Mayank Varia | Cryptographer

About Me

My research interests span theoretical and applied cryptography and its applications throughout and beyond computing & data sciences. In my research, I often:

Design and develop crypto algorithms with provable, composable security guarantees
Deploy privacy-respecting systems for data scientists to work with data they cannot see
Examine the social aspects of cryptography, including its impacts on law and public policy

I work as an Associate Professor in the Faculty of Computing & Data Sciences (CDS) at Boston University. I serve as director of the CDS Hub for Civic Tech Impact, co-director of BU’s Center for Reliable Information Systems & Cyber Security (RISCS), member of the BU Security Group, and member of the Cyber Security, Law, and Society Alliance. I am also an affiliate of BU’s Computer Science department. My office is located on the 13th floor of BU’s new jenga building.

I received a PhD in Mathematics from MIT in 2010, and a BSE from Duke University in 2005.

News

2025: Member of the IACR Board of Directors, received Best Paper award at CS&Law 2025
2024: Hosting Dan Roche as a visiting professor at BU
2023: Received CDS Distinguished Leadership Award and a Hariri Institute Innovation Award
2022: Hosted Civic Voices event to discuss tech policy with two U.S. Representatives
2021: Moved to BU CDS as an Associate Professor, and received tenure
2020: General chair of IEEE CSF 2020, and PI of a $4M DARPA SIEVE grant
2019: Featured in BU’s Annual Report and a BU Research video
2018: Moved to BU Computer Science as a Research Associate Professor
2017: Received two NSF grants for $1.5M to design, develop, and apply MPC in practice
2016: Created two courses, appointed as BU RISCS co-director and MIT research affiliate
2015: Joined BU’s Hariri Institute as Director of Research for the $10M MACS Frontier grant

Applying to work with me

Boston University has vibrant communities in cybersecurity, data science, and theoretical computer science. It is recognized as a Center of Academic Excellence in Cyber Defense and Research. If you want to work on a research project under my mentorship, then please follow these instructions.

If you are a current BU undergraduate or MS student: register for a cryptography course such as Crypto for Data Science or Fundamentals of Cryptography, and consider attending some BUSec seminars. These are the best ways to develop your skills and determine your interest level in cryptography. Then, write me an email describing your interests, and I will see if I have an ongoing or forthcoming research project where you can contribute.
If you are not a current BU student: apply to the BU CDS PhD program. I will read your application if you clearly state my name as a potential advisor (but I am unlikely to respond to emails about this competitive program). Describe your prior work and future interests clearly in your research statement. I’m looking for students with a strong grasp of math fundamentals including writing proofs, some exposure to crypto or theoretical computer science, and an enthusiasm to find new ways to apply cryptographic tools in society. Interest in other social, natural, computational, or data sciences is a plus since I enjoy interdisciplinary research.

If you are a current BU student and would like to serve as a course assistant: please submit a TF/TA Application if you are a graduate student, or a CA Application if you are an undergraduate student.

Teaching

I have taught several courses at Boston University. Some have been co-taught with my colleagues: Azer Bestavros, Ran Canetti, Gabe Kaptchuk, Andrei Lapets, and Andy Sellars.

Crypto for Data Science (DS 653): spring 2023, 2024, 2025
Foundations of Data Science II (DS 121): spring 2022 and fall 2022, 2023, 2024
Law and Algorithms (DS 657 / JD 673): spring 2023, 2024
Applied Cryptography (CS 568): spring 2016, 2017, 2018, 2019, 2020
MPC at Scale (CS 591): fall 2016, 2017

Advising

I am fortunate to work with an excellent group of graduate and undergraduate students.

Current advisees

Postdoctoral scholar

Alishah Chator. Accepted an Assistant Professor position at Baruch College.

PhD students

Julie Ha
Ryan Little
Eli Baum, co-advising with John Liagouris
Sam Buxbaum, co-advising with John Liagouris
Julia Guskind, co-advising with Leo Reyzin
René Reyes, co-advising with Leo Reyzin

Undergraduate student

Annie (Ting Chien) Huang ✨ applying to PhD programs! ✨

Alums

PhD alums

Sarah Scheffler (2021, thesis). Now an Assistant Professor at Carnegie Mellon University.
Rawane Issa (2022, thesis). Now a researcher at Galois.
Nicolas Alhaddad (2024). Currently a postdoc with Eran Tromer.

