Ian Goldberg

Research Interests

Privacy-enhancing technologies, computer security, and cryptography, focusing on useful systems for protecting the privacy and security of Internet-based transactions.

Education

• Ph.D. (Computer Science), University of California, Berkeley, 2000.
  • "A Pseudonymous Communications Infrastructure for the Internet"
• M.Sc. (Computer Science), University of California, Berkeley, 1998.
  • "ipse and the Power of Intrusion Detection Systems"
• B.Math. (Pure Mathematics and Computer Science), University of Waterloo, 1995.
  • Graduated with distinction — Dean's honour list

Professional Experience

• July 2011 – present

  Associate Professor, David R. Cheriton School of Computer Science, University of Waterloo

• August 2006 – June 2011

  Assistant Professor, David R. Cheriton School of Computer Science, University of Waterloo

• June 1999 – July 2006

  Chief Scientist, Radialpoint (formerly called Zero-Knowledge Systems, Inc.)

  Responsible for research, design, and prototype implementation of privacy-enhancing technologies in a commercial setting.

Peer-reviewed Journal Publications

• Ian Goldberg, Douglas Stebila, Berkant Ustaoglu. "Anonymity and one-way authentication in key exchange protocols". Designs, Codes and Cryptography. 26 pages. To appear; accepted December 2011.
  Extended version available as CACR Tech Report 2011-11.
• Aniket Kate, Ian Goldberg. "Generalizing Cryptosystems Based on the Subset Sum Problem". International Journal of Information Security. Vol. 10, No. 3. pp. 189–199. June 2011.
• Ian Goldberg, Atefeh Mashatan, Douglas Stinson. "On Message Recognition Protocols: Recoverability and Explicit Confirmation". International Journal of Applied Cryptography. Vol. 2, No. 2. pp. 100–120. December 2010.
• Aniket Kate, Gregory Zaverucha, Ian Goldberg. "Pairing-Based Onion Routing with Improved Forward Secrecy". ACM Transactions on Information and System Security. Vol. 13, No. 4. pp. 29:1–29:32. December 2010.
• Ian Goldberg, David Wagner. "TAZ Servers and the Rewebber Network: Enabling Anonymous Publishing on the World Wide Web". First Monday electronic journal. Vol. 3, No. 4. 20 pages. April 1998.

