I am the security lead in the Universal Store Payments team, working on all security aspects of payments security, secure web services for finance, PCI and a variety of other financial standards. While I maintain my ties to security and cryptography research, cyber currencies, block chains, web payments, secure device and scalable web services for payments (Azure and other environments), high-assurance systems for finance, security monitoring and detection, blurred hardware/firmware/software security architectures, and machine learning techniques for security are within my view.
I completed my B.S. (summa cum laude) and M.Sc. (cum laude) at the Istanbul Technical University in 1992 and 1994, and my Ph.D. at the Oregon State University in December of 1998, respectively. I designed and implemented a multi-tasking operating system on Intel 386 systems entirely in assembly language. Halfway through my B.S. thesis, I had heard of an open-source project going on somewhere in Finland and swiftly ignored it after discovering that my system was well ahead of what was to become Linux. In my master’s thesis, I created new image compression, edge detection, and surface reconstruction algorithms based on non-convex optimization techniques. I had also setup the computer science department’s first working network with CAT5 cables running across hallways intermingled with the coaxial bus cables and various other antiquity.
My PhD thesis focused on high-speed software and hardware architectures for number-theoretical cryptographic algorithms. Most of my graduate work was sponsored by grants from Intel, RSA DSI, and US Navy Research Labs across several projects. These projects include high-performance core cryptographic and math libraries on Intel Pentium and MMX, Sparc V8/V9, and TMS320C16 architectures. I was proud to have the fastest and meanest modular exponentiation implementation. I proposed several new SIMD instructions to speed up cryptographic algorithms in integer rings and characteristic 2 fields. Some of them appeared in later MMX versions now known as SSE.
I worked at Novell from 1997 through 2003 on various aspects of cryptography and authentication, and joined Microsoft in January of 2004 as a developer in Windows Security. At Microsoft, I worked as a Developer, Developer Lead, and Program Manager in Windows Core Security and Online Services groups. I moved to CSRO Incubations to start the Cryptography Incubation group within Security Incubations, which was later rolled into Microsoft Research and eXtreme Computing Group in 2009. In 2012, I moved to Software and Services Group (SSG) in Intel Corporation as a Security Architect, and worked on Intel’s Cloud Services Platform as the lead security architect, and also worked with SGX. I returned to my previous group at Microsoft Research in 2013 now part of Microsoft Research NeXT/Technologies, and worked on TLS, payment systems security, IoT/AllSeen, ECC, post-quantum cryptography, and cloud security before I joined the Payments group. I was an affiliate faculty at University of Washington Computer Science & Engineering department, and taught Cryptography in Fall 2016.