MS alums

Yang Yang (2013, thesis), co-advised with Ron Rivest.

Selected undergraduate alums

Kyle Hogan (2017). Now a PhD student at MIT.
Ziling Yang (2021). Now a PhD student at UIUC.
Xinyuan Zhang (2021). Now a PhD student at Duke.
Julie Ha (2022). Now a PhD student at BU.

I have co-authored papers with undergraduate students that have been published at CANS 2016, CSF 2017, FC 2017, SecDev 2019, SOUPS 2019, STAST 2019, ACNS 2021, USENIX Security 2023, SIGMOD 2024, and the Journal of Young Investigators.

Media

Articles

I have written a few technology policy articles that are publicly available.

Lawfare: two articles (1, 2) and one podcast on crypto policy.
The Conversation piece describing the since-abandoned Apple PSI system.
Two responses (1, 2) to the U.S. government’s request for information about the future of privacy-enhancing technologies.

Additionally, others have written news articles and/or interviewed me about my research.

Popular press: The Boston Globe, BU Daily Free Press, CNET, Deseret News, Engadget, The Hill, The Register, TechCrunch, The Washington Post, WGBH News, and ZDNet (1, 2).
University press: BU Annual Report, BU’s The Brink (1, 2, 3, 4, 5), BU CDS blog (1, 2, 3, 4), MIT News (1, 2), and Northwestern Engineering.
Technology blogs: CCC blog, Millenium Alliance, The Morning Paper, and TrustedCI blog.

Videos

Here are a few of my invited conference and seminar talks, which are available to watch on YouTube.

EAAMO 2023 Keynote Talk - Cryptographically Protected Data Science For All
UN Webinar, Feb 2023 - Legal & Regulatory Issues Arising from the Use of PETs
Columbia Data for Good Seminar, March 2022 - Data Science Without Data
C3.ai Seminar, Aug 2021 - Cryptography and the Democratizing Power of Learning Nothing
DIMACS 2019 - Development of Usable, Scalable MPC
DP-MPC 2018 - A Survey of MPC Offerings
Enigma 2018 - Cryptographically Secure Data Analysis for Social Good

Service

Public service

Cryptography advisory board member, Project Callisto, 2017-present. Contributor to the cryptographic design of Callisto Vault.
Member, Privacy-Enhancing Technologies Task Team of the UN Committee of Experts on Big Data and Data Science for Official Statistics, 2019-present. Contributor to the 2023 UN PET Guide.
Committee member, Advisory Committee on Data for Evidence Building, 2020-2022. Contributor to the committee’s year 1 and year 2 reports.
Faculty mentor, Codebreakers: Cybersecurity for Young Women in High School, 2016-2021.

Conference and workshop organization

General chair, 44th Annual International Cryptology Conference (CRYPTO), August 2026
Local arrangements chair, 3rd ACM Symposium on Computer Science and Law, March 2024
General chair, 33rd IEEE Computer Security Foundations Symposium, June 2020
Co-organizer, DIMACS/MACS Workshop on Usable, Efficient, and Formally Verified Secure Computation, March 2019
Finance chair, 19th International Symposium on Stabilization, Safety, and Security of Distributed Systems, November 2017
Co-organizer, DIMACS/MACS Workshop on Cryptography for the RAM Model of Computation, June 2016
Co-organizer, Universal Composability hackathon, March 2016

Program committees

CSCML: 2025
CS Law: 2025
CSF: 2018, 2022, 2024, 2025
USENIX Security: 2021, 2022, 2023, 2024, 2025
CCSW: 2021, 2022, 2023, 2024
TPS: 2024
IEEE S&P / Oakland: 2020, 2023
CRYPTO: 2022
CCS: 2021
ICDCS: 2020
CANS: 2017

Research

Below, I describe some major themes of my research and provide links to selected peer-reviewed publications. You can find a list of all of my publications at DBLP and Google Scholar.

