About

I am an Assistant Professor in the department of Computer Science @ Virginia Tech and a CCI Researcher. Prior to joining VT, I was a Postdoctoral Fellow @ Carnegie Mellon University (CMU) hosted by Prof. Elaine Shi and a Research Associate @ University of South Florida (USF) hosted by Prof. Attila A. Yavuz. I received my PhD degree from USF in August 2020. My research spans the domains of cybersecurity and applied cryptography. I am interested in privacy, secure and verifiable computation, zero-knowledge proof, fuzzy cryptography, and trustworthy machine learning.

Research topics

• Computer Science
• Artificial Intelligence
• Computer Security
• Embedded system
• Database
• Distributed computing
• Computer network
• Speech recognition
• Operating system

Selected publications

• AccuRevoke: Enhancing Certificate Revocation with Distributed Cryptographic Accumulators

  2025-05-12

  articleSenior author

  Certificate revocation is essential for maintaining the security of the Public Key Infrastructure (PKI), ensuring that compromised or untrustworthy certificates are invalidated promptly. Traditional revocation mechanisms like Certificate Revocation Lists (CRLs) and the Online Certificate Status Protocol (OCSP) face significant challenges, including scalability issues, high bandwidth consumption, privacy concerns, and reliance on centralized infrastructure that can become points of failure. In this paper, we introduce AccuRevoke, a novel revocation scheme that leverages cryptographic accumulators and edge computing to address these challenges effectively. Accu Revoke enables clients to verify the revocation status of certificates efficiently without the need to contact Certificate Authorities (CAs) directly for each validation. By utilizing distributed accumulators and threshold cryptography, Accu Revoke ensures authenticity and integrity of revocation information, even when responses are generated by third-party Edge Compute Providers (ECPs). Our scheme significantly reduces bandwidth consumption by providing compact revocation proofs-approximately 21 bytes for membership proofs and 61 bytes for non-membership proofs-which are substantially smaller than traditional OCSP responses. To further optimize performance, especially in generating non-membership witnesses, we employ GPU acceleration, achieving considerable improvements in processing times. We compare AccuRevoke with existing revocation mechanisms, demonstrating advantages in bandwidth efficiency, reliability, auditability, and potential enhancements in privacy. Our evaluation shows that Accu Revoke offers a scalable and practical solution for revocation checking, improving the security and performance of TLSIPKI deployments. We plan to open-source our design and implementation to facilitate adoption and encourage further research in this area.

  PublisherDOI

• Local Differential Privacy for Federated Learning with Fixed Memory Usage and Per-Client Privacy

  ArXiv.org · 2025-10-14

  preprintOpen accessSenior author

  Federated learning (FL) enables organizations to collaboratively train models without sharing their datasets. Despite this advantage, recent studies show that both client updates and the global model can leak private information, limiting adoption in sensitive domains such as healthcare. Local differential privacy (LDP) offers strong protection by letting each participant privatize updates before transmission. However, existing LDP methods were designed for centralized training and introduce challenges in FL, including high resource demands that can cause client dropouts and the lack of reliable privacy guarantees under asynchronous participation. These issues undermine model generalizability, fairness, and compliance with regulations such as HIPAA and GDPR. To address them, we propose L-RDP, a DP method designed for LDP that ensures constant, lower memory usage to reduce dropouts and provides rigorous per-client privacy guarantees by accounting for intermittent participation.

  PublisherOA PDFDOI

• Zero-Knowledge AI Inference with High Precision

  2025-11-19

  articleOpen accessSenior author

  Artificial Intelligence as a Service (AIaaS) enables users to query a model hosted by a service provider and receive inference results from a pre-trained model. Although AIaaS makes artificial intelligence more accessible, particularly for resource-limited users, it also raises verifiability and privacy concerns for the client and server, respectively. While zero-knowledge proof techniques can address these concerns simultaneously, they incur high proving costs due to the non-linear operations involved in AI inference and suffer from precision loss because they rely on fixed-point representations to model real numbers.

  PublisherOA PDFDOI

• Client-Efficient Online-Offline Private Information Retrieval

  Proceedings on Privacy Enhancing Technologies · 2025-05-19 · 1 citations

  articleOpen accessSenior author

  Private Information Retrieval (PIR) permits clients to query data entries from a public database hosted on untrusted servers while preserving client privacy. Traditional PIR models suffer from high computation and/or bandwidth overhead due to linear database processing. Recently, Online-Offline PIR (OO-PIR) has been proposed to improve PIR practicality by precomputing query-independent materials to accelerate online access. While state-of-the-art OO-PIR schemes (e.g., S&P’24, CRYPTO’23) successfully reduce online processing cost to sublinear levels, they still impose substantial bandwidth and storage burdens on the client, especially when operating on large databases. In this paper, we propose Pirex, a new two-server OO-PIR scheme with semi-honest security that offers minimal client-side inbound bandwidth and storage costs while retaining sublinear processing efficiency. The Pirex design is simple, with most operations being naturally low-cost and streamlined (e.g., XOR, PRF, modular arithmetic). We have fully implemented Pirex and evaluated its real-world performance using commodity hardware. Our results show that Pirex outperforms existing OO-PIR schemes by at least two orders of magnitude. With a 1 TB database, Pirex takes only 55 ms to retrieve a 4 KB entry, compared to 9–30 seconds for state-of-the-art approaches. For practical databases with billions of 4 KB entries, Pirex requires just 16 KB of inbound bandwidth—up to three orders of magnitude more efficient.

