Halderman’s been trying to make a difference as director of the Center for Computer Security and Society, whose mission is to foster deeper and more frequent interactions among Michigan faculty — not only within his department and at the College but across the entire University — who are tackling the “grandest problems in security,” where technology converges with social science, politics, public policy and law.

“We’re certainly a leading place to do security work now,” Halderman says, extending his lean frame along the length of the couch in his office. The place is packed with artifacts emblematic of security — or, more to the point, a false sense of it (a reproduction of an ICBM launch key; a device designed to steal electronic votes; a photo of a security official with a finger in his nose).

“We have momentum, and the room to grow. I want to be the national — even international — leaders.”

But it’s Michigan’s “spirit of wanting to address global problems, and wanting to do that in a practical way,” that moves him most.

“We’re going to be leaders not by playing the academic game but by doing the work that matters,” he says.

“Not just academic armchair solutions. We want to get out in the world and see how things work — and use that understanding to improve things. Close the loop.”

That same year, an Indian security researcher, essentially acting as an unprotected whistleblower, put one of his country’s electronic voting machines into the hands of Halderman and a Dutch colleague. These machines had become a source of national pride, a symbol of India’s modernity, and the government was resisting critics and keeping security inspections private. But the whistleblower knew better. Halderman and his collaborators readily exposed numerous vulnerabilities and made their findings public.

Halderman’s Indian colleague was later held and questioned by police about his complicity. When allowed a phone call, he contacted Halderman, who possessed both the presence of mind and the steely defiance to record the conversation and disclose its contents on Freedom to Tinker, a blog he had co-founded with Felten several years earlier.

Halderman’s faith in truth was vindicated. Public opinion, fully informed, turned against a government suppressing scientific inquiry, and the judge in the Indian researcher’s bail hearing not only set him free but hailed his patriotism.

But when Halderman returned to India several months later to lead an election security conference tutorial, his visa triggered a warning to deny him entry and return him to his point of origin. This time Halderman made a call. His insider-friends said they’d try to contact helpful authorities — and in the meantime Halderman should do whatever he could to delay being placed on the next plane back to the States.

“As a frequent traveler, there are things you learn to make the experience more efficient,” Halderman says. “I just did opposite.”

Halderman’s delaying tactics included claiming several times to have lost his passport; forgetting to remove liquids from his bag before passing them through the scanner; and, when asked whether anyone had given him anything while packing, Halderman answered, “Why yes, someone did — and come to think of it he may have been Pakistani, and I think it was ticking!”

Halderman laughs at the memory of officials ripping apart his bag only to be informed, once they had repacked it, of a secret compartment — and the process was repeated.

“At the end I was literally sitting on the floor as these two people were pulling me by the arms toward the plane,” Halderman says. “And at the last possible minute these immigration people appear out of nowhere and say we’ve just gotten a phone call from someone at the ministry: ‘You can stay the night; we’ll decide what to do with you in the morning.’”

In the morning, a political compromise was struck. Halderman was allowed entry to attend the conference, but he would not be permitted to give his talk concerning India’s vulnerable voting system.

The airport ordeal — which was reported in a local Indian newspaper and in the Ann Arbor News — may have been “a little scary” when it happened, Halderman allows, but he dismisses the notion that his resistance took courage.

“They had their job, and I had mine,” he says.

And living through it unscathed made him more aware of the impact his work could have. Despite initial resistance, Indian law now requires that a paper trail confirm electronic voting results.

“I think people are very easily scared,” Halderman says quietly. “Maybe more easily than they should be.”

Over the next several days Halderman largely tried to go about his business as usual (notwithstanding various on-campus demonstrations and FBI and other investigations into the identity of the perpetrator). He sought to use the incident as a teachable moment for students in his computer security classes by lecturing about the importance of both identifying a troll and not responding emotionally, because that’s precisely what the attacker seeks.

Still, Halderman’s characteristic calm was momentarily punctured as he expressed concern for his students — and when he paused to consider the craven use of his persona to manipulate, and to invoke hate and fear. For Halderman — whose more expansive notion of “digital democracy” contemplates how computer technology impacts access to information and thereby affects public opinion — this was an especially disquieting incident.

“Technical-social trends” such as “cyber warfare, governmental use of computer security problems in times of war, large-scale threats to privacy” are dreadful and worrisome, Halderman says. But not so much that they keep him up at night.

Bernhard describes Halderman’s attitude: “The world’s on fire all the time, so you may as well have fun while you go through it.”

This makes Halderman laugh out loud. “But I don’t believe ultimately that the world is going down in flames,” he says. “And the only reason I don’t believe it is that there are a lot of people working very hard, including us, to make sure it doesn’t.”

Durumeric used existing tools in ways that eventually led to the creation of a new one called ZMap, enabling researchers to map the entire public Internet Protocol space in just hours.

The few prior attempts to accomplish anything similar were all extremely expensive and time consuming — epic undertakings featuring clusters of computers and experienced researchers who nonetheless completed just a portion of the intended task. ZMap reduced the cost and time by orders of magnitude, which Halderman credits in part to having built it with this specific application in mind, rather than repurposing something never meant to traverse the entire Internet. And it takes a “shotgun” rather than a “sequential” approach.

“We ask questions as fast as the network will go and let the responses come back whenever they do,” Halderman says. “But that’s okay; we’ll get that information later.”

