Somesh Jha
@someshjha.bsky.social
I am a professor in the computer sciences at UW-Madison. My technical interests in trustworthy ML, formal methods, and security.
My other interests are Indian classical music, mindfulness, tennis, and pickleball.
My other interests are Indian classical music, mindfulness, tennis, and pickleball.
Happy Diwali to all. May this coming year be full of joy and prosperity.
a man is speaking into a microphone and says happy diwali .
ALT: a man is speaking into a microphone and says happy diwali .
media.tenor.com
October 20, 2025 at 4:30 PM
Happy Diwali to all. May this coming year be full of joy and prosperity.
Thanks for inviting me @simonsinstitute.bsky.social
The audience interaction was incredible.
The audience interaction was incredible.
2/2 Somesh Jha (@someshjha.bsky.social) spoke of the need to view the safety of machine learning systems through the lens of security and cryptography at the Simons Institute's workshop on Theoretical Aspects of Trustworthy AI. Video (Part II): simons.berkeley.edu/talks/somesh...
August 4, 2025 at 4:28 PM
Thanks for inviting me @simonsinstitute.bsky.social
The audience interaction was incredible.
The audience interaction was incredible.
LLM-integrated applications and agents are vulnerable to prompt injection attacks, in which adversaries embed malicious instructions within seemingly benign user inputs to manipulate the LLM’s intended behavior.
July 21, 2025 at 3:25 AM
LLM-integrated applications and agents are vulnerable to prompt injection attacks, in which adversaries embed malicious instructions within seemingly benign user inputs to manipulate the LLM’s intended behavior.
Recently, we received a DARPA grant on the problem of LLM-assisted translation of C to Rust. The team consists of amazing set of PIs from UW, Berkeley, UIUC, and Edinburgh. Really excited about what we can do.
Full article can be found here: www.cs.wisc.edu/2025/07/15/t...
Full article can be found here: www.cs.wisc.edu/2025/07/15/t...
Translating Legacy Code for a Safer Future: DARPA Backs Effort to Convert C to Rust
The C programming language—powering everything from operating systems to aircraft control software—has long been a cornerstone of modern computing. But its flexibility comes at a cost: memory safety i...
www.cs.wisc.edu
July 16, 2025 at 12:57 PM
Recently, we received a DARPA grant on the problem of LLM-assisted translation of C to Rust. The team consists of amazing set of PIs from UW, Berkeley, UIUC, and Edinburgh. Really excited about what we can do.
Full article can be found here: www.cs.wisc.edu/2025/07/15/t...
Full article can be found here: www.cs.wisc.edu/2025/07/15/t...
I have interacted with @gautamkamath.com and highly recommend him for this position. Please vote for him.
ICML's election for their board of directors has begun. I've thrown my hat in the ring. Please consider voting for Gautam Kamath.
I have experience with the governance of TMLR, COLT, and ALT, and I think I've demonstrated myself as a consciencious and engaged community member.
I have experience with the governance of TMLR, COLT, and ALT, and I think I've demonstrated myself as a consciencious and engaged community member.
June 30, 2025 at 6:26 PM
I have interacted with @gautamkamath.com and highly recommend him for this position. Please vote for him.
This research took a while to complete, but very proud of the result. Will do a detailed post soon.
Secure Noise Sampling for Differentially Private Collaborative Learning (Olive Franzese, Congyu Fang, Radhika Garg, Somesh Jha, Nicolas Papernot, Xiao Wang, Adam Dziedzic) ia.cr/2025/1025
June 5, 2025 at 3:26 PM
This research took a while to complete, but very proud of the result. Will do a detailed post soon.
SAGAI 2025 program is now complete. What an amazing program! Don't miss it.
sites.google.com/corp/ucsd.ed...
sites.google.com/corp/ucsd.ed...
May 11, 2025 at 10:39 PM
SAGAI 2025 program is now complete. What an amazing program! Don't miss it.
sites.google.com/corp/ucsd.ed...
sites.google.com/corp/ucsd.ed...
Welcome Lucy.
I'm joining Wisconsin CS as an assistant professor in fall 2026!! There, I'll continue working on language models, computational social science, & responsible AI. 🌲🧀🚣🏻♀️ Apply to be my PhD student!
