Hossein Shafagh
Since end of 2018, I have joined Netflix as a Senior Security Engineer in California.
At Netflix, I co-lead the PKI strategy efforts, co-own the TLS certificate lifecycle management service, and partner with cross-functional teams to help with secure system design aspects.
Prior to that I was a researcher at ETH Zurich, Switzerland, affiliated with the Distributed Systems Group. My research focus has been on enabling the vision of data ownership, where users retain control over their data, and service providers only see and process encrypted data. More specifically, I have designed and built encrypted data processing, and cryptographic-based authorization systems. In general, I follow research in the systems, networking, and security domain.
I obtained my Ph.D. from ETH Zurich in summer 2018. The title of my dissertation is "Retaining Data Ownership in the Internet of Things" (PDF) and my examination committee consisted of Prof. Philip Levis and my co-advisers Prof. Srdjan Capkun and Prof. Friedemann Mattern. Before that, I graduated with M.Sc. and B.Sc. degrees in Computer Science from RWTH Aachen University, Germany. I conducted my master's thesis at SICS (Swedish Institute of Computer Science) in the area of delegated public-key-based authentication for the Internet of Things. In summer 2015, I was a research intern at Stanford, with Philip Levis.
To learn more about our decentralized access authorization project Droplet check out: dropletchain.github.io
TimeCrypt is our encrypted time-series data analytics system: timecrypt.io
Talos is our encrypted data processing project: talos-crypto.github.io
In this project, we introduce a proximity-based authentication approach for the IoT that works in-band by solely utilizing the wireless communication interface. The novelty of this approach lies in its reliance on ambient radio signals to infer proximity within about one second, and in its ability to expose imposters located several meters away. We identify relevant features sensed from the RF channel to establish a notion of proximity across co-located low-power devices. We introduce our proximity-based authentication protocol and show the feasibility of our approach with an early prototype using off-the-shelf 802.15.4 sensors. PDF, Demo, Code
The rise of heterogeneity in wireless technologies operating
in the unlicensed bands has been shown to adversely affect
the performance of low-power wireless networks. CrossTechnology
Interference (CTI) is highly uncertain and raises
the need for agile methods that assess the channel conditions
and apply actions maximizing communication success.
To tackle the challenges of CTI, we design and build cognitive systems that can detect CTI and apply effective counter-measures.
This project was led by Anwar Hithnawi and resulted in the following systems:
TIIM, CrossZig, and CIG.
(our Traces)
My TA role includes in general varying tasks such as designing problem sets, teaching weekly tutorial sessions, grading assignments and course projects, correction of exams, helping in designing final exams, and guiding students on presenting and writing seminar research papers. I have been a teaching assistant for the following courses:
The primary goal of this course is to teach first semester students how to program in C++. They learn object-oriented programming and simple data structures. My role as TA includes holding weekly recitations, giving feedback on assignments, etc.
This course is a continuation of Informatics I, with more focus on algorithms and data structures. The exercises are in Java and cover divide & conquer principle, recursion, sort, backtracking, trees, and other fundamental data structures. They learn object-oriented programming and simple data structures. My role as TA includes holding weekly recitations, giving feedback on assignments, etc.
Since 2016 I am the head TA in this course. In 2017, we successfully integrated codeboard as the submission platform for student assignments.
Summary of mentored student projects and student theses at ETH Zurich.
Type | Title | Student | Supervisor | Semester |
---|---|---|---|---|
M | Key Distribution and Management for Efficient Key Updates and Sharing of IoT Data | Jason Friedman |
Hossein Shafagh Lukas Burkhalter |
SS 18 |
M | Modular and Scalable Encrypted Time Series Data Processing | Simon Peyer |
Hossein Shafagh Lukas Burkhalter |
SS 18 |
M | Secure Sharing and Querying of Multidimensional Time-series Data | Misels Kaporins |
Hossein Shafagh Anwar Hithnawi |
AS 17 |
M | Towards Blockchain-based Auditable Storage and Sharing of IoT Data | Lukas Burkhalter | Hossein Shafagh
Anwar Hithnawi |
AS17 |
M | Privacy-Preserving Cloud Computation using Fully Homomorphic Encryption | Alexander Viand | Hossein Shafagh | SS17 |
L | Proximity-based Authentication via Ambient RF Noise | Jakob Hasse | Hossein Shafagh | AS16 |
M | Secure Analysis of Encrypted IoT Data | Pascal Fischli | Hossein Shafagh | SS16 |
L | Developing IoT Applications on top of Encrypted Data | Lukas Burkhalter, Alexander Viand |
Hossein Shafagh | AS15 |
M | A Public-key Cryptography Framework for the Internet of Things | Andreas Droescher | Hossein Shafagh | SS15 |
M | Proximity-based Authentication for the Internet of Things | Dominic Plangger | Hossein Shafagh
Anwar Hithnawi |
SS15 |
B | Encrypted Data Processing for the Internet of Things: User’s Perspective | Lukas Burkhalter | Hossein Shafagh
Anwar Hithnawi |
SS15 |
B | Understanding the Impact of Cross Technology Interference on Low-power Wireless Networks |
Jan Wolf | Anwar Hithnawi
Hossein Shafagh |
SS14 |