I am the security and Token Services lead in the Payments team, working on all security aspects of payments security, secure web services for finance, PCI and a variety of other financial standards, and 5×5 tokens. While I maintain my ties to security and cryptography research, cyber currencies, block chains, web payments, secure device and scalable web services for payments (Azure and other environments), high-assurance systems for finance, security monitoring and detection, blurred hardware/firmware/software security architectures, operating systems and network security, and machine learning techniques for security are within my view.
I completed my B.S. (summa cum laude) and M.Sc. (cum laude) at the Istanbul Technical University in 1992 and 1994, and my Ph.D. at the Oregon State University in December of 1998, respectively. I designed and implemented a multi-tasking operating system on Intel 386 systems entirely in assembly language in 1992. Halfway through my B.S. thesis, I heard of an open-source project going on somewhere in Finland and swiftly ignored it after discovering that my system was well ahead of what was to become Linux. In my master’s thesis, I created new image compression, edge detection, and surface reconstruction algorithms based on non-convex optimization techniques, and implemented them on Sun IPX systems. I had also setup the computer science department’s first working network with CAT5 cables running across hallways intermingled with the coaxial bus cables and various other antiquity, while TAing for various undergrad Computer Engineering and Science classes.
While I had started my PhD on parallel computing algorithms, I changed my area to cryptography in the first semester while working on a project for RSA DSI. My PhD thesis focused on high-speed software and hardware architectures for number-theoretical cryptographic algorithms. Most of my graduate work was sponsored by grants from Intel, RSA DSI, and US Navy Research Labs across several projects. These projects include high-performance core cryptographic and math libraries on Intel Pentium and MMX, Sparc V8/V9, and TMS320C16 architectures. I was proud to have the fastest and meanest modular exponentiation implementation. I proposed several new SIMD instructions to speed up cryptographic algorithms in integer rings and characteristic 2 fields. Some of them appeared in later MMX versions now known as Intel SSE.
I worked at Novell from 1997 through 2003 on various aspects of cryptography and authentication, directory services security, directory services key management, TLS, and joined Microsoft in January of 2004 as a developer in Windows Security. At Microsoft, I worked as a Developer, Developer Lead, and Program Manager in Windows Core Security and Online Services groups. I moved to CSRO Incubations to start the Cryptography Incubation group within Security Incubations, which was later rolled into Microsoft Research and eXtreme Computing Group in 2009.
In 2012, I moved to Software and Services Group (SSG) in Intel Corporation as a Security Architect, and worked on Intel’s Cloud Services Platform as the lead security architect, and also worked with SGX. I returned to my previous group at Microsoft Research in 2013 in Microsoft Research NeXT/Technologies, and worked on TLS, payment systems security, IoT/AllSeen security, ECC, post-quantum cryptography, and cloud security before I joined the Payments group.
I was an affiliate faculty at University of Washington Computer Science & Engineering department, and taught Cryptography in Fall 2016.