Before then, I'll postdoc for a year in the NLP group at another UW 🏔️ in the Pacific Northwest
Before then, I'll postdoc for a year in the NLP group at another UW 🏔️ in the Pacific Northwest
May 5, 2025 at 11:00 PM
Welcome Lucy.
SAGAI'25 will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We are experimenting with a new "Dagstuhl" like seminar with invited speakers and discussion. Really excited about this workshop at IEEE Security and Privacy Symposium.
SAGAI'25 @ IEEE S&P
Goal
The workshop will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We believe that this new category of important and critical system components req...
sites.google.com
March 31, 2025 at 7:32 PM
SAGAI'25 will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We are experimenting with a new "Dagstuhl" like seminar with invited speakers and discussion. Really excited about this workshop at IEEE Security and Privacy Symposium.
Interesting! Didn't know that sifr and sunya are connected.
A cipher (or cypher) is an algorithm for performing encryption or decryption - the foundation of all of cryptography research and practice.
Not widely appreciated is that the word cipher has its direct origin in the arabic word صفر (sifr) meaning zero.
Andصفر itself roots to sanskrit शून्य (śūnya)
Not widely appreciated is that the word cipher has its direct origin in the arabic word صفر (sifr) meaning zero.
Andصفر itself roots to sanskrit शून्य (śūnya)
March 31, 2025 at 12:18 AM
Interesting! Didn't know that sifr and sunya are connected.
Excellent place to work!
Want security in research? And research in security? Actually, why not have both? "In view of the current geopolitical landscape", #CISPA has opened a new round of faculty positions, including CySec, SE, ML, theory:
jobs.cispa.saarland/jobs/detail/...
jobs.cispa.saarland/jobs/detail/...
Tenure-Track Faculty in all areas related to Information Security and Artificial Intelligence (f/m/d) - extended call | CISPA | Jobs
jobs.cispa.saarland
March 20, 2025 at 4:29 PM
Excellent place to work!
Lorenzo graduated from my group and did some cool work on system and network security during his Ph.D. Congrats, Lorenzo!
Proud of you.
Proud of you.
An update: I have been approved for promotion to Associate Professor with tenure!
It takes a village to raise a faculty though, and I could have not achieved this without the help of many. So I am grateful for the journey so far, both to the University of Calgary and all those who supported me.
It takes a village to raise a faculty though, and I could have not achieved this without the help of many. So I am grateful for the journey so far, both to the University of Calgary and all those who supported me.
March 19, 2025 at 8:59 PM
Lorenzo graduated from my group and did some cool work on system and network security during his Ph.D. Congrats, Lorenzo!
Proud of you.
Proud of you.
Have you ever wondered: In federated learning, what if we could leverage clients' private data without compromising privacy—what more could we achieve?
🚀 We're excited to introduce SLVR (Securely Leveraging Client Validation for Robust Federated Learning).
Paper: arxiv.org/pdf/2502.08055
🚀 We're excited to introduce SLVR (Securely Leveraging Client Validation for Robust Federated Learning).
Paper: arxiv.org/pdf/2502.08055
arxiv.org
March 18, 2025 at 10:05 PM
Have you ever wondered: In federated learning, what if we could leverage clients' private data without compromising privacy—what more could we achieve?
🚀 We're excited to introduce SLVR (Securely Leveraging Client Validation for Robust Federated Learning).
Paper: arxiv.org/pdf/2502.08055
🚀 We're excited to introduce SLVR (Securely Leveraging Client Validation for Robust Federated Learning).
Paper: arxiv.org/pdf/2502.08055
Have you wondered about the following question?
Is it possible to design an image watermark that (a) preserves the robustness of deep watermarks and (b) meets a well-defined notion of unforgeability and public-detectability?
We address this question in arxiv.org/pdf/2502.04901
Is it possible to design an image watermark that (a) preserves the robustness of deep watermarks and (b) meets a well-defined notion of unforgeability and public-detectability?
We address this question in arxiv.org/pdf/2502.04901
arxiv.org
February 10, 2025 at 3:48 PM
Have you wondered about the following question?
Is it possible to design an image watermark that (a) preserves the robustness of deep watermarks and (b) meets a well-defined notion of unforgeability and public-detectability?
We address this question in arxiv.org/pdf/2502.04901
Is it possible to design an image watermark that (a) preserves the robustness of deep watermarks and (b) meets a well-defined notion of unforgeability and public-detectability?