Peer-reviewed Conference and Workshop Publications

• Tao Wang, Kevin Bauer, Clara Forero, Ian Goldberg. "Congestion-aware Path Selection for Tor". 16th International Conference on Financial Cryptography and Data Security. 15 pages. February 2012. (Acceptance rate: 26%, 23/88)
  Extended version available as CACR Tech Report 2011-20.
• Sarah Pidcock, Rob Smits, Urs Hengartner, Ian Goldberg. "NotiSense: An Urban Sensing Notification System To Improve Bystander Privacy". PhoneSense 2011. 5 pages. November 2011. (Acceptance rate: 56%, 10/18)
• Rob Smits, Divam Jain, Sarah Pidcock, Ian Goldberg, Urs Hengartner. "BridgeSPA: Improving Tor Bridges with Single Packet Authorization". 2011 Workshop on Privacy in the Electronic Society. 9 pages. October 2011. (Acceptance rate: 16%, 12/73)
• Jeremy Day, Yizhou Huang, Edward Knapp, Ian Goldberg. "SPEcTRe: Spot-checked Private Ecash Tolling at Roadside". 2011 Workshop on Privacy in the Electronic Society. 9 pages. October 2011. (Acceptance rate: 16%, 12/73)
• Ryan Henry, Femi Olumofin, Ian Goldberg. "Practical PIR for Electronic Commerce". 18th ACM Conference on Computer and Communications Security. 12 pages. October 2011. (Acceptance rate: 14%, 60/429)
  Extended version available as CACR Tech Report 2011-04.
• Prateek Mittal, Femi Olumofin, Carmela Troncoso, Nikita Borisov, Ian Goldberg. "PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval". 20th USENIX Security Symposium. pp. 475–490. August 2011. (Acceptance rate: 17%, 35/204)
  Extended version available as CACR Tech Report 2011-05.
• Eric Wustrow, Scott Wolchok, Ian Goldberg, J. Alex Halderman. "Telex: Anticensorship in the Network Infrastructure". 20th USENIX Security Symposium. pp. 459–474. August 2011. (Acceptance rate: 17%, 35/204)
• Mashael AlSabah, Kevin Bauer, Ian Goldberg, Dirk Grunwald, Damon McCoy, Stefan Savage, Geoffrey Voelker. "DefenestraTor: Throwing out Windows in Tor". 11th Privacy Enhancing Technologies Symposium. pp. 134–154. July 2011. (Acceptance rate: 25%, 15/61)
• Ryan Henry, Ian Goldberg. "Formalizing Anonymous Blacklisting Systems". 32nd IEEE Symposium on Security and Privacy. pp. 81–95. May 2011. (Acceptance rate: 11%, 34/306)
  Extended version available as CACR Tech Report 2010-24.
• Ryan Henry, Ian Goldberg. "Extending Nymble-like Systems". 32nd IEEE Symposium on Security and Privacy. pp. 523–537. May 2011. (Acceptance rate: 11%, 34/306)
• Femi Olumofin, Ian Goldberg. "Revisiting the Computational Practicality of Private Information Retrieval". 15th International Conference on Financial Cryptography and Data Security. 15 pages. February 2011. (Acceptance rate: 20%, 15/74)
  Extended version available as CACR Tech Report 2010-17.
• Aniket Kate, Gregory Zaverucha, Ian Goldberg. "Constant-Size Commitments to Polynomials and Their Applications". 16th Annual International Conference on the Theory and Application of Cryptology and Information Security (Asiacrypt 2010). pp. 177–194. December 2010. (Acceptance rate: 16%, 35/216)
  Extended version available as CACR Tech Report 2010-10.
• Can Tang, Ian Goldberg. "An Improved Algorithm for Tor Circuit Scheduling". 17th ACM Conference on Computer and Communications Security. pp. 329–339. October 2010. (Acceptance rate: 17%, 55/320)
• Aniket Kate, Ian Goldberg. "Distributed Private-Key Generators for Identity-Based Cryptography". 7th Conference on Security and Cryptography for Networks. pp. 436–453. September 2010. (Acceptance rate: 29%, 27/94)
  Extended version available as ePrint Tech Report 2009/355.
• Ryan Henry, Kevin Henry, Ian Goldberg. "Making a Nymbler Nymble using VERBS". 10th Privacy Enhancing Technologies Symposium. pp. 111–129. July 2010. (Acceptance rate: 28%, 16/57)
  Extended version available as CACR Tech Report 2010-05.
• Femi Olumofin, Ian Goldberg. "Privacy-preserving Queries over Relational Databases". 10th Privacy Enhancing Technologies Symposium. pp. 75–92. July 2010. (Acceptance rate: 28%, 16/57)
  Extended version available as CACR Tech Report 2009-37.
• Femi Olumofin, Piotr K. Tysowski, Ian Goldberg, Urs Hengartner. "Achieving Efficient Query Privacy for Location Based Services". 10th Privacy Enhancing Technologies Symposium. pp. 93–110. July 2010. (Acceptance rate: 28%, 16/57)
  Extended version available as CACR Tech Report 2009-22.
• Maxwell Young, Aniket Kate, Ian Goldberg, Martin Karsten. "Practical Robust Communication in DHTs Tolerating a Byzantine Adversary". 30th International Conference on Distributed Computing Systems. pp. 263–272. June 2010. (Acceptance rate: 14%, 84/585)
  Extended version available as CACR Tech Report 2009-31.
