Feng Hao

Feng Hao is the Professor of Security Engineering and Head of the Systems & Security research theme at the Department of Computer Science, University of Warwick. He graduated with a PhD in the Security Group from the Computer Laboratory, University of Cambridge, under the joint supervision of Prof Ross Anderson and Prof John Daugman. After working in the security industry for six years, Feng joined Newcastle University Computing Science as a lecturer in December 2010, then a reader in 2014 and a professor in 2018 before moving to his current post. With Peter Ryan, he co-edited Real-World Electronic Voting: Design, Analysis and Deployment (2016, CRC Press, in Amazon).

Feng’s research interest (and that of his research team) is primarily driven by tackling real-world security problems. With his former PhD advisers (Ross Anderson and John Daugman), he proposed the first solution to combine iris biometrics and cryptography, the two complementary security technologies. Their paper “Combining crypto with biometrics effectively” (IEEE Trans. on Computers, 2006) is ranked the top among the Google Scholar Classic Papers in the category of Computer Security & Cryptography. With colleagues, Feng designed a few cryptographic protocols: AV-net (so far the most efficient solution to the Dining Cryptographers problem), YAK (a PKI-based authenticated key exchange protocol that has stood against all attacks since 2010), J-PAKE (a password authenticated key exchange protocol that has been adopted as a de facto standard for IoT device enrollment, and standardized internationally in ISO/IEC 11770-4), Open Vote network (so far the most efficient decentralized e-voting protocol in terms of rounds, computation and bandwidth), DRE-i (the first E2E verifiable e-voting system without tallying authorities), DRE-ip (an alternative design to DRE-i based on a different real-time computation strategy) and SEAL (so far the most efficient decentralised e-auction protocol). So far, none of these protocols have been broken. With Siamak Shahandashti, Feng found and fixed security weaknesses in SPEKE, a password-authenticated key exchange protocol that has been standardized in IEEE P1363.2 and ISO/IEC 11770-4. The attacks have been acknowledged by ISO/IEC SC 27 Work Group 2 and the standard has been revised in 2017 to incorporate their proposed fix.

Protocols designed by Feng have been applied in practice. In particular, J-PAKE has been used in Palemoon sync, NXP Thread, ARM mbed, OpenThread, Nest Guard, Nest Detect, Bouncycastle, and adopted by Thread Group as an open industry standard for the IoT commissioning process, and standardized internationally in ISO/IEC 11770-4:2017 and in RFC 8236 (together with RFC 8235).

Feng will join us to discuss the application of cryptographic techniques to verifying the identity of phone callers.

Feng appears in: