About

Stanislaw Jarecki is a professor in the Department of Computer Science at UC Irvine's Donald Bren School of Information & Computer Sciences. He joined UCI as an assistant professor in July 2003. He earned his Ph.D. in Computer Science from the Massachusetts Institute of Technology in 2001, where he studied cryptography under the guidance of Prof. Shafi Goldwasser. Prior to his appointment at UCI, Jarecki worked at Intertrust's StarLab, a research lab developing Digital Rights Management systems, and spent a year as a postdoctoral researcher at Stanford University in the applied cryptography group led by Prof. Dan Boneh. His primary research interest is in applied and distributed cryptography. He has made significant contributions to the fields of threshold and proactive security, as well as digital privacy. His work addresses the vulnerabilities of massively distributed systems of networked computers, focusing on enhancing security and privacy in the context of the current Internet infrastructure.

Research topics

• Computer Security
• Computer Science
• Theoretical computer science

Selected publications

• Two-Factor Authentication Can Harden Servers Against Offline Password Search

  Lecture notes in computer science · 2026-01-01

  book-chapter
  PublisherDOI

• Building and Testing a Hidden-Password Online Password Manager

  IEEE Transactions on Information Forensics and Security · 2025-01-01 · 1 citations

  article

  The most commonly adopted password management technique is to store web account passwords on a password manager and lock them using a master password. However, current online password managers do not hide the account passwords or the master password from the password manager itself, which highlights their real-world vulnerability and lack of user confidence in the face of malicious insiders and outsiders that compromise the password management service especially given its online nature. We attempt to address this crucial vulnerability in the design of online password managers by proposing a cloud-based password manager that does not learn or store master passwords and account passwords. We introduce the protocol design and report on a full implementation of the system. Our implementation provides several security features, including enforcement of a unique and secure password per each service, robustness to online password guessing attacks against the password manager and the web service, robustness to password dictionary attacks upon compromise of the password manager and the web service, and security against phishing attacks. Furthermore, to assess users’ perceptions of the security and usability of our password manager, we conducted a lab-based study. The findings from the study suggest that our system is close to being practical for everyday use and is viewed by users as both usable and more secure/trustworthy.

  PublisherDOI

• Security Without Trusted Third Parties: VRF-Based Authentication with Short Authenticated Strings

  Lecture notes in computer science · 2025-12-07

  book-chapter
  PublisherDOI

• Adaptively Secure Threshold Blind BLS Signatures and Threshold Oblivious PRF

  Lecture notes in computer science · 2025-12-06

  book-chapterOpen access1st authorCorresponding
  PublisherOA PDFDOI

• Échange de clé authentifié par mot de passe : protocoles et modèles de sécurité

  2024-01-01

  book-chapter1st authorCorresponding

  Afin d’authentifier son interlocuteur lors d’un échange de clé, plusieurs méthodes sont possibles, de la clé symétrique long-terme à la clé publique. Mais la plus pratique est l’utilisation d’un mot de passe commun. Néanmoins, la sécurité devient délicate à définir et à garantir. Ce chapitre présente tout cela en détails.

  PublisherDOI

• Special Issue on 13th International Conference on Security and Cryptography for Networks (SCN 2022)

  Information and Computation · 2024-01-01

  articleSenior author
  PublisherDOI

• Threshold PAKE with Security Against Compromise of All Servers

  Lecture notes in computer science · 2024-12-08 · 12 citations

  book-chapter
  PublisherDOI

• $$\mathcal {P}\textsf{IVA}$$: Privacy-Preserving Identity Verification Methods for Accountless Users via Private List Intersection and Variants

  Lecture notes in computer science · 2024-01-01

  book-chapter
  PublisherDOI

• C’est Très CHIC: A Compact Password-Authenticated Key Exchange from Lattice-Based KEM

  Lecture notes in computer science · 2024-12-08 · 5 citations

  book-chapterOpen access
  PublisherOA PDFDOI

• Password-Protected Threshold Signatures

  Lecture notes in computer science · 2024-12-11 · 3 citations

  book-chapter
  PublisherDOI

Recent grants

• Privacy-Protecting Mechanisms for Data Escrow and Transaction Monitoring

  NSF · $320k · 2004–2008

• SaTC: CORE: Small: Secure Computation on Large Data

  NSF · $500k · 2018–2021

• CAREER: Secure Multi-Party Protocols

  NSF · $450k · 2008–2014

• CICI: Secure Data Architecture: Improving the Security and Usability of Two-Factor Authentication for Cyberinfrastructure

  NSF · $250k · 2016–2018

• Collaborative Research: SaTC: TTP: Medium: Intrusion-Tolerant Outsourced Storage for Cyber-Infrastructure

  NSF · $315k · 2020–2024

Frequent coauthors

• Hugo Krawczyk

  40 shared

• Nitesh Saxena

  Texas A&M University

  18 shared

• Gene Tsudik

  18 shared

• Jiayu Xu

  14 shared

• Jihye Kim

  Kookmin University

  11 shared

• Maliheh Shirvanian

  Netflix (United States)

  9 shared

• Vitaly Shmatikov

  9 shared

• Michael Steiner

  8 shared

Awards & honors

• Fellow of the International Association for Cryptologic Rese…