I am a software engineer at Novi Financial, a subsidiary of Facebook, where I work on the Diem blockchain / payment network. Between my love of understanding how things work and then making them better, I've gained two accolades: one of four Diem mainatainers and the top contributor to the core software. Though I expect that my top contributor status will shortly vanish as I spend more time focused on establishing principles for integrating into Diem as a payment network and how Diem contributes back to the broader crypto community.
My adult life began at the University of Florida's Electrical and Computer Engineering Department in August 2001. I obtainied a bachelors of science degree in the spring of 2005, masters of science degree in the spring of 2007, and finished my doctorate of philosophy in May 2011. My adviser was Professor Renato Figueiredo, whom I began working with in the spring of 2006 at the Advanced Computing and Information Systems Lab. I left the University of Florida to work with Professor Bryan Ford, first as a Postdoctorate Researcher and then as Research Scientist, in the dedis group at Yale University. After nearly 15 years in academia, I finally began to explore the world outside, where I joined Facebook.
My PhD focused on network virtualization using structured P2P overlays and grid computing. My networking research has been realized in IPOP, a free (BSD) network virtualization software. I have built systems supporting DHTs, decentralized NAT traversal, software models for improved network virtualization, and autonomic virtual networking stacks (DHCP, DNS, etc). This work is a major contribution to my grid computing research focus, Grid Appliance, which enables the creation of decentralized, distributed grids using virtualized, physical, and cloud resources. In paper at SC'09, I demonstrated one of the first examples of combining resources across clouds into a common LAN using virtual networking. I also spent significant time experimenting securing P2P systems with DTLS and an Photuris derived security specification, experience leveraged in my work on security, privacy, and anonymity a Yale.
As a Research Scientist at Yale, I explored new research areas in security, privacy, and anonymity. Much of my effort has been in designing and developing Dissent, an anonymous group communication system. The initial thrust has been getting a reasonable software foundation available. The research behind this software, OSDI'12 improved the scalibility of strong anonymous group communication by two orders of magnitude greater than previous work. With more users come more problems, to address denial of service attacks, we designed and implemented mechanism that uses zero-knowledge proofs to prevent jamming while still maintaining the provable anonymity guarantees, USENIX SEC'13. Despite the promises of strong anonymity, an adversary can easily correlate message across anonymous exchanges to determine the party responsible. To prevent these type of intersection or correlation attacks, we introduced Buddies, CCS'13. In Buddies, anonymous communication servers ensure that all active anonymous communication streams can be potentially owned by at least K users, such that, even a global active adversary could not further reduce the set. We are currently investigating potential deployment models for Dissent and, in general, hardening anonymous communication systems using a strong anonymous environment called WiNoN. We also making efforts to deal with liveness of servers in Dissent and other similar systems.
At Yale, I was fortunate to work with many different students on projects including anonymous authentication, biometric authentication, and cloud reliability. We explored at two aspects of anonymous communications: bootstrapping them in CryptoBook and a composite theoretical approach that offers a unique set of features in DAGA. CryptoBook takes an existing federated login system, like Facebook, and creates anonymous identities who remain anonymous even among users who have not used CryptoBook. DAGA, or deniable anonymous group authentication, combines anonymity, linkability, and deniability, so that a user can be authenticated across multiple session as the same anonymous user without fear that his compromised key could trace him back to any of his earlier authentications. In the biometric authentication project, we are designing and implementing a novel approach to biometric authentication that never requires the user to divulge his biometrics to the authenticating source. Finally, in the cloud reliability project, we have been investigating structural reliability auditing as a means to detect potential correlated failures before they occur.
During my free time, I enjoy running, explore stocks, and more often than I'd like to admit play video games. I have done the Insanity Workout several times, I cannot recommend it enough as both a great way to get in shape but also amazing positive reinforcement. When I'm not running or flingging my body around, I enjoy sweets with my wife, Xiaofei. At one point, I was ranked in the top 20 on the US East Warcraft III Free For All Ladder.