My research interests focus on practical and applied cryptography, namely the design and analysis of real world cryptographic systems. I aim to make it easier to design and securely deploy new and complex cryptographic systems while preventing insecurities from occurring in such systems. While this currently involves a large amount of manual work, my goal is to instrument many of these processes through the use of cryptographic automation, including automating the discovery of cryptographic vulnerabilities and building tools to aid in the deployment of complex cryptography.
I run the BARC (Boilermakers' Applied Research in Cryptography) Lab at Purdue. I am fortunate to be able to work with many great students on this research!
See my CV for more information.
I am currently looking for Ph.D. students and other talented, highly motivated students to join my research group.
If you are a prospective Ph.D. student, please make sure to apply and put my name on the application! If you are already at Purdue and are interested in working with me, please send me an email and fill out this form so that I can get to know you!
I am excited to announce that I will be the General Chair of Financial Crypto 2024. Please consider submitting (and attending) when the time comes!
Our work presenting a global view of nation-state Internet censorship, illuminating current and emerging online censorship trends, and providing a holistic view of changes in trends over the past two decades has been accepted to FOCI'23! Check it out at A Worldwide View of Nation-state Internet Censorship. Congraluations to Alex Master who was an integral part of this work!
I am excited to be part of the organizing committee for GREPSEC, a workshop for early-stage graduate students in computer security and privacy. Please check it out and consider attending!
Our work and paper on surveying and categorizing various SGX attacks and the information they leak, as well as exploring the effectiveness of SGX's update mechanism in preventing attacks on real world systems, is now live! As part of this, we have also demonstrated how to exfiltrate secrets from deployed systems using SGX, including the Secret Network and PowerDVD. Check us out at sgx.fail. Congraluations to Alex Seto who was an integral part of this work!
Our paper on building zk-creds, a toolkit for privacy-preserving authentication protocols and anonymous credentials using general purpose zero-knowledge proofs without trusted issuers, has been accepted to the Oakland. Congratulations to Jacob White!
Our paper on strengthening the security of operational technology via better understanding of bill of materials has been accepted to the Journal of Critical Infrastructure Policy. Congratulations to Arushi Arora!
Our poster on improving the security and performance of Tor's onion services has won a Best Poster Presentation Award at NDSS 2022. Congratulations to Arushi Arora on great work and a great presentation!
We have recently released a paper on zk-creds, a flexible, issuer-agnostic anonymous credential toolkit for complex identity statements, along with the associated code. Please checkout the paper and our code. Congratulations to Jacob White!
I am excited to be invited to be part of the organizing committee as a Vice Chair for USENIX Security 2023. Please consider submitting!
Our paper introducing Bento and programmable anonymity networks has been accepted to ACM SIGCOMM 2021. Congratulations to Arushi Arora and the Bento team!
I am excited to be delivering a keynote at ACM SACMAT in June!
I am honored to receive a CAREER Award from NSF for my proposal on "Removing the Human Element: Securing Deployed Cryptographic Systems through the use of Cryptographic Automation".
My research interests focus on practical and applied cryptography, namely the design and analysis of real world cryptographic systems. I aim to make it easier to design and securely deploy new and complex cryptographic systems while preventing insecurities from occurring in such systems.Papers
I am always looking for highly motivated PhD, Masters, and undergraduate students to join my group! If you're interested in applied cryptography research, please drop me an email and fill out this interest form so that I can get to know you.
In Fall 2022 I am teaching CS 526, Information Security. If you are interested in working with me and in gaining a broad introduction to security and privacy topics, I encourage you to take this course!