2025 IISWC Workshop on Security–Performance Trade-offs

Abstract: Mojo-V is a new RISC-V extension that introduces secret computation, enabling secure, efficient, and data-oblivious execution without reliance on fragile software and programmer trust. By sequestering sensitive data in dedicated secret registers and encrypting memory under a third-party key, Mojo-V prevents disclosures and enforces computation that is both blind (no direct disclosures) and silent (no side channel leakage). The design integrates seamlessly into the existing RISC-V ISA with only a mode bit and two new instructions, enforced entirely at decode. Early results show near-native execution speeds while offering over 5-7 orders of magnitude performance improvement compared to fully homomorphic encryption (FHE), with a clear roadmap for integration into CPUs, GPUs, and specialized accelerators.

Todd Austin

University of Michigan

Todd Austin is the S. Jack Hu Collegiate Professor of Computer Science and Engineering at the University of Michigan. His research focuses on computer architecture, hardware security, and dependable systems, with contributions spanning secure processors, memory systems, and AI hardware. He is a Fellow of the IEEE, and his work has been widely recognized for advancing the performance, security, and reliability of modern computing systems. To see more of Todd’s content, please follow him on LinkedIn: https://www.linkedin.com/in/prof-todd-austin/

Abstract: Security and performance are often at odds: stronger protections usually come with real costs in efficiency, usability, or developer adoption. This talk explores that tension across three domains: automated vulnerability repair, where fixes may break correctness or efficiency; fuzzing trusted IoT operating systems, where deeper testing improves security but adds overhead; and smart home privacy analysis, where stronger protections risk latency and usability issues. Together, these case studies reveal a central challenge for our field: security mechanisms must be designed not only to defend but also to perform and be adopted in practice.

Yuan Tian

University of California, Los Angeles

Abstract: Confidential Computing, or Trusted Execution Environment (TEE), represents a cutting-edge design in server-grade CPUs. This technology acts as a protective shield for cloud tasks, safeguarding the confidentiality and integrity of cloud workloads against a range of threats, including attacks from privileged software, physical attackers, and untrustworthy hypervisors. As the demand for secure private data handling continues to rise, the adoption of Confidential Computing has become widespread across various industries. Evidence of this includes the adoption of TEE in server-grade CPUs from major vendors like Intel, AMD, and ARM. Furthermore, leading cloud service providers, such as AWS, Google Cloud, Microsoft Azure, and IBM Cloud, now offer commercial Confidential Computing services. In this talk, I will outline my contributions to the study of complex, heterogeneous Confidential Computing systems. I will share my insights into real-world vulnerabilities as well as insights regarding future large-scale Confidential Computing systems.

Mengyuan Li

University of Southern California

Dr. Mengyuan Li is an Assistant Professor of Computer Science at the University of Southern California (with a courtesy appointment in the ECE department). His research vision is to contribute to the creation of a secure and trustworthy computing environment. In pursuit of this vision, his research interests include system security and privacy, hardware security, and micro-architectural security, GPU security, and AI security.

Abstract: Recent years have witnessed a global phenomenon in the real-world development, testing, and commercialization of physical AI systems such as autonomous cars, drones, and robots. Compared to traditional computer systems, such systems have unprecedented capabilities to sense and impact the physical world, making their security, safety, and trustworthiness of paramount importance to individuals, technology providers, and also policy-makers. Over the past six years, my group has been actively researching the security problem space of real-world Autonomous Driving (AD) systems and intelligent transportation systems in general, with a focus on the security of their autonomous AI stacks. Specifically, we performed the first security analysis and/or defense designs on a wide range of critical AI components in industry-grade AD systems such as 3D perception, sensor fusion, lane detection, localization, prediction, and planning; first to develop formal verification methods for cooperative AD protocols and traffic-rule conformation; first to characterize AD software bugs; and first to study security of USDOT’s V2X (Vehicle-to-Everything) based intelligent traffic light. In this talk, I will talk about our journey so far, with highlights of representative findings, insights, and takeaways.

Alfred Chen

University of California, Irvine

Alfred Chen is an Assistant Professor of Computer Science at the University of California, Irvine. His research interest broadly lies in the security and safety of computer technologies of high criticality to daily life and society. His current focus is on the security issues in emerging safety-critical autonomous cyber-physical systems such as autonomous cars, drones, and robots. He is the lead co-founder of the USENIX/ISOC Symposium on Vehicle Security and Privacy (VehicleSec), the first academic conference dedicated to vehicle security and privacy topic, and received several awards such as NSF CAREER Award, ProQuest Distinguished Dissertation Award, and UCI Chancellor’s Award for mentoring.

Abstract: This talk explores how both system design and theoretical insights can fundamentally influence the efficiency and practicality of Multi-Party Computation (MPC). By viewing MPC through these two lenses, we can better understand how algorithmic structures and system architectures jointly shape its scalability, performance, and usability in real-world applications.

Yongqin Wang

University of Southern California

Yongqin Wang is a PhD candidate in Electrical and Computer Engineering at the University of Southern California, advised by Prof. Murali Annavaram. His research focuses on building secure and efficient machine learning systems under the confidential computing paradigm. He has worked extensively on Multi-Party Computation, Oblivious RAM, and Trusted Execution Environments.

Description: 40-minute slot for a panel Q&A with our amazing speakers.