• Aniket Kate, Ian Goldberg. "Using Sphinx to Improve Onion Routing Circuit Construction". 14th International Conference on Financial Cryptography and Data Security. pp. 359–366. January 2010. (Acceptance rate: 26%, 34/130)
  Extended version available as CACR Tech Report 2009-33.
• Ian Goldberg, Berkant Ustaoğlu, Matthew Van Gundy, Hao Chen. "Multi-party Off-the-Record Messaging". 16th ACM Conference on Computer and Communications Security. pp. 358–368. November 2009. (Acceptance rate: 18%, 58/315)
• Chris Alexander, Joel Reardon, Ian Goldberg. "Plinko: Polling with a Physical Implementation of a Noisy Channel". Workshop on Privacy in the Electronic Society 2009. pp. 109–112. November 2009. (Acceptance rate: 54%, 15/28)
  Extended version available as CACR Tech Report 2009-21.
• Joel Reardon, Ian Goldberg. "Improving Tor Using a TCP-over-DTLS Tunnel". 18th USENIX Security Symposium. pp. 119–133. August 2009. (Acceptance rate: 15%, 26/176)
• Aniket Kate, Ian Goldberg. "Distributed Key Generation for the Internet". 29th International Conference on Distributed Computing Systems. pp. 119–128. June 2009. (Acceptance rate: 16%, 74/455)
• Ian Goldberg, Atefeh Mashatan, Douglas Stinson. "A New Message Recognition Protocol With Self-Recoverability for Ad Hoc Pervasive Networks". 7th International Conference on Applied Cryptography and Network Security. pp. 219–237. June 2009. (Acceptance rate: 21%, 32/150)
• George Danezis, Ian Goldberg. "Sphinx: A Compact and Provably Secure Mix Format". 2009 IEEE Symposium on Security and Privacy. pp. 269–282. May 2009. (Acceptance rate: 10%, 26/254)
• Ryan Stedman, Kayo Yoshida, Ian Goldberg. "A User Study of Off-the-Record Messaging". The 2008 Symposium On Usable Privacy and Security. pp. 95–104. July 2008. (Acceptance rate: 28%, 12/43)
• Chris Alexander, Ian Goldberg. "Improved User Authentication in Off-The-Record Messaging". Workshop on Privacy in the Electronic Society 2007. pp. 41–47. October 2007. (Acceptance rate: 19%, 9/48)
• Ge Zhong, Ian Goldberg, Urs Hengartner. "Louis, Lester and Pierre: Three Protocols for Location Privacy". 7th Privacy Enhancing Technologies Symposium. pp. 62–76. June 2007. (Acceptance rate: 19%, 16/84)
• Aniket Kate, Gregory Zaverucha, Ian Goldberg. "Pairing-Based Onion Routing". 7th Privacy Enhancing Technologies Symposium. pp. 95–112. June 2007. (Acceptance rate: 19%, 16/84)
• Ian Goldberg. "Improving the Robustness of Private Information Retrieval". 2007 IEEE Symposium on Security and Privacy. pp. 131–145. May 2007. (Acceptance rate: 8%, 20/246)
• Ian Goldberg. "On the Security of the Tor Authentication Protocol". Workshop on Privacy Enhancing Technologies 2006. pp. 316–331. June 2006. (Acceptance rate: 26%, 24/91)
• Nikita Borisov, Ian Goldberg, Eric Brewer. "Off-the-Record Communication, or, Why Not To Use PGP". Workshop on Privacy in the Electronic Society 2004. pp. 77–84. October 2004. (Acceptance rate: 22%, 10/45)
• Ian Goldberg. "Privacy-enhancing Technologies for the Internet, II: Five Years Later". Workshop on Privacy Enhancing Technologies 2002. pp. 1–12. April 2002. (Acceptance rate: 35%, 17/48)
• Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, David Wagner. "A Cryptanalysis of the High-bandwidth Digital Content Protection System". Workshop on Security and Privacy in Digital Rights Management 2001. pp. 192–200. November 2001. (Acceptance rate: 30%, 15/50)
• Nikita Borisov, Ian Goldberg, David Wagner. "Intercepting Mobile Communications: The Insecurity of 802.11". ACM SIGMOBILE Annual International Conference on Mobile Computing and Networking 2001. pp. 180–189. July 2001. (Acceptance rate: 11%, 30/281)
• David Wagner, Ian Goldberg. "Proofs of Security for the Unix Password Hashing Algorithm". Asiacrypt 2000. pp. 560–572. December 2000. (Acceptance rate: 32%, 45/139)
• Chris Hall, Ian Goldberg, Bruce Schneier. "Reaction Attacks Against Several Public-Key Cryptosystems". International Conference on Information and Communication Security 1999. pp. 2–12. November 1999.
• Ian Goldberg, Steven D. Gribble, David Wagner, Eric A. Brewer. "The Ninja Jukebox". 2nd USENIX Symposium on Internet Technologies and Systems. 10 pages. October 1999.
• Armando Fox, Ian Goldberg, Steven D. Gribble, David C. Lee, Anthony Polito, Eric A. Brewer. "Experience With Top Gun Wingman: A Proxy-Based Graphical Web Browser for the 3Com PalmPilot". IFIP International Conference on Distributed Systems Platforms and Open Distributed Processing (Middleware) 1998. 18 pages. September 1998.
• Ian Goldberg, David Wagner, Randi Thomas, Eric A. Brewer. "A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker". 6th USENIX Security Symposium. pp. 1–13. July 1996.