  PublisherDOI

• Research on Application of Artificial Intelligence to Support Autonomous Vehicles

  Proceedings in Technology Transfer · 2025-10-25

  book-chapter
  PublisherDOI

• RF-Oriented 3D-Printing: New Materials, Advanced Printing Techniques, and Novel Antenna Concepts

  2025-03-30

  article1st authorCorresponding

  In recent years, numerous 3D-printed microwave and antenna components have been successfully demonstrated in both research and industrial context, highlighting the potential of this manufacturing technique to inspire innovative designs in wireless systems. This contribution will explore innovations in antennas and artificially engineered materials, encompassing novel materials specifically designed for RF applications, advanced printing techniques, and innovative antenna concepts.

  PublisherDOI

• Low-Profile Risley Scanner using Dielectric Nonlocal Metasurfaces for Ka-Band SATCOM Applications

  2025-03-30

  articleOpen access1st authorCorresponding

  2D beam steering is a crucial requirement for wireless communication systems in many modern and emerging applications that involve moving platforms. The mechanical scanning technique using two independently rotating deflectors, known as the Risley-prism concept, has emerged as a promising solution for cost-effective applications. Conventionally, both upper and lower deflectors are based on local metasurfaces, in which the deflection function is designed using a phase transformation generated by locally varying the dimensions of the patterns in each unit cell. In this contribution, a new design approach is applied by exploiting dielectric nonlocal metasurfaces, considering the interactions among adjacent subwavelength elements to shape the overall effective far-field response. Simulation results of a finite structure of 260 mm diameter, operating at Ka-band, are presented, demonstrating the potential of this new design approach.

  PublisherOA PDFDOI

• Efficient Secure Aggregation for Privacy-Preserving Federated Machine Learning

  2024-12-09 · 7 citations

  articleSenior author

  Secure aggregation protocols ensure the privacy of users’ data in federated learning by preventing the disclosure of local gradients. Many existing protocols impose significant communication and computational burdens on participants and may not efficiently handle the large update vectors typical of machine learning models. Correspondingly, we present e-SeaFL, an efficient verifiable secure aggregation protocol taking only one communication round during the aggregation phase. e-SeaFL allows the aggregation server to generate proof of honest aggregation to participants via authenticated homomorphic vector commitments. Our core idea is the use of assisting nodes to help the aggregation server, under similar trust assumptions existing works place upon the participating users. Our experiments show that the user enjoys an order of magnitude efficiency improvement over the state-of-the-art (IEEE S&P 2023) for large gradient vectors with thousands of parameters. Our open-source implementation is available at https://github.com/vt-asaplab/e-SeaFL.

  PublisherDOI

• Exploiting Update Leakage in Searchable Symmetric Encryption

  2024-06-10 · 4 citations

  articleOpen accessSenior author

  Dynamic Searchable Symmetric Encryption (DSSE) provides efficient techniques for securely searching and updating an encrypted database. However, efficient DSSE schemes leak some sensitive information to the server. Recent works have implemented forward and backward privacy as security properties to reduce the amount of information leaked during update operations. Many attacks have shown that leakage from search operations can be abused to compromise the privacy of client queries. However, the attack literature has not rigorously investigated techniques to abuse update leakage.

  PublisherOA PDFDOI

• Privacy-Preserving Verifiable Neural Network Inference Service

  2024-12-09 · 4 citations

  articleSenior author

  Machine learning has revolutionized data analysis and pattern recognition, but its resource-intensive training has limited accessibility. Machine Learning as a Service (MLaaS) simplifies this by enabling users to delegate their data samples to an MLaaS provider and obtain the inference result using a pre-trained model. Despite its convenience, leveraging MLaaS poses significant privacy and reliability concerns to the client. Specifically, sensitive information from the client inquiry data can be leaked to an adversarial MLaaS provider. Meanwhile, the lack of a verifiability guarantee can potentially result in biased inference results or even unfair payment issues. While existing trustworthy machine learning techniques, such as those relying on verifiable computation or secure computation, offer solutions to privacy and reliability concerns, they fall short of simultaneously protecting the privacy of client data and providing provable inference verifiabilityIn this paper, we propose vPIN, a privacy-preserving and verifiable CNN inference scheme that preserves privacy for client data samples while ensuring verifiability for the inference. vPIN makes use of partial homomorphic encryption and commit-and-prove succinct non-interactive argument of knowledge techniques to achieve desirable security properties. In vPIN, we develop various optimization techniques to minimize the proving circuit for homomorphic inference evaluation thereby, improving the efficiency and performance of our technique. We fully implemented and evaluated our vPIN scheme on standard datasets (e.g., MNIST, CIFAR-10). Our experimental results show that vPIN achieves high efficiency in terms of proving time, verification time, and proof size, while providing client data privacy guarantees and provable verifiability.

  PublisherDOI

Frequent coauthors

• Attila A. Yavuz

  39 shared

• Jorge Guajardo

  21 shared

• Deokjai Choi

  Chonnam National University

  13 shared

• Thuc D. Nguyen

  12 shared

• Elaine Shi

  10 shared

• Pengzhi Huang

  Cornell University

  10 shared

• Weikeng Chen

  University of California, Berkeley

  9 shared

• Lê Thanh Tùng

  Carl von Ossietzky Universität Oldenburg

  9 shared

Labs

• Thang Hoang LabPI

Education

• Ph.D.

  University of South Florida

  2020

• M.S.

  Chonnam National University

  2014

• B.S.

  University of Science, VNU-HCMC

  2010

Awards & honors

• Prabuddha De Best Paper Award at WITS 2025