Halderman likens ZMap to a weather satellite for Internet security, continuously gathering vast amounts of data. That information has transformed a largely anecdotal method of discovering and repairing Internet security problems into an empirical science so that problems can be more efficiently identified and solved.

Before ZMap, an attack on a widely-used form of cryptography might not have been fixed until it could be determined what else might break in the process. Now that knowledge — including how many major sites are implicated and how many users are vulnerable or compromised — is immediately available. And new attacks occur every day.

“We can watch as a botnet grows and changes,” Halderman says. “That ability to create the historical record is a large part of the value.”

But by 2015, Halderman and a sizable group of collaborators — including several Michigan students and a number of colleagues from a handful of other institutions — published the revelatory “Logjam paper,” based in part on the Snowden disclosures, that answered the question everyone had been asking: How did the NSA break so much encryption that cryptographers had believed was virtually unbreakable?

The key to the paper, which Halderman calls “one of the most satisfying things I’ve ever done,” involves the Diffie-Hellman key exchange, which, ironically, was the algorithm widely advocated as a defense against mass surveillance. As Halderman explains in the Freedom to Tinker blog Diffie-Hellman users must first agree on “a large prime number with particular form.” But standardized primes had become commonplace, which left Diffie-Hellman vulnerable to being “cracked” with just one enormous calculation.

Halderman concedes he “can’t prove for certain” that this is what the NSA does. But that “enormous” calculation, conservatively estimated, would cost an equally enormous amount to complete. And among the Snowden trove are budget documents that make it clear that such an NSA investment is both affordable and likely. Halderman says he’s “been told” that NSA officials are not exactly pleased with his work.

It’s now well known that the NSA seeks to be able to intercept anything at any time. What it intercepts and investigates should depend on what it believes is in the nation’s interest at any given time. But how many others are capable of doing the same — and what are our protections, Halderman asks, “against a U.S. administration with a lenient view of its constitutional obligations?”

Since the paper’s publication, all web browsers have raised their minimum security standards, and the next version of TLS — the cryptographic protocol that underlies HTTPS — will be significantly stronger as well.

And now the Department of State has awarded a multi-million dollar grant for Halderman’s most ambitious undertaking yet. Michigan is leading a major multi-institutional project — including Halderman’s former PhD student at the University of Colorado, colleagues at the University of Illinois and researchers at the development giant BBN Raytheon — to thwart attempts to censor access to online content.

This concept of censorship resistance, using a method called decoy routing, “is a radical idea that we’re trying to make real,” Halderman says.

It first came to Halderman in 2011, but even after several years and more than one iteration — including a prototype that has provided basic service to more than 100,000 clients — “I’m still amazed that it works,” Halderman says.

That’s because the basis of decoy routing contradicts the core “end-to-end” principle of how the Internet is supposed to work. This principle holds that nearly all of the Internet’s intelligence and complexities are at the edges of the network, where users reside. The network itself merely shuffles packets from here to there, without even knowing what’s in them. This “dumb” network might not even see all the packets and has very little time to do much with them, anyway.

Efforts to dodge government censors have involved the use of Tor anonymity software and Virtual Private Networks, but this “whack a mole” method on the edges has become increasingly ineffective. Instead, Halderman says, “We’re trying to do these very complicated things in the middle of the network, in real time, as the data is going by.”

Decoy routing, in essence, would attach “decoy” routers to servers in various strategic junctions of the Internet backbone. To visit a banned site within a censor’s network, a user would install encryption software to establish a decoy connection with a non-banned site outside the censor’s network. This request would look allowable to the oppressive regime, but on its way to the censor-allowed site it would pass through one or more friendly ISPs, which would divert the connection, bypassing the censor and connecting it to the banned site.

Network hardware and processors are just getting fast enough to do this at large scale, and that’s the current state of the project: Bringing the current iteration of the decoy routing concept, called TapDance, to scale.

“As you start to learn more and more about technology you fall into a certain way of thinking about it,” Halderman explains, pacing his office before crawling up on a windowsill and looking out.

“You might call it conventional wisdom, but I think more precisely it’s the structure of abstraction that we use to make complicated technology amenable to thought,” he adds, hopping down and prowling around like a restless cat.

Halderman is putting that inside-out thinking to the test as he and his team attempt to build decoy routing and establish incentives for Internet Service Providers, compensating for risks they could incur by agreeing to place decoys along the backbone.

The team is aware of proposed and potential countermeasures, which it’s already taking into account. But either way decoy routing is a fundamental advance that will put those fighting censorship in a much more advantageous position than before.

“And this must be done,” Halderman says, because “it’s not certain in the longer term if the Internet will be dominated by the distribution of information, or by the control of it.”

Over the years, Halderman says he’s learned not to be so afraid of people telling him he’s crazy — or of being criticized. And to be careful about speaking with confidence about things he doesn’t know for sure.

“I like being right when I’m saying things in public. Your risk is reasonably controlled if you’re correct,” he says.

And he holds out hope.

“Security as a whole is getting stronger, especially over the last 10 and five years.” But those attacking us tend to be more powerful: Governments and large-scale organized crime rather than individual — and relatively innocent — vandals.

“It’s not just about protecting our social security numbers, or even about our physical security. It’s about the future of democracy. It’s about the international balance of power. It’s about liberty and privacy. It’s about national security. And it’s about the future shape of the world.”

“Those are the big questions,” Halderman says. And that’s where his focus will remain.