Books Edited

• Ian Goldberg, Mikhail Atallah. (Eds.) "Privacy Enhancing Technologies, 9th International Symposium (PETS 2009)". Seattle, WA. 264 pages. August 2009.
• Nikita Borisov, Ian Goldberg. (Eds.) "Privacy Enhancing Technologies, 8th International Symposium (PETS 2008)". Leuven, Belgium. 246 pages. July 2008.

Book Chapters

• Ian Goldberg. "Privacy-Enhancing Technologies for the Internet III: Ten Years Later". Chapter 1 of "Digital Privacy: Theory, Technologies, and Practices", Alessandro Acquisti, Stefanos Gritzalis, Costos Lambrinoudakis, Sabrina di Vimercati, editors. pp. 3–18. Auerbach, December 2007.
• Ian Goldberg, David Wagner. "Architectural Considerations for Cryptanalytic Hardware". Chapter 10 of "Cracking DES: Secrets of Encryption Research, Wiretap Politics & Chip Design". pp. 10-1–10-26. O'Reilly, July 1998.

Other Invited Publications

• Ian Goldberg, Austin Hill, Adam Shostack. "Trust, Ethics, and Privacy". Boston University Law Review. Vol. 81, No. 2. pp. 407–422. April 2001.
• Ian Goldberg, David Wagner, Eric A. Brewer. "Privacy-enhancing Technologies for the Internet". IEEE COMPCON '97. pp. 103–109. February 1997.

Technical Reports

• Ryan Henry, Ian Goldberg. "Solving Discrete Logarithms in Smooth-Order Groups with CUDA". CACR Tech Report 2012-02. 17 pages. January 2012.
• Mashael AlSabah, Kevin Bauer, Tariq Elahi, Ian Goldberg. "Tempura: Improved Tor Performance with Multipath Routing". CACR Tech Report 2011-29. 21 pages. August 2011.
• Angèle Hamel, Jean-Charles Grégoire, Ian Goldberg. "The Mis-entropists: New Approaches to Measures in Tor". CACR Tech Report 2011-18. 10 pages. July 2011.
• Simina Brânzei, Tariq Elahi, Ian Goldberg. "Local Anonymity: A Metric for Improving User Privacy in Tor". CACR Tech Report 2011-17. 6 pages. July 2011.
• Michael Backes, Ian Goldberg, Aniket Kate, Tomas Toft. "Adding Query Privacy to Robust DHTs". arXiv Tech Report 1107.1072. 18 pages. July 2011.
• Michael Backes, Ian Goldberg, Aniket Kate, Esfandiar Mohammadi. "Provably Secure and Practical Onion Routing". ePrint Tech Report 2011/308. 21 pages. June 2011.
• Femi Olumofin, Ian Goldberg. "Preserving Access Privacy Over Large Databases". CACR Tech Report 2010-33. 22 pages. November 2010.
• Joel Reardon, Jeff Pound, Ian Goldberg. "Relational-Complete Private Information Retrieval". CACR Tech Report 2007-34. 24 pages. November 2007.
• Joel Reardon, Alan Kligman, Brian Agala, Ian Goldberg. "KleeQ: Asynchronous Key Management for Dynamic Ad-Hoc Networks". CACR Tech Report 2007-03. 17 pages. January 2007.

