Portrait of Brian LaMacchia

Brian LaMacchia

Director of Security and Cryptography


I am the Director of the Security & Cryptography team in the Microsoft Research eXtreme Computing Group (XCG) in Redmond, WA.  Previous positions I have held at Microsoft include Software Architect (Office of the CRSO), Development Lead (.NET Framework Security), and Program Manager for Core Cryptography (Windows 2000).

Before joining Microsoft, I was a member of the (now-defunct) Public Policy Research Department at AT&T Laboratories–Research in Florham Park, NJ. Before that, I was a graduate student in the Project on Mathematics and Computation at the MIT AI Lab.  My research interests include cryptography, automated resource discovery, and the interactions between various legal regimes and the network.  I am also an Affiliate Faculty member of the Department of Computer Science and Engineering at the University of Washington.



Established: August 26, 2015

FourQlib is an efficient and portable math library that provides functions for computing essential elliptic curve operations on a new, high-performance curve called "FourQ". This curve targets the 128-bit security level and supports computations that are significantly faster than any other alternative; e.g., it is between four and five times faster than the NIST P-256 curve and between two and three times faster than Curve25519. The library is available for download at the link below.…

MSR Elliptic Curve Cryptography Library

Established: June 27, 2014

MSR ECCLib is an efficient cryptography library that provides functions for computing essential elliptic curve operations on a new set of high-security curves.  All computations on secret data exhibit regular, constant-time execution, providing protection against timing and cache attacks.  The library is available for download below. Library Features MSR ECCLib supports six high-security elliptic curves proposed in [2], which cover three security levels (128-, 192-, and 256-bit security) and two curve models. The curves have a…

MSR JavaScript Cryptography Library

Established: June 17, 2014

JavaScript cryptographic algorithm implementations suitable for use in all cloud services The MSR JavaScript Cryptography Library has been developed for use with cloud services in an HTML5 compliant and forward-looking manner. The algorithms are exposed via the W3C WebCrypto interface, and are tested against the Internet Explorer 11 implementation of that interface. The library currently supports RSA encrypt/decrypt (PKCS#1 v1.5, OAEP, and PSS), AES-CBC and GCM encrypt/decrypt, SHA-256/384/512, HMAC with supported hash functions, PRNG (AES-CTR based)…