Hossein Shafagh

Since end of 2018, I have joined Netflix as a Senior Security Engineer in California.

At Netflix, I co-lead the PKI strategy efforts, co-own the TLS certificate lifecycle management service, and partner with cross-functional teams to help with secure system design aspects.

Prior to that I was a researcher at ETH Zurich, Switzerland, affiliated with the Distributed Systems Group. My research focus has been on enabling the vision of data ownership, where users retain control over their data, and service providers only see and process encrypted data. More specifically, I have designed and built encrypted data processing, and cryptographic-based authorization systems. In general, I follow research in the systems, networking, and security domain.

I obtained my Ph.D. from ETH Zurich in summer 2018. The title of my dissertation is "Retaining Data Ownership in the Internet of Things" (PDF) and my examination committee consisted of Prof. Philip Levis and my co-advisers Prof. Srdjan Capkun and Prof. Friedemann Mattern. Before that, I graduated with M.Sc. and B.Sc. degrees in Computer Science from RWTH Aachen University, Germany. I conducted my master's thesis at SICS (Swedish Institute of Computer Science) in the area of delegated public-key-based authentication for the Internet of Things. In summer 2015, I was a research intern at Stanford, with Philip Levis.

To learn more about our decentralized access authorization project Droplet check out: dropletchain.github.io
TimeCrypt is our encrypted time-series data analytics system: timecrypt.io
Talos is our encrypted data processing project: talos-crypto.github.io


TimeCrypt: A Scalable Private Time Series Data Store

Today, a growing number of services collect detailed time series data that is stored in the cloud. Protecting the confidentiality of this vast and continuously generated data, while preserving its utility, is crucial for many applications in this space. TimeCrypt is a system we designed that provides scalable and real-time analytics over large volumes of encrypted time series data. To enable granular access control and efficient analytics over large encrypted streams, we introduce a new encryption-based access control construction that is additively homomorphic. TimeCrypt supports rich functionalities and access control semantics needed for time-series data. In TimeCrypt, data is encrypted end-to-end, and authorized parties can only decrypt and verify queries within their authorized access scope. timecrypt.io, PDF,

Droplet: Decentralized Authorization for IoT Data Streams

Secure storage and management of data generated by the myriad of IoT devices present new challenges in the cloud era. How do we empower the user with ownership and fine-grained access control for IoT data without sacrificing performance or security? To address this challenge, we design Droplet a novel decentralized data access control service, which operates without intermediate trust entities. We leverage the blockchain technology to bootstrap trust, for a decentralized, secure, and resilient access control management. Droplet handles time series data, enables reliable sharing among heterogeneous applications from different trust domains, and features a cryptographically-protected fine-grained and scalable access control to data streams. PDF

We have implemented three apps on top of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard. Code

Pilatus: Partially Homomorphic Encrypted Sharing for IoT Data

IoT applications often utilize the cloud to provide storage and ubiquitous access to collected data. This naturally facilitates data sharing with third-party services and other users, but bears privacy risks, due to data breaches or unauthorized trades with user data. To address these concerns, we present Pilatus, a new data protection platform tailored for the IoT ecosystem, that protects data confidentiality while enabling secure processing and selective sharing of encrypted data. Our solution includes a suite of novel techniques that enable efficient partially homomorphic encryption, re-encryption and decryption. Pilatus grants users low-level control over their cloud data with cryptographic guarantees. Pilatus features a novel encrypted data sharing scheme with revocation capabilities and in situ key-update. We present performance optimizations that make these advanced cryptographic tools practical for mobile platforms. PDF

We have implemented an Avawomen app with Pilatus. Code

Talos: Encrypted Data Processing for the IoT

To tackle the data privacy concerns in IoT, we introduce Talos, a system that stores IoT data securely in a Cloud database while still allowing query processing over the encrypted data. We enable this by encrypting IoT data with a set of cryptographic schemes such as order-preserving and partially homomorphic encryption. To achieve this in constrained IoT devices, Talos relies on optimized algorithms that accelerate order-preserving and partially homomorphic encryption by 1 to 2 orders of magnitude. We assess the feasibility of Talos on low-power devices with and without cryptographic accelerators and quantify its overhead regarding energy, computation, and latency. With a thorough evaluation of our prototype implementation, we show that Talos is a practical system that can provide a high level of security with a reasonable overhead. PDF, Demo, Code

We relied on the Flocklab testbed at ETH Zurich to evaluate the performance of Talos. Code

We have implemented a benchmark tool for the Contiki OS to automate the macro-benchmark of Talos. Code
Our drivers for the hardware crypto engine are merged into the main Contiki repo.