Invited Talks

• "PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval". McMaster University Seminar in Computers and Software. September 2011.
• "PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval". Kansas State University Computing and Information Science Seminar Series. May 2011.
• "Privacy Enhancing Technologies for the Internet". Kansas State University Computing and Information Science Distinguished Lecture Series. May 2011.
• "Private Information Retrieval". International Olympiad in Informatics Evening Lecture Series. August 2010.
• "Achieving Efficient Query Privacy for Location Based Services". Pitney Bowes Sixth Annual Conference on Information Security and Communication. July 2010.
• "Sphinx: A Compact and Provably Secure Mix Format". University of Illinois at Urbana-Champaign Information Trust Institute Trust and Security Seminar. September 2009.
• "Sphinx: A Compact and Provably Secure Mix Format". Purdue University CERIAS Security Seminar. August 2009.
• "Internet Security and Privacy for the Rest of Us". Third Age Learning Speaker Series on "Privacy and Security in Your World". February 2009.
• "Introduction to Classical Cryptography and Information Security". Information Security in a Quantum World Conference. August 2008. (with Alfred Menezes, Douglas Stinson)
• "Off-the-Record Messaging: Useful Security and Privacy for IM". Pitney Bowes Fourth Annual Conference on Information Security and Communication. June 2008.
• "Cryptography, Security, and Privacy on the Internet". CEMC Lyons Invited Speaker. June 2008.
• "Off-the-Record Messaging: Useful Security and Privacy for IM". 1st Canada-France MITACS Workshop on Foundations & Practice of Security. May 2008.
• "Improving the Robustness of Private Information Retrieval". University of California, Berkeley TRUST Seminar. April 2008.
• "Improving the Robustness of Private Information Retrieval". Johns Hopkins University Information Security Institute Seminar. February 2008.
• "interceptedI: A Technical Perspective". On The Identity Trail's Revealed I conference. October 2007. (panel with Michael Geist, Clayton Pecknold, Wesley Wark, Philippa Lawson)
• "Looking Ahead: A Ten-Year Outlook for Internet Security and Privacy". International Conference on Distributed Computing Systems 2007. June 2007. (panel with Ashvin Goel, Emin Gun Sirer, Anthony Joseph, David Lie, Partha Dasgupta)
• "Polynomial Secret Sharing and Private Information Retrieval". Canadian Mathematics Competition Seminar. June 2007.
• "Improving the Robustness of Private Information Retrieval". Stanford Security Seminar. May 2007.
• "Off-the-Record Messaging: Useful Security and Privacy for IM". Stanford University Department of Electrical Engineering Computer Systems Colloquium. May 2007.
• "Cryptography, Security and Privacy on the Internet". 17th Conference on Computers, Freedom, and Privacy. May 2007.
• "Off-the-Record Messaging: Useful Security and Privacy for IM". MITACS Digital Security Seminar Series at Carleton University. April 2007.
• "Improving the Robustness of Private Information Retrieval". University of Massachusetts Amherst Computer Science Department Seminar. April 2007.
• "Questions and Answers about Off-the-Record Messaging". Hewlett-Packard Software Engineering Seminar. February 2007.
• "Off-the-Record Messaging". 7th Annual Privacy and Security Workshop & 15th CACR Information Security Workshop. November 2006.
• "Privacy-Enhancing Technologies for the Internet". Fourth Annual Conference on Privacy, Security, and Trust. October 2006.
• "Off-the-Record Communication, or, Why Not To Use PGP". Research seminar, University of California, Berkeley. August 2006.
• "Off-the-Record Messaging". CyLab / ISRI Seminar Series, Carnegie Mellon University. October 2005.
• "The Promise of Privacy Enhancing Technologies". 12th Conference on Computers, Freedom, and Privacy. April 2002. (with Paul Syverson, Lorrie Faith Cranor, Marc Levine)
• "Privacy vs. Security: Myth or Fiction?". Financial Cryptography 2002. March 2002. (with Ron Rivest, Graham Wood)
• "Privacy-Degrading Technologies: How Not to Build the Future". 9th USENIX Security Symposium. August 2000.
• "A Pseudonymous Communications Infrastructure for the Internet". Stanford University Computer Systems Laboratory EE380 Colloquium. April 2000.

Other Research Seminars

• "Sphinx: A Compact and Provably Secure Mix Format". CACR Seminar, University of Waterloo. July 2009.
• "Off-the-Record Messaging: Useful Security and Privacy for IM". Computer Science Club Seminar, University of Waterloo. October 2007.
• "Improving the Robustness of Private Information Retrieval". CACR Seminar, University of Waterloo. April 2007.

Guest Lectures

• University of Waterloo, INTEG 221 (On the Nature of Knowledge). 9–11 February 2010.
• University of Waterloo, CS 492 (Computers and Society). 16 January 2009.
• University of Waterloo, CO 487 (Applied Cryptography). 10 March 2006.
• Carnegie Mellon University, 15-508 / 17-801 / 19-608 / 95-818 (Privacy Policy, Law, and Technology). 24 October 2005.

Selected Other Publications and Conference Talks

• "Privacy and Anonymity on the Internet". Workshop on Vanishing Anonymity, 15th Conference on Computers, Freedom, and Privacy. April 2005.
• "Off-the-Record Messaging". CodeCon 2005. February 2005. (with Nikita Borisov)
• "Six Ways from Sunday: Attacks on the WEP Protocol of 802.11". RSA Conference 2002. February 2002.
• "The Insecurity of 802.11: An Analysis of the Wired Equivalent Privacy protocol". Black Hat Briefings 2001. July 2001.
• "Using the Internet Pseudonymously". RSA Conference 2000. January 2000.
• "Practical Computer Security". CrypTEC '99. July 1999. (with Eric Brewer, David Wagner)
• "The Palm III as an Authentication Token". RSA Conference 1999. January 1999.
• "Cryptanalysis of the GSM Identification Algorithm". Black Hat Briefings 1998. July 1998.
• "Shared Libraries on the PalmPilot". Handheld Systems. Vol. 5, No. 6. Nov/Dec 1997.
• "Randomness and the Netscape Browser". Dr. Dobb's Journal. January 1996. (with David Wagner)

Teaching

• Co-instructor, CS 458/658 (Computer Security and Privacy)
  University of Waterloo, Winter 2012

  121 students in 2 sections

  with Kevin Bauer

• Instructor, CS 858 (Hot Topics in Privacy Enhancing Technologies)
  University of Waterloo, Fall 2011