I deploy privacy-respecting systems in practice, with a focus on empowerment and ease of use.

Secure Account Recovery for a Privacy-Preserving Web Service. Ryan Little, Lucy Qin, Mayank Varia. USENIX Security 2024. [PDF] [BibTeX] [Code]
From Usability to Secure Computing and Back Again. Lucy Qin, Andrei Lapets, Frederick Jansen, Peter Flockhart, Kinan Dak Albab, Ira Globus-Harris, Shannon Roberts, Mayank Varia. SOUPS 2019. [PDF] [BibTeX] [Code]
Accessible Privacy-Preserving Web-Based Data Analysis for Assessing and Addressing Economic Inequalities. Andrei Lapets, Frederick Jansen, Kinan Dak Albab, Rawane Issa, Lucy Qin, Mayank Varia, Azer Bestavros. COMPASS 2018. [PDF] [BibTeX] [Code]
Callisto: A Cryptographic Approach to Detecting Serial Perpetrators of Sexual Misconduct. Anjana Rajan, Lucy Qin, David W. Archer, Dan Boneh, Tancrède Lepoint, Mayank Varia. COMPASS 2018. [PDF] [BibTeX]
User-centric distributed solutions for privacy-preserving analytics. Azer Bestavros, Andrei Lapets, Mayank Varia. Communications of the ACM 2017. [PDF] [BibTeX]

Secure Computing & Search

I develop cryptographic systems that allow people to collaboratively perform relational and time-series analysis of protected data.

TVA: A multi-party computation system for secure and expressive time series analytics. Muhammad Faisal, Jerry Zhang, John Liagouris, Vasiliki Kalavri, Mayank Varia. USENIX Security 2023. [PDF] [BibTeX] [Code]
Secrecy: Secure collaborative analytics in untrusted clouds. John Liagouris, Vasiliki Kalavri, Muhammad Faisal, Mayank Varia. NSDI 2023. [PDF] [BibTeX] [Code]
Conclave: Secure Multi-Party Computation on Big Data. Nikolaj Volgushev, Malte Schwarzkopf, Ben Getchell, Mayank Varia, Andrei Lapets, Azer Bestavros. EuroSys 2019. [PDF] [BibTeX]
SoK: Cryptographically Protected Database Search. Benjamin Fuller, Mayank Varia, Arkady Yerukhimovich, Emily Shen, Ariel Hamlin, Vijay Gadepally, Richard Shay, John Darby Mitchell, Robert K. Cunningham. IEEE Security & Privacy (Oakland) 2017. [PDF] [BibTeX]

Applied Cryptography

I design cryptographic protocols that are tailored to the functionality, security, and performance requirements of specific scenarios.

Hecate: Abuse Reporting in Secure Messengers with Sealed Sender. Rawane Issa, Nicolas Alhaddad, Mayank Varia. USENIX Security 2022. [PDF] [BibTeX] [Code]
Batched Differentially Private Information Retrieval. Kinan Dak Albab, Rawane Issa, Mayank Varia, Kalman Graffi. USENIX Security 2022. [PDF] [BibTeX] [Code]
(ε, δ)-Indistinguishable Mixing for Cryptocurrencies. Mingyu Liang, Ioanna Karantaidou, Foteini Baldimtsi, S. Dov Gordon, Mayank Varia. PETS 2022. [PDF] [BibTeX]
TurboIKOS: Improved Non-interactive Zero Knowledge and Post-Quantum Signatures. Yaron Gvili, Julie Ha, Sarah Scheffler, Mayank Varia, Ziling Yang, Xinyuan Zhang. ACNS 2021. [PDF] [BibTeX] [Code]
Secret Sharing MPC on FPGAs in the Datacenter. Pierre-Francois Wolfe, Rushi Patel, Robert Munafo, Mayank Varia, Martin C. Herbordt. FPL 2020. [PDF] [BibTeX]
Arithmetic and Boolean Secret Sharing MPC on FPGAs in the Data Center. Rushi Patel, Pierre-Francois Wolfe, Robert Munafo, Mayank Varia, Martin C. Herbordt. HPEC 2020. