I am associate professor in the Security and Privacy research group at the University of Edinburgh. I hold a PhD in cryptography from COSIC at the K.U. Leuven and previously was a researcher at Microsoft Research Cambridge in the Programming Principles and Tools group. I worked on the Identity Mixer anonymous credential system at IBM Research Zurich and I am a founding member of the miTLS project, now project Everest, a verified implementation of the TLS standard. For the latter work I am a co-recipient of received the Levchin prize for real-world cryptography.

I am the director of the Edinburgh ZK-Lab.

I am looking for motivated PhD students with interest in cryptography, blockchain technologies, security, and/or formal verification. If you are already a student at the University of Edinburgh drop by my office to discuss.

News

Privacy Preserving Blueprints

Privacy Preserving Blueprints qualifies/undermines law-enforcement arguments for key-escrow and client-side scanning. Published and presented at Eurocrypt 2023, available on ePrint. Stop Chat Control!

Ouroboros Crypsinous

Ouroboros Crypsinous thei first formally analysed privacy-preserving proof-of-stake (PoS) blockchain protocol is now on ePrint.

State-separating proofs

Our paperState-Separating Proofs: A Reduction Methodology for Real-World Protocols (joint work with C. Brzuska, A. Delignat-Lavaud, K. Kohbrok) is available on ePrint now.

One of the goals of the paper is to reduce suffering when writing and reading real-life protocol reduction proofs, to make them readable and verifiable and also shorter and more precise. To get a good idea about the potential for simplification, look at the original proof of the miTLS, TLS 1.2 handshake, ePrint.

The navigation elements on this page and many layout elements are heavily inspired by and adapted from Mike Rouselek's homepage. The similarity between the definitional style of our paper and his textbook, The Joy of Cryptography, are, however, due to our independently formed believe that it is more accessible than what is "traditional" in crypto.

In our paper we also make the case that this style is more composeable, scaleable, and amenable to formal verification.

The updatable CRS model

Our paper Updatable and Universal Common Reference Strings with Applications to zk-SNARKs (joint work with Jens Groth, Mary Maller, Sarah Meiklejohn, Ian Miers) is available on ePrint now. The goal of the paper is to replace the zcash ceremony which is bordering on the paranoid (listen to a great radiolab episode) with publicly verifiable non-interactive CRS updates.

Teaching

Security news

A Few Thoughts on Cryptographic Engineering by Matthew Green
Schneier on Security by Bruce Schneier

Mentoring

Current advisees:

Lorenzo Martinico (PhD, supervisor)
Meghna Sengupta (PhD, supervisor)

Past advisees:

Misha Volkhov (PhD, supervisor)
Mary Maller (PhD, co-supervisor)
Konrad Kohbrok (PhD, co-supervisor)
Thomas Kerber (PhD, co-supervisor)
Fatemeh Shirazi (PhD, co-supervisor)
Gao Maqing (MS)

Personal Tutor

Resources:

Iain Murray’s notes as a PT

Research

My research lie at the intersection of

formal verification,
foundations of cryptography and
applied cryptography, especially with regard to
privacy-enhancing protocols, blockchains, and crypto currencies and the
formal verification of protocol implementations.

My research is supported by the IOHK and Microsoft Research.

Publications

More bibliographic information is also available on my Google scholar page and DBLP page. For most publications I include a link to a free version of the article; however, some papers are behind paywalls. Send me email if you would like a copy of paywalled publications.

Some of my key publications are:

Sonic: Zero-Knowledge SNARKs from Linear-Size Universal and Updatable Structured Reference Strings,

Mary Maller, Sean Bowe, Markulf Kohlweiss, Sarah Meiklejohn

CCS 2019 article

A new approach for constructing universal and updateable succinct argument systems based on polynomial commitments.