  16 students

• Instructor, CS 135 (Designing Functional Programs)
  University of Waterloo, Fall 2011

  92 students

• Instructor, CS 458/658 (Computer Security and Privacy)
  University of Waterloo, Winter 2011

  39 students

• Instructor, CS 499R (Readings in Computer Science: Privacy Enhancing Technologies)
  University of Waterloo, Winter 2011

  1 student

• Instructor, CS 858 (Hot Topics in Privacy Enhancing Technologies)
  University of Waterloo, Winter 2011

  10 students

• Instructor, CS 135 (Designing Functional Programs)
  University of Waterloo, Fall 2010

  79 students

• Instructor, CS 458/658 (Computer Security and Privacy)
  University of Waterloo, Winter 2010

  47 students

• Instructor, CS 135 (Designing Functional Programs)
  University of Waterloo, Fall 2009

  68 students

• Instructor, CS 858 (Hot Topics in Privacy Enhancing Technologies)
  University of Waterloo, Fall 2009

  12 students

• Instructor, CS 135 (Designing Functional Programs)
  University of Waterloo, Winter 2009

  166 students in 2 sections

• Instructor, CS 458/658 (Computer Security and Privacy)
  University of Waterloo, Fall 2008

  60 students

• Instructor, CS 135 (Designing Functional Programs)
  University of Waterloo, Fall 2008

  90 students

• Instructor, CS 489/698 section 1 (Computer Security and Privacy)
  University of Waterloo, Fall 2007

  58 students

• Instructor, CS 854 (Hot Topics in Privacy Enhancing Technologies)
  University of Waterloo, Fall 2007

  12 students

• Instructor, CS 456/656 (Computer Networks)
  University of Waterloo, Fall 2006

  61 students in 2 sections

• Co-instructor, CS 261 (Computer Security)
  UC Berkeley, Fall 1998

  Designed and taught a new graduate-level course in Computer Security (with fellow graduate student David Wagner). Developed syllabus and assignments; lectured; advised students on class projects.

Students Supervised

• Rob Smits (Technical support staff), Winter 2012
• Yi Ren (Undergraduate Research Assistant, part-time), Winter 2012
• Paul Hendry (Undergraduate Research Assistant, part-time), Winter 2012
• Casey Devet (Undergraduate Research Assistant, part-time), Winter 2012
• Aleksander Essex (Ph.D. Advisory Committee [Urs Hengartner]), Fall 2011 – present
• Kevin Henry (Ph.D. Advisory Committee [Douglas Stinson]), Fall 2011 – present
• Caset Devet (Undergraduate Student Research Assistant), Fall 2011
• Hooman Mohajeri (Master's Student), Fall 2011 – present
• Yizhou Andy Huang (Master's Student), Fall 2011 – present
• Kevin Bauer (Postdoctoral Fellow), Spring 2011 – present
• Yizhou Andy Huang (Undergraduate Student Research Assistant), Spring 2011
• Tariq Elahi (Ph.D. Student), Winter 2011 – present
• Ryan Henry (Ph.D. Student), Winter 2011 – present
• Hamidreza Ebrahimzadeh Saffar (Ph.D. Advisory Committee [Patrick Mitran]), Fall 2010 – present
• Mehrdad Nojoumian (Ph.D. Advisory Committee [Douglas Stinson]), Fall 2010 – present
• Rob Smits (Master's Student), "BridgeSPA: A Single Packet Authorization System for Tor Bridges", Fall 2010 – Winter 2012
• Jalaj Upadhyay (M.Math. Thesis Reader [Douglas Stinson]), Spring 2010
• Ali Zibaeenejad (Ph.D. Advisory Committee [Amir Khandani]), Spring 2010 – present
• Qi Xie (M.Math. Thesis Reader [Urs Hengartner]), Spring 2010
• Wanying Luo (M.Math. Thesis Reader [Urs Hengartner]), Winter 2010
• Maxwell Young (Ph.D. Advisory Committee [Martin Karsten]), Fall 2009 – Spring 2011
• Ryan Henry (Master's Student), "Nymbler: Privacy-enhanced Protection from Abuses of Anonymity", Fall 2009 – Winter 2011
• Mashael AlSabah (Ph.D. Student), Winter 2009 – present
• Greg Zaverucha (Ph.D. Advisory Committee [Douglas Stinson]), Winter 2009 – Spring 2010
• Atefeh Mashatan (Ph.D. Advisory Committee [Douglas Stinson]), Fall 2008
• Andrew Chung (Undergraduate Research Assistant, part-time), Fall 2008
• Femi Olumofin (Ph.D. Student), "Practical Private Information Retrieval", Fall 2008 – Spring 2011
• Can Tang (Master's Student), "An Improved Algorithm for Tor Circuit Scheduling", Fall 2008 – Spring 2010
• Willy Lew (Undergraduate Research Assistant, part-time), Spring 2008
• Lisa Du (Undergraduate Research Assistant, part-time), Spring 2008
• Muhaimeen Ashraf (Undergraduate Research Assistant, part-time), Spring 2008
• Robin Snader (Ph.D. Advisory Committee [Nikita Borisov, University of Illinois at Urbana-Champaign]), Winter 2008 – Fall 2009
• Berkant Ustaoğlu (Ph.D. Advisory Committee [Alfred Menezes]), Winter 2008 – Spring 2008
• Jiayuan Sui (M.Math. Thesis Reader [Douglas Stinson]), Winter 2008
• Michael Bodis (Undergraduate Research Assistant, part-time), Winter 2008
• Rob Smits (Undergraduate Research Assistant, part-time), Winter 2008
• Ali Taleghani (Ph.D. Advisory Committee [Jo Atlee]), Fall 2007 – Spring 2010
• Jiang Wu (Ph.D. Advisory Committee [Douglas Stinson]), Fall 2007 – Spring 2009
• Weihan Wang (M.Math. Thesis Reader [Martin Karsten]), Fall 2007
• Xiaoting Sun (Master's Student), "Anonymous, Secure and Efficient Vehicular Communications", Fall 2007
• Chris Alexander (Master's Student), Fall 2007 – Fall 2009
• Douglas Stebila (Ph.D. Advisory Committee [Michele Mosca]), Spring 2007 – Winter 2009
• Chris Alexander (Undergraduate Student Research Assistant), Spring 2007
• Aniket Kate (Ph.D. Student), "Distributed Key Generation and Its Applications", Spring 2007 – Spring 2010
• Chris Alexander (Undergraduate Research Assistant, part-time), Winter 2007
• Joel Reardon (Master's Student), "Improving Tor using a TCP-over-DTLS Tunnel", Fall 2006 – Spring 2008

