Shaanan Cohney

Shaanan is a Lecturer (equivalent to a U.S. Assistant Professor) at the University of Melbourne where his research centers on the interplay between computer systems and the law, with particular focus on applications of cryptography.

In 2019, Shaanan was the inaugural Geller Fellow of the Wharton Public Policy Initiative, with a summer placement in the Office of Policy Planning at the Federal Trade Commission (FTC), where he assisted in the development of technology strategy within the commission.

In 2018 he served as a Cybersecurity Fellow working on U.S Federal technology policy in the office of Senator Ron Wyden. Prior to that, he spent three months at Facebook headquarters, working to ensure secure deletion of user data.

Shaanan completed his Ph.D. and MSE at the University of Pennsylvania in Computer & Information Science. He obtained a Master in Law from Penn Law, and his BSc and DipMus (Vocal Performance) from the University and Conservatorium of Melbourne respectively.

His research has received recognition in the form of the Best Paper Award at ACM CCS and an Pwnie Award for best Cryptographic Attack. He is also the recipient of the Kelvin Medal, the Excellence in Teaching Award, and Excellence in Tutoring Award from the University of Melbourne.

Shaanan also retains a secondary affiliation with Princeton University’s Center for IT Policy, where he was previously a Postdoctoral Research Associate.

Shaanan is particularly passionate about teaching undergraduate students and advocating for student welfare and mental health.

Research Interests

Applied Cryptography, Computer Security, Public Interest Technology, Consumer Protection

Selected Publications

1. NOTRY: Deniable messaging with retroactive avowal, PoPETS, (2024), Faxing Wang, Shaanan Cohney, Riad Wahby and Joseph Bonneau.
   BibTeX

   @article{notry,
     title = {NOTRY: Deniable messaging with retroactive avowal},
     author = {Wang, Faxing and Cohney, Shaanan and Wahby, Riad and Bonneau, Joseph},
     booktitle = {PoPETS},
     year = {2024},
     selected = {yes},
     group = {papers}
   }
   

2. Learning with Style: Improving Student Code-Style Through Better Automated Feedback, 55th ACM Technical Symposium on Computer Science Education, (2024), Liam Saliba, Eduardo Oliveira, Shaanan Cohney and Qi Jianzhong.
   BibTeX

   @article{ccheck,
     title = {Learning with Style: Improving Student Code-Style Through Better Automated Feedback},
     author = {Saliba, Liam and Oliveira, Eduardo and Cohney, Shaanan and Jianzhong, Qi},
     year = {2024},
     pages = {1--7},
     booktitle = {55th ACM Technical Symposium on Computer Science Education},
     group = {papers},
     selected = {yes}
   }
   

3. Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing, 46th ACM/IEEE International Conference on Software Engineering, (2024), Lianglu Pan, Shaanan Cohney, Toby Murray and Van-Thuan Pham.
   BibTeX

   @article{edefuzz,
     title = {Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing},
     author = {Pan, Lianglu and Cohney, Shaanan and Murray, Toby and Pham, Van-Thuan},
     booktitle = {46th ACM/IEEE International Conference on Software Engineering},
     year = {2024},
     selected = {yes},
     pages = {1-14},
     group = {papers},
     preprint = {https://arxiv.org/abs/2301.09258}
   }
   

4. Watching the watchers: bias and vulnerability in remote proctoring software, 31st USENIX Security Symposium (USENIX Security 22), (2022), Ben Burgess, Avi Ginsberg, Edward W Felten and Shaanan Cohney, 220k Twitter Impressions!
   BibTeX

   @article{watchers,
     title = {Watching the watchers: bias and vulnerability in remote proctoring software},
     author = {Burgess, Ben and Ginsberg, Avi and Felten, Edward W and Cohney, Shaanan},
     booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
     year = {2022},
     selected = {yes},
     group = {papers},
     pages = {571--588},
     link = {https://www.usenix.org/system/files/sec22-burgess.pdf},
     awards = {220k Twitter Impressions!}
   }
   

5. Transactional scripts in contract stacks, Minn. L. Rev., (2020), Shaanan Cohney and David A Hoffman.
   BibTeX

   @article{scripts,
     title = {Transactional scripts in contract stacks},
     author = {Cohney, Shaanan and Hoffman, David A},
     journal = {Minn. L. Rev.},
     volume = {105},
     pages = {319--388},
     year = {2020},
     publisher = {HeinOnline},
     selected = {yes},
     group = {lawreviews},
     link = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3523515}
   }
   

