Profile picture

About

 

I'm currently a graduate student pursuing a PhD in Computer Science at Johns Hopkins University in Baltimore, MD. I work in the ARC and SPAR labs, my advisor is Dr. Matthew Green, and my research is generally in the fields of applied cryptography, information security, systems, and computer science education. I earned my MSE degree in Computer Science from Johns Hopkins in August, 2020. I completed my undergraduate studies at California Polytechnic State University San Luis Obispo in 2018, with a BS in Computer Science and a minor in Mathematics. Outside of the lab I enjoy social dance and getting outdoors.

Contact

 

I can be reached via email at zinkus@cs.jhu.edu. If encryption is needed, I use Signal: introduce yourself and we can exchange contacts from there.

Publication in the Theory of Cryptography Conference (IACR TCC)

August 2022

 

Our paper on creating One-Time Programs from Commodity Hardware was accepted for publication at TCC 2022! We will be presenting it at the Chicago conference in November this year. The paper develops cryptographic theory for realizing one-time programs (and therefore neat things like program obfuscation) from commodity hardware -- specifically, secure hardware which includes a tamper-resistant and cryptographically sound hardware counter, which has emerged in commodity systems ranging from iPhones to Intel SGX servers to Apple's iCloud Keychain and Google's Titan HSM-based backup system. A version of the paper is available here.

J.L. Moore Fellowship

June 2022

 

The Computer Science department of California Polytechnic State University at San Luis Obispo (Cal Poly SLO) named me a J.L. Moore Fellow! This fellowship is accompanied by a $10,000 award for my ongoing research and progress through the Doctoral degree.

WIRED Article on iOS App Privacy Reports

January 2022

 

I was quoted in an article by Lily Hay Newman for WIRED on the use and implications of the App Privacy Report feature of iOS 15. In it, I discuss potential indicators of spyware based on the App Privacy Reports, and the relative value of the various sections of the report. The article can be found here.

Publication in the Privacy Enhancing Technologies Symposium (PETS)

November 2021

 

Our Systemization of Knowledge paper SoK: Cryptographic Confidentiality of Data on Mobile Devices was accepted for publication in PETS 2022 Issue 1! A preprint of this work can be found here.

Secure Phones Project Featured in WIRED and Forbes

February 2021

 

Our recent work on the forensic security of mobile devices was featured in WIRED and Forbes! Thank you to Lily Hay Newman and Thomas Brewster for their reporting, and additionally to the DevNews podcast for hosting my co-author Tushar Jois and I to discuss mobile data security and our work.

securephones.io

November 2020

 

Along with my advisor Dr. Green and fellow student Tushar Jois, I released the full version and accompanying website of our report on the security and privacy of data on mobile devices, specifically iOS and Android phones. To read a summary or the full report, visit our site.

University of Florida News Article on Voter Suppression

October 2020

 

I was interviewed by Ted Bridis who worked with a reporter for Fresh Take Florida, a University of Florida College of Journalism and Communications news service, to publish an article in which I was quoted. I did some forensic network analysis to trace the sender(s) of a bulk email which threatened voters in Florida, which turned out to be part of a larger operation reportedly by Iran to seed chaos in the US election by influencing voters. The article can be found here.

Publication in USENIX Security 2020

February 2020

 

Gabrielle Beck and I had our first project under Dr. Green accepted for publication at the USENIX Security Symposium! In this work we branched into a developing area in constraint programming and satisfiability to apply a Max#SAT solver to the automation of developing novel padding oracle attacks before generalizing our work to arbitrary format oracles. The goal of the tool we created is to enable automatic development of end-to-end exploits for Chosen Ciphertext attacks in order to strengthen arguments for switching to authenticated encryption (despite being well-accepted, authenticated encryption is neglected by a startling number of systems!). A version of this work is available here.

Publication in IEEE Global Communications 2019

December 2019

 

Along with two excellent professors at Cal Poly SLO, Drs. DeBruhl and Khosmood, I developed an ultra-lightweight probabilistic intrusion detection system designed for IoT use cases, and performed end-to-end evaluation using a testbed of real IoT devices. As part of this work, we explored novel compressing non-cryptographic hash functions and their application to IDS. This work has been accepted for publication at GlobeCom 2019. A version of the paper is available here.

Publication in ACM SIGCSE 2019

January 2019

 

Along with my co-authors, I've had a paper accepted at ACM SIGCSE (Computer Science Education) 2019! Our work was on a project we called Fakesbook, a platform we designed, implemented, and used to teach computer security and privacy to students of various ages in middle and high school. A version of the paper is available here.

Publication in the Journal of Computing Sciences in Colleges 2018

April 2018

 

We were accepted for publication and to present our work developing, executing, and evaluating an experimental course which intersected technical privacy with policy and critical analysis. Additionally, this work included an exhaustive survey of almost 300 US ABET-accredited universities to demonstrate need for technical privacy education focused toward computer science (and similar) students. A version of the paper is available here.