Software

• cudadl

  The cudadl package is an implementation of van Oorschot and Wiener's parallel version of Pollard's rho algorithm for finding discrete logs. It uses CUDA GPUs (particularly, 2 NVIDIA M2050 GPUs) to do the computation. It is optimized for solving discrete logs over 1536-bit RSA numbers whose totient is smooth; that is, numbers N=pq where p-1 and q-1 are each the product of distinct primes less than B, for 58-bit B.

  Released: January 2012

• BridgeSPA

  BridgeSPA is a protocol and implementation of innocuous single packet authorization based on Silent Knock that protects Tor bridges from aliveness checks.

  Released: August 2011

• Sphinx

  Sphinx is a cryptographic message format used to relay anonymized messages within a mix network. It is more compact than any comparable scheme, and supports a full set of security features: indistinguishable replies, hiding the path length and relay position, as well as providing unlinkability for each leg of the message's journey over the network.

  Released: March 2011

• Percy++

  Percy++ is an implementation of Private Information Retrieval protocols in C++. It provides information-theoretic, computational, or hybrid protection for the privacy of the query, and handles servers that fail to respond or that respond incorrectly. Percy++ has been accepted into the Advanced Crypto Software Collection.

  Released: March 2007 – June 2007

• Off-the-Record Messaging

  Off-the-Record Messaging (OTR) enables secure and private instant messaging over existing IM networks. In order to emulate real-world "off-the-record" conversions, it provides encryption, authentication, forward secrecy and deniability.

  Released: November 2004 – October 2009

Program Committees

• 7th USENIX Workshop on Hot Topics in Security (HotSec 2012), August 2012
• 21st USENIX Security Symposium, August 2012
• 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2012), May 2012
• 20th USENIX Security Symposium, August 2011
• 4th ACM Conference on Wireless Network Security, June 2011
• Program Chair, 19th USENIX Security Symposium, August 2010
• 18th USENIX Security Symposium, August 2009
• Program Co-chair, 9th Privacy Enhancing Technologies Symposium, August 2009
• 30th IEEE Symposium on Security and Privacy, May 2009
• 17th USENIX Security Symposium, July 2008
• Program Co-chair, 8th Privacy Enhancing Technologies Symposium, July 2008
• 34th International Conference on Current Trends in Theory and Practice of Computer Science (SOFSEM), January 2008
• 14th Workshop on Selected Areas in Cryptography, August 2007
• 7th Privacy Enhancing Technologies Symposium, June 2007
• 6th Workshop on Privacy Enhancing Technologies, June 2006
• 5th CodeCon, February 2006
• Third Annual Conference on Privacy, Security, and Trust, October 2005
• 5th Workshop on Privacy Enhancing Technologies, May 2005
• 4th CodeCon, February 2005
• 4th Workshop on Privacy Enhancing Technologies, May 2004
• 2002 IEEE Symposium on Security and Privacy, May 2002
• 6th International Financial Cryptography Conference, February 2002
• 10th USENIX Security Symposium, August 2001
• 9th USENIX Security Symposium, August 2000