6. Pseudorandom black swans: Cache attacks on CTR_DRBG, 2020 IEEE Symposium on Security and Privacy (S&P), (2020), Shaanan Cohney, Andrew Kwong, Shahar Paz, Daniel Genkin, Nadia Heninger, Eyal Ronen and Yuval Yarom.
   BibTeX

   @article{blackswans,
     title = {Pseudorandom black swans: Cache attacks on CTR\_DRBG},
     author = {Cohney, Shaanan and Kwong, Andrew and Paz, Shahar and Genkin, Daniel and Heninger, Nadia and Ronen, Eyal and Yarom, Yuval},
     booktitle = {2020 IEEE Symposium on Security and Privacy (S\&P)},
     pages = {1241--1258},
     year = {2020},
     organization = {IEEE},
     selected = {yes},
     group = {papers},
     link = {https://ieeexplore.ieee.org/iel7/9144328/9152199/09152663.pdf}
   }
   

7. Coin-operated capitalism, Columbia Law Review, 3 (2019), Shaanan Cohney, David Hoffman, Jeremy Sklaroff and David Wishnick.
   BibTeX

   @article{coc,
     title = {Coin-operated capitalism},
     author = {Cohney, Shaanan and Hoffman, David and Sklaroff, Jeremy and Wishnick, David},
     journal = {Columbia Law Review},
     volume = {119},
     number = {3},
     pages = {591--676},
     year = {2019},
     publisher = {JSTOR},
     selected = {yes},
     group = {lawreviews},
     link = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3215345}
   }
   

8. Practical state recovery attacks against legacy RNG implementations, Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, (2018), Shaanan Cohney, Matthew D Green and Nadia Heninger.
   BibTeX

   @article{duhk,
     title = {Practical state recovery attacks against legacy RNG implementations},
     author = {Cohney, Shaanan and Green, Matthew D and Heninger, Nadia},
     booktitle = {Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
     pages = {265--280},
     year = {2018},
     selected = {yes},
     group = {papers},
     link = {https://dl.acm.org/doi/pdf/10.1145/3243734.3243756}
   }
   

9. A systematic analysis of the Juniper Dual EC incident, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (2016), Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla and Hovav Shacham, Best Paper Award.
   BibTeX

   @article{juniper,
     title = {A systematic analysis of the Juniper Dual EC incident},
     author = {Checkoway, Stephen and Maskiewicz, Jacob and Garman, Christina and Fried, Joshua and Cohney, Shaanan and Green, Matthew and Heninger, Nadia and Weinmann, Ralf-Philipp and Rescorla, Eric and Shacham, Hovav},
     booktitle = {Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security},
     pages = {468--479},
     year = {2016},
     selected = {yes},
     group = {papers},
     link = {https://dl.acm.org/doi/10.1145/2976749.2978395},
     awards = {Best Paper Award}
   }
   

Teaching

• Foundations of Algorithms (University of Melbourne) — 2021s1, 2022s1, 2023s1, 2024s1
• Information Security (University of Melbourne) — 2021s2, 2022s2, 2023s2

TAing/Tutoring

• Computer and Network Security (UPenn) — 2017sf, 2016sf, 2015sf
• Technology and Policy (UPenn) — 2016s
• Operating Systems (UPenn) — 2015f, 2016f
• Foundations of Computing (University of Melbourne) — 2014s1
• Computer Systems (University of Melbourne) — 2014s1
• Engineering Computation (University of Melbourne) — 2013s2
• Algorithms and Data Structures (UPenn) — 2013s

PhD Students

• Elisa Shioji
• Lianglu Pan
• Faxing Wang
• Mike Zhuang

Masters Research Students

• Liam Saliba
• Xiaocong Zhang
• Qingyun Wu
• Michael Maxwell Wenn
• Haodong Gu
• Zachary Duthie (graduated)
• Simon Kelly (graduated)

Undergraduate Research Students

• Joseph Surin (graduated)

Academic Siblings

• Dr. Luke Valenta
• Dr. Marcella Hastings
• Dr. Gabrielle De Micheli
• Josh Fried

Miscellaneous

• While at Princeton I was a Bass in Voices of Gotham, a competitive barbershop chorus. I spent my PhD in multiple different choirs, the most significant of them being the Penn Glee Club and the Penn Pipers.
• I spend much of my free time playing piano, predominantly works from musical theatre.
• I came second place in a safe cracking tournament, and am working to learn and teach lockpicking.
• I have five years of experience as an informal educator in a community youth movement.
• More to follow eventually here