Kris Kwiatkowski is a Cryptography Engineer who focuses on problems at the intersection of cryptographic research and the implementation. Currently, at PQShield, he is responsible for implementation of post-quantum cryptographic primitives and helping organizations migrate from classical to post-quantum cryptosystems. With a career spanning over 15 years, Kris worked on a variety of topics related to cryptography, communication and software security from small embedded systems to large, distributed backend systems.
MSc in Pure Mathematics, 2006
Poznan University of Technology, Poznań, Poland
Computer System Architecture & Design, 2007
AGH University of Science and Technology, Kraków, Poland
Working as a Cryptography Engineer responsible for software implementation of cryptographic primitives.
Working as a Cryptography Engineer in Cloudflare’s Technology Research team. Most of the activities were around implementing improvements to the TLS stack as well as the implementation of Proof of Concepts in the area of post-quantum cryptography (isogeny based).
I was part of the team working on an implementation of the Trusted Execution Environment (TEE) based on ARM TrustZone technology. My responsibility was the implementation of cryptographic components and security validation of various parts of the system.
Responsible for maintaining and implementing various functionalities in the Amadeus core system security and communication framework (C++ based). Focusing mainly on security and stability of TLS connections, performance optimization, improvements to failure resilience of high-availability components.
Implementation of OpenSSL ENGINE for OpenVPN with key storage secured by ARM TrustZone
CIRCL is a collection of cryptographic primitives written in Go.
During presentation author discusses concept and building blocks used while building cryptographic module supporting hybrid, quantum-safe TLS v1.3 key exchange. Author provides a recepie to make the construction FIPS-certifiable, even before post-quantum KEMs are FIPS-approved.
GlobalPlatform monitors activities around post-quantum cryptography. NIST has published the PQC Round 3 “final” candidates. Following the ANSSI presentation, PQShield will present an update on IETF and ETSI CYBER activities, especially considering TLS 1.3, hybrid modes and schemes in the NIST PQC Round 3.
The presentation introduces cryptographic libraries and tools useful during migration to next-gen cryptographic systems, resistant to potential attacks from quantum computers. Some basic concepts behind post-quantum cryptography are introduced during that presentation. The presentation was done in the Polish language, for the Polish Association of C++ programmers.
In this work, we first provide a simple and efficient generic construction of mKEM that can be instantiated from versatile assumptions, including post-quantum ones. We then study these mKEM instantiations at a practical level using 8 post-quantum KEMs and show that compared to the trivial solution, our mKEM offers savings of at least one order of magnitude in the bandwidth.
Recently Cloudflare announced a wide-scale post-quantum experiment that was conducted in cooperation with Google. We focused on using post-quantum key exchange algorithms by real clients for the TLS session establishment over real networks. Our goal was to find most suitable quantum-resistant key exchange algorithm to be used on the Internet as well as understand difficulties related to deployment of post-quantum cryptography.
Reviewing submissions