Other Service

• Reviewer: Future Internet (2012)
• Reviewer: NSERC Discovery—Individual (2012)
• PET 2012 Award Committee, July 2012
• Reviewer: 12th International Conference on Cryptology in India (Indocrypt) (2011)
• Reviewer: IET Information Security (2011)
• Reviewer: Security and Communication Networks (2011)
• School of Computer Science Tenure & Promotions Committee, July 2011 – present
• Reviewer: IEEE Transactions on Dependable and Secure Computing (2011)
• General Chair, 11th Privacy Enhancing Technologies Symposium, July 2011
• Reviewer: MITACS Accelerate (2011)
• Reviewer: NSERC Discovery—Individual (2011)
• Reviewer: ACM Transactions on Information and System Security (2011, 4 articles)
• Reviewer: IEEE Transactions on Dependable and Secure Computing (2010)
• Reviewer: Microsoft Research PhD Scholarship Program (2010)
• Computer Science Computing Facility Advisory Committee, July 2010 – June 2011
• Reviewer: MITACS Postdoctoral Research Projects (2010, 3 applications)
• Reviewer: Third International Workshop on the Network of the Future (2010)
• Reviewer: ACM Transactions on Information and System Security (2010)
• Reviewer: IEEE Security & Privacy (2010, 2 articles)
• Reviewer: 17th ACM Conference on Computer and Communications Security (2010)
• Reviewer: VLDB Journal (2010)
• Board of Directors, Centre for Education in Mathematics and Computing, May 2010 – present
• Reviewer: Security and Communication Networks (2010)
• Reviewer: NSERC Discovery—Individual (2010)
• Reviewer: IEEE Security & Privacy (2009)
• Reviewer: Eighth Annual IEEE International Conference on Pervasive Computing and Communications (2009)
• Reviewer: ACM Transactions on Information and System Security (2009, 2 articles)
• Reviewer: Elsevier Computers & Security (2008)
• Reviewer: ACM Transactions on Information and System Security (2008, 3 articles)
• Reviewer: 2008 IEEE Symposium on Security and Privacy (2008)
• Reviewer: Graphics Interface 2008 (2008)
• Reviewer: NSERC Discovery—Individual (2008, 3 applications)
• Privacy Enhancing Technologies Advisory Board, June 2007 – present
• Reviewer: Elsevier Journal of Systems and Software (2007)
• Reviewer: 7th International Conference on Next Generation Teletraffic and Wired/Wireless Advanced Networking (2007)
• Reviewer: Journal of Combinatorial Mathematics and Combinatorial Computing (2007)
• Undergraduate Academic Plans Committee, January 2007 – present
• Chair of the Board of Directors, The Tor Project, a scientific and educational charity, January 2007 – present
• Director, The Tor Project, December 2006 – present
• Ontario Graduate Scholarships Ranking Committee, October 2006
• Reviewer: IEE Proceedings Information Security (2006)
• Reviewer: ACM Computing Surveys (2006)
• Reviewer: Communications of the ACM (2006)
• PET 2006 Award Committee, June 2006
• PET 2003 Award Committee, March 2003
• Reviewer: 8th Workshop on Selected Areas in Cryptography (2001)

Awards and Honours

• Pioneer Award (Electronic Frontier Foundation), 2011
• Outstanding Young Computer Science Researcher Award (Canadian Association of Computer Science), 2011
• Early Researcher Award (Ontario Ministry of Research and Innovation), 2010
• ACM Senior Member, 2010–present
• Best Paper Award, 6th USENIX Security Symposium, 1996
• Governor General's Silver Medal, 1995
• NSERC Post-Graduate Scholarships, 1995–1999
• Wired Magazine's Wired 25, 1998

Professional Affiliations

• Association for Computing Machinery (Senior Member)
• Institute of Electrical and Electronics Engineers
• International Association for Cryptologic Research
• Canadian Mathematical Society
• USENIX
• Centre for Applied Cryptographic Research
• Institute for Quantum Computing

Last update: 28 January 2012