Kenneth Paterson

Biography

Education and professional milestones:

• B.Sc. from the University of Glasgow in 1990; Ph.D. from the University of London in 1993, both in Mathematics.
• Royal Society Fellow at the Institute for Signal and Information Processing at ETH Zurich, from 1993 to 1994.
• Lloyd's of London Tercentenary Foundation Research Fellow at Royal Holloway, University of London, from 1994 to 1996.
• Joined Hewlett-Packard Laboratories Bristol in 1996, becoming a project manager in 1999.
• Joined the Information Security Group at Royal Holloway, University of London in 2001, becoming a Reader in 2002 and a Professor in 2004.
• EPSRC Leadership Fellow working on a project entitled Cryptography: Bridging Theory and Practice from March 2010 to May 2015.
• Reverted to being a Professor of Information Security in May 2015.
• Joined the Department of Computer Science at ETH Zurich in April 2019. Founder and Head of the Applied Cryptography Group; Associate Department Head in 2021 and 2022; Department Head from 1 January 2023.
• Research over the last two decades mostly in the area of Cryptography, with a strong emphasis on the analysis of deployed cryptographic systems and the development of provably secure solutions to real-world cryptographic problems.
• Co-founder of the Real World Cryptography series of workshops to support the development of this broad area and to strengthen the links between academia and industry.
• Co-chair of the IRTF's research group on Cryptography, CFRG from 2014 to 2019. This group is working to provide expert advice to the IETF in an effort to strengthen the Internet's core security protocols.
• Research on the security of TLS (the Lucky 13 attack on CBC-mode encryption in TLS and attacks on RC4) received significant media attention, helped to drive the widespread adoption of TLS 1.2 with its support for modern encryption schemes, and was an important factor in the TLS Working Group's decision to abandon legacy encryption mechanisms in TLS 1.3.

A selection of research prizes and awards:

• Google Distinguished Paper Award for joint work with Nadhem AlFardan presenting plaintext recovery attacks against DTLS published at NDSS 2012.
• Applied Networking Research Prize from the IRTF for work with Nadhem AlFardan on the Lucky 13 attack.
• Award for Outstanding Research in Privacy Enhancing Technologiesfor work with Mihir Bellare and Phil Rogaway on the Security of symmetric encryption against mass surveillance published at CRYPTO 2014.
• Work with Martin Albrecht, Jean Paul Degabriele and Torben Hansen on symmetric encryption in SSH won a best paper award at ACM CCS 2016.
• Best paper awards at CHES and IMC in 2018.
• Work analysing the Telegram secure messaging system won an IEEE Symposium on Security and Privacy Distinguished Paper Award in 2022.
• Joint work with Francesca Falzon, a former visitor of the Applied Crypto group and PhD student at the University of Chicago won a best student paper award at ESORICS 2022.
• Research on the security of OpenPGP won a distinguished paper award at ACM CCS 2022.
• A distinguished paper award at the 2023 IEEE Symposium on Security and Privacy for work with Matilda Backendal and Miro Haller.

Other career highlights:

• Programme Chair for EUROCRYPT 2011.
• Invited speaker at ASIACRYPT 2014.
• Editor-in-chief of the Journal of Cryptology from 2017 to 2020.
• Made a fellow of the IACR in 2017.
• Winner of the ETH Golden Owl best teaching award for the Department of Computer Science in 2022.

Recent publications:

2023:

• Martin R. Albrecht, Miro Haller, Lenka Mareková, Kenneth G. Paterson: Caveat Implementor! Key Recovery Attacks on MEGA. EUROCRYPT (5) 2023: 190-218.
• Matilda Backendal, Miro Haller and Kenneth G. Paterson. MEGA: Malleable Encryption Goes Awry. IEEE S&P 2023. Distinguished Paper Award.
• Zichen Gui, Kenneth G. Paterson and Sikhar Patranabis. Rethinking Searchable Symmetric Encryption. IEEE S&P 2023
• Zichen Gui, Kenneth G. Paterson, and Tianxin Tang. Security Analysis of MongoDB Queryable Encryption. USENIX Security 2023, to appear.
• Kenneth G. Paterson, Matteo Scarlata, Kien Tuong Truong. Three Lessons From Threema: Analysis of a Secure Messenger. USENIX Security 2023, to appear.
• Massimiliano Taverna and Kenneth G. Paterson. Snapping Snap Sync: Practical Attacks on Go Ethereum Synchronising Nodes. USENIX Security 2023, to appear. 

2022:

• Lara Bruseghini, Daniel Huigens, Kenneth G. Paterson. Victory by KO: Attacking OpenPGP Using Key Overwriting, ACM CCS 2022: 411-423.
• Martin R. Albrecht, Raphael Eikenberg and Kenneth G. Paterson. Breaking Bridgefy, again: Adopting libsignal is not enough. USENIX Security 2022: 269-286.
• Martin R. Albrecht, Lenka Mareková, Kenneth G. Paterson, Igors Stepanovs: Four Attacks and a Proof for Telegram. IEEE Symposium on Security and Privacy 2022: 87-106. Distinguished paper award.
• Matilda Backendal, Felix Günther and Kenneth G. Paterson. Puncturable Key Wrapping and Its Applications, Asiacrypt 2022: 651-681.
• Mia Filić, Kenneth G. Paterson, Anupama Unnikrishnan and Fernando Virdia. Adversarial Correctness and Privacy for Probabilistic Data Structures. ACM CCS 2022: 1037-1050.
• Paul Grubbs, Varun Maram, Kenneth G. Paterson. Anonymous, Robust Post-quantum Public Key Encryption. EUROCRYPT (3) 2022: 402-432.

2021:

• Jean Paul Degabriele, Jérôme Govinden, Felix Günther, Kenneth G. Paterson. The Security of ChaCha20-Poly1305 in the Multi-User Setting. CCS 2021: 1981-2003.

 2020:

• P.  Leu, M. Singh, M. Roeschlin, K.G. Paterson and S. Capkun. Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement. IEEE Symposium on Security and Privacy 2020: 500-516.
• J. Massimo and K.G. Paterson. A Performant, Misuse-Resistant API for Primality Testing. ACM CCS 2020: 195-210.
• F. Tramèr, D. Boneh and K.G. Paterson. Remote Side-Channel Attacks on Anonymous Transactions. USENIX Security Symposium 2020: 2739-2756.

2019:

• P. Grubbs, M.-S. Lacharité, B. Minaud and K.G. Paterson. Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks. IEEE Symposium on Security and Privacy 2019: 1067-1083.