We implemented a FitBit app with Talos to operate on encrypted data. Code, Demo

Proximity-based Authentication for the Internet of Things

In this project, we introduce a proximity-based authentication approach for the IoT that works in-band by solely utilizing the wireless communication interface. The novelty of this approach lies in its reliance on ambient radio signals to infer proximity within about one second, and in its ability to expose imposters located several meters away. We identify relevant features sensed from the RF channel to establish a notion of proximity across co-located low-power devices. We introduce our proximity-based authentication protocol and show the feasibility of our approach with an early prototype using off-the-shelf 802.15.4 sensors. PDF, Demo, Code

Low-power Wireless Systems Coexistence

The rise of heterogeneity in wireless technologies operating in the unlicensed bands has been shown to adversely affect the performance of low-power wireless networks. CrossTechnology Interference (CTI) is highly uncertain and raises the need for agile methods that assess the channel conditions and apply actions maximizing communication success. To tackle the challenges of CTI, we design and build cognitive systems that can detect CTI and apply effective counter-measures.

This project was led by Anwar Hithnawi and resulted in the following systems: TIIM, CrossZig, and CIG. (our Traces)


Conferences and Journals:

Posters and Demos:

Prior to my Ph.D. program:

Standardization Documents


Teaching Assistant at ETH Zurich:

My TA role includes in general varying tasks such as designing problem sets, teaching weekly tutorial sessions, grading assignments and course projects, correction of exams, helping in designing final exams, and guiding students on presenting and writing seminar research papers. I have been a teaching assistant for the following courses:

  • Informatics I for Electrical Engineers - Fall 2016 2017
  • The primary goal of this course is to teach first semester students how to program in C++. They learn object-oriented programming and simple data structures. My role as TA includes holding weekly recitations, giving feedback on assignments, etc.

  • Informatics II for Electrical Engineers - Spring 2014, 2015, 2016*, 2017*
  • This course is a continuation of Informatics I, with more focus on algorithms and data structures. The exercises are in Java and cover divide & conquer principle, recursion, sort, backtracking, trees, and other fundamental data structures. They learn object-oriented programming and simple data structures. My role as TA includes holding weekly recitations, giving feedback on assignments, etc.

    Since 2016 I am the head TA in this course. In 2017, we successfully integrated codeboard as the submission platform for student assignments.

  • Ubiquitous Computing Seminar - Fall 2014*, 2015*
  • In this class, students learn how to conduct scientific research, by reading papers and writing an overview seminar paper.
* head TA: involves interviewing and hiring student TAs and coordinating the tutorials. In Informatics II 2017, we have more than 350 students and 14 TA.


Summary of mentored student projects and student theses at ETH Zurich.

Type Title Student Supervisor Semester
M Key Distribution and Management for Efficient Key Updates and Sharing of IoT Data Jason Friedman Hossein Shafagh
Lukas Burkhalter
SS 18
M Modular and Scalable Encrypted Time Series Data Processing Simon Peyer Hossein Shafagh
Lukas Burkhalter
SS 18
M Secure Sharing and Querying of Multidimensional Time-series Data Misels Kaporins Hossein Shafagh
Anwar Hithnawi
AS 17
M Towards Blockchain-based Auditable Storage and Sharing of IoT Data Lukas Burkhalter Hossein Shafagh
Anwar Hithnawi
M Privacy-Preserving Cloud Computation using Fully Homomorphic Encryption Alexander Viand Hossein Shafagh SS17
L Proximity-based Authentication via Ambient RF Noise Jakob Hasse Hossein Shafagh AS16
M Secure Analysis of Encrypted IoT Data Pascal Fischli Hossein Shafagh SS16
L Developing IoT Applications on top of Encrypted Data Lukas Burkhalter,
Alexander Viand
Hossein Shafagh AS15
M A Public-key Cryptography Framework for the Internet of Things Andreas Droescher Hossein Shafagh SS15
M Proximity-based Authentication for the Internet of Things Dominic Plangger Hossein Shafagh
Anwar Hithnawi
B Encrypted Data Processing for the Internet of Things: User’s Perspective Lukas Burkhalter Hossein Shafagh
Anwar Hithnawi
B Understanding the Impact of Cross Technology Interference
on Low-power Wireless Networks
Jan Wolf Anwar Hithnawi
Hossein Shafagh