We address this question in arxiv.org/pdf/2502.04901
👇 Thoughts?
What tech company will be the first to stand up and say that gutting the NSF is bad actually?
The economic argument seems pretty clear
Less NSF --> fewer PhD students --> fewer researchers --> smaller AI tech pipeline --> slower progress --> less competitive globally
The economic argument seems pretty clear
Less NSF --> fewer PhD students --> fewer researchers --> smaller AI tech pipeline --> slower progress --> less competitive globally
February 5, 2025 at 4:24 PM
👇 Thoughts?
If you want me to respond to your email, please don't start the email with "Dear Sheldon":-)
January 29, 2025 at 4:32 PM
If you want me to respond to your email, please don't start the email with "Dear Sheldon":-)
Amazing program at @satml.org 2025 in now online.
The list of accepted papers for @satml.org 2025 is now online:
📃 satml.org/accepted-pap...
If you’re intrigued by secure and trustworthy machine learning, join us April 9-11 in Copenhagen, Denmark 🇩🇰. Find more details here:
👉 satml.org/attend/
📃 satml.org/accepted-pap...
If you’re intrigued by secure and trustworthy machine learning, join us April 9-11 in Copenhagen, Denmark 🇩🇰. Find more details here:
👉 satml.org/attend/
Accepted Papers
satml.org
January 21, 2025 at 8:34 PM
Amazing program at @satml.org 2025 in now online.
Finally, after few attempts our paper will appear in
iacr communications of cryptology.
cic.iacr.org/p/1/4/31 Our paper presents the first provable watermarking scheme for large language models (LLMS) with public detectability or verifiability
iacr communications of cryptology.
cic.iacr.org/p/1/4/31 Our paper presents the first provable watermarking scheme for large language models (LLMS) with public detectability or verifiability
Publicly-Detectable Watermarking for Language Models
cic.iacr.org
January 16, 2025 at 8:54 PM
Finally, after few attempts our paper will appear in
iacr communications of cryptology.
cic.iacr.org/p/1/4/31 Our paper presents the first provable watermarking scheme for large language models (LLMS) with public detectability or verifiability
iacr communications of cryptology.
cic.iacr.org/p/1/4/31 Our paper presents the first provable watermarking scheme for large language models (LLMS) with public detectability or verifiability
I was saddened to learn about Prof. Bob Brayton's demise. Interesting anecdote. My advisor, Ed Clarke, had a grant with him (I think from SRC).
After the events, he wanted to go to a resturant but insisted in going where students eat and not something fancy.
After the events, he wanted to go to a resturant but insisted in going where students eat and not something fancy.
January 15, 2025 at 5:47 PM
I was saddened to learn about Prof. Bob Brayton's demise. Interesting anecdote. My advisor, Ed Clarke, had a grant with him (I think from SRC).
After the events, he wanted to go to a resturant but insisted in going where students eat and not something fancy.
After the events, he wanted to go to a resturant but insisted in going where students eat and not something fancy.
In-person PC meetings have become relics of the past. I remember them very fondly, and in my opinion in-person PC meetings led to better decisions.
Thoughts?
Thoughts?
Before PLDI 2021, in-person PC meetings were the norm. The steering committee decided to reconsider, 4 years hence, whether to revive them.
That bill has come due. We have survey results. blog.sigplan.org/2025/01/02/s...
That bill has come due. We have survey results. blog.sigplan.org/2025/01/02/s...
“Should PLDI return to in-person Program Committee meetings?” – Survey results
[Note: Since PLDI joined the PACM-PL journal, what was previously called Program Committee is now called Review Committee. In the following, we use the term Program Committee (PC) because it is a b…
blog.sigplan.org
January 4, 2025 at 9:15 PM
In-person PC meetings have become relics of the past. I remember them very fondly, and in my opinion in-person PC meetings led to better decisions.
Thoughts?
Thoughts?
Cool work!
Yet another attempt to provide language support for MPC. This time we extend LLVM to support oblivious compilation and MPC related optimizations. Turns out that many tools in LLVM can be reused to get competitive performance. Wish it was done 4 year ago with ZK extension :) @joshbaron.bsky.social
Smaug: Modular Augmentation of LLVM for MPC (Radhika Garg, Xiao Wang) ia.cr/2025/004
January 2, 2025 at 12:12 AM
Cool work!