint]

Sliding right into disaster: Left-to-right sliding windows leak. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom. CHES 2017. [ePrint]

Post-Quantum RSA. Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta. PQCrypto 2017. [ePrint]

A kilobit hidden SNFS discrete logarithm computation. Joshua Fried, Pierrick Gaudry, Nadia Heninger, and Emmanuel Thomé. Eurocrypt 2017. [ePrint] [web site]

Measuring small subgroup attacks against Diffie-Hellman. Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman, and Nadia Heninger. NDSS 2017. [ePrint]

Cryptographic applications of capacity theory: On the optimality of Coppersmith's method for univariate polynomials. Ted Chinburg, Brett Hemenway, Nadia Heninger, and Zachary Scherr. Asiacrypt 2016. [arXiv]

Weak Keys Remain Widespread in Network Devices. Marcella Hastings, Joshua Fried, and Nadia Heninger. IMC 2016. [ACM version]

A Systematic Analysis of the Juniper Dual EC Incident. Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla, and Hovav Shacham. CCS 2016. Best paper award! [ePrint]

DROWN: Breaking TLS using SSLv2. Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt. Usenix Security 2016. [web site]

CacheBleed: A Timing Attack on OpenSSL Constant Time RSA. Yuval Yarom, Daniel Genkin, and Nadia Heninger. CHES 2016. [web site] [ePrint]

Factoring as a Service. Luke Valenta, Shaanan Cohney, Alex Liao, Joshua Fried, Satya Bodduluri, and Nadia Heninger. Financial Cryptography 2016. [ePrint] [web site] [source code]

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice. David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, and Paul Zimmermann. CCS 2015. Best paper award! [web site]

Elliptic Curve Cryptography in Practice. Joppe W. Bos, J. Alex Halderman, Nadia Heninger, Jonathan Moore, Michael Naehrig, and Eric Wustrow. Financial Cryptography 2014. [ePrint]

Factoring RSA keys from certified smart cards: Coppersmith in the wild. Daniel J. Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, and Nicko van Someren. Asiacrypt 2013. [web site]

Torchestra: Reducing interactive traffic delays over Tor. Deepika Gopal and Nadia Heninger. WPES 2012.

Mining your Ps and Qs: Detection of widespread weak keys in network devices. Nadia Heninger, Zakir Durumeric, Eric Wustrow, J. Alex Halderman. Usenix Security 2012. Best paper award! [web site]

Optimally robust private information retrieval. Casey Devet, Ian Goldberg, and Nadia Heninger. Usenix Security 2012. [ePrint]

Approximate common divisors via lattices. Henry Cohn and Nadia Heninger. Algorithmic Number Theory Symposium 2012. [ePrint] [higgledy piggledy]

Ideal forms of Coppersmith's theorem and Guruswami-Sudan list decoding. Henry Cohn and Nadia Heninger. Innovations in Computer Science 2011. [arXiv] [slides]

Computational complexity and information asymmetry in election audits with low-entropy randomness. Nadia Heninger. EVT/WOTE 2010. [slides] [higgledy piggledy]

Defeating Vanish with low-cost Sybil attacks against large DHTs. Scott Wolchok, Owen S. Hofmann, Nadia Heninger, Edward W. Felten, J. Alex Halderman, Christopher J. Rossbach, Brent Waters, Emmett Witchell. NDSS 2010. [web site]

Reconstructing RSA private keys from random key bits. Nadia Heninger and Hovav Shacham. Crypto 2009. [ePrint] [slides] [source]

Fingerprinting blank paper using commodity scanners. William Clarkson, Tim Weyrich, Adam Finkelstein, Nadia Heninger, J. Alex Halderman, and Edward W. Felten. Oakland 2009. [web site]

Lest we remember: Cold boot attacks on encryption keys. J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. Usenix Security 2008. Best student paper award! [web site]

On the integrality of n-th roots of generating functions. Nadia Heninger, Eric Rains and N. J. A. Sloane. Journal of Combinatorial Theory Series A, v.113 n.8, p.1732-1745, November 2006. [arXiv]