Privacy-preserving smart metering revisited

Alfredo Rial, George Danezis, Markulf Kohlweiss

Int. J. Inf. Sec. 17(1) article

A messy state of the union: taming the composite state machines of TLS

Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cedric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, Jean Karim Zinzindohoue

Commun. ACM 60(2): 99-107 (2017) article

Everest: Towards a Verified, Drop-in Replacement of HTTPS

Karthikeyan Bhargavan, Barry Bond, Antoine Delignat-Lavaud, Cedric Fournet, Chris Hawblitzel, Catalin Hritcu, Samin Ishtiaq, Markulf Kohlweiss, Rustan Leino, Jay R. Lorch, Kenji Maillard, Jianyang Pan, Bryan Parno, Jonathan Protzenko, Tahina Ramananandro, Ashay Rane, Aseem Rastogi, Nikhil Swamy, Laure Thompson, Peng Wang, Santiago Zanella Béguelin, Jean Karim Zinzindohoue

SNAPL 2017 article

Implementing and Proving the TLS 1.3 Record Layer

Antoine Delignat-Lavaud, Cedric Fournet, Markulf Kohlweiss, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella Béguelin, Karthikeyan Bhargavan, Jianyang Pan, Jean Karim Zinzindohoue

IEEE Symposium on Security and Privacy 2017 article

miTLS: Verifying Protocol Implementations against Real-World Attacks

Karthikeyan Bhargavan, Cedric Fournet, Markulf Kohlweiss

IEEE Security & Privacy 14(6): 18-25 (2016) article

Constant-Size Structure-Preserving Signatures: Generic Constructions and Simple Assumptions

Masayuki Abe, Melissa Chase, Bernardo David, Markulf Kohlweiss, Ryo Nishimaki, Miyako Ohkubo

J. Cryptology 29(4): 833-878 (2016) article

Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data

Dario Fiore, Cédric Fournet, Esha Ghosh, Markulf Kohlweiss, Olga Ohrimenko, Bryan Parno

ACM Conference on Computer and Communications Security 2016 article

Dependent types and multi-monadic effects in F

Nikhil Swamy, Catalin Hritcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub, Markulf Kohlweiss, Jean Karim Zinzindohoue, Santiago Zanella Béguelin

POPL 2016 article

Light at the middle of the tunnel: middleboxes for selective disclosure of network monitoring to distrusted parties

Nik Sultana, Markulf Kohlweiss, Andrew W. Moore

HotMiddlebox@SIGCOMM 2016 article

Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation

Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Bryan Parno

IEEE Symposium on Security and Privacy 2016 article

Downgrade Resilience in Key-Exchange Protocols

Karthikeyan Bhargavan, Christina Brzuska, Cédric Fournet, Matthew Green, Markulf Kohlweiss, Santiago Zanella Béguelin

IEEE Symposium on Security and Privacy 2016 article

Proving the TLS Handshake Secure (As It Is)

Karthikeyan Bhargavan, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, Santiago Zanella Béguelin

CRYPTO 2014 article

The main cryptographic publication on MITLS. It primarily deals with the Handshake protocol. It faithfully takes care of many issues of real-world protocols, such as cryptographic agility, that are not usually considered in provable security.

Implementing TLS with Verified Cryptographic Security

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jianyang Pan, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella Béguelin, Jean Karim Zinzindohoue

2013 IEEE Symposium on Security and Privacy, S&P 2013 (235 citations) article

The main verification publication on miTLS. It deals with the whole protocol and points out several ambiguities and weaknesses in the standard. It lays the foundation for Paper 1 and awardwinning follow up papers attacking TLS like Triple Handshake, SMACK/FREAK, and Logjam.

Randomizable Proofs and Delegatable Anonymous Credentials

Mira Belenkiy, Jan Camenisch, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, Hovav Shacham

CRYPTO 2009 article

A seminal paper on using bilinear pairings and Groth-Sahai proofs in privacy-enhancing protocol design. It shows how to exploit the malleability properties of Groth-Sahai proofs and lead the way for structure-preserving cryptography.

Other Things

Projects

Everest

Project Everest aims to build and deploy a verified HTTPS stackwebsite

miTLS

An implementation of the TLS protocol, written in F*website

HACL*

A verified library of cryptographic primitives written in F*website

Professional Service

I am the co-program chair of CANS 2024:

I have served on the following program committees (reverse chronological):

CRYPTO 2024, 2022, 2018; EUROCRYPT 2023, 2015; S&P 2022, TCC 2020, Indocrypt 2020, PKC 2019; EuroS&P 2019; CRYPTO 2018; PETS 2018, 2017, 2016, 2015, 2014, 2013; PKC 2018, 2017 ASIACCS 2017; FC 2016; CCS 2016; IMACC 2015; EUROCRYPT 2015; SOFSEM 2014; WPES 2013; ESORICS 2013, 2012; ARES 2013,2011; CT-RSA 2011; CMS 2011, 2010; COMPSAC 2009

News​