I am an applied researcher and developer in the Security and Cryptography team. My role, much like my group, spans the space between pure research and pure development, giving my job aspects of both. In my group, we work on new and novel security methods in operating systems, virtualization architectures, and cloud computing platforms.
I am currently working on post-quantum cryptography, as is much of my team, and you can learn about all of our work here. We shipped a modified version of OpenVPN software and added post-quantum cryptography to it as a way for people to start playing with it now, and that continues to be updated as the algorithms evolve through the standardization process.
Back in the world of conventional security and cryptography, I’m also working on a project to establish provenance of digital media, primarily video, to address the problem of authenticity in a world where deepfakes are becoming increasingly common, and where media is shared and re-shared through a variety of outlets, and rarely consumed from the original producer’s online presence. This is being pursued through Project Origin, which is a collaboration between the BBC, the CBC, the New York Times, and Microsoft. See the project’s home page for a demonstration video and technical documentation.
I previously worked on automatically, formally verified implementations of these algorithms using the F* language as part of Project Everest, and in particular, the HACL* library of verified cryptographic primitives.
In parallel, I am joining a project to examine trust failures in the Public Key Infrastructure (PKI) from a variety of perspectives, not only technical ones. More on this as well as it evolves.
Before this, my activities primarily focused on the Internet of Things. In particular, I worked on security models and automated security and credential management for IoT, primarily in the consumer space. My activities focus on two industry-wide collaborative efforts: the AllSeen Alliance and its protocol stack AllJoyn, and the Open Connectivity Foundation and its implementation IoTivity.
I’ve previously worked in distributed systems/network security, protocol design, and mobile device security, especially the use of mobile devices as credentials and authenticators, when mobile devices have hardened hardware security processors like TPMs. I’ve also spent a lot of time doing code for and consulting on X.509 certificates and the Public Key Infrastructure.
I completed my B.S. with Honors at the University of Maryland, and my M.S. and Ph.D. at the University of Texas at Austin. My thesis focused on theoretical and experimental methods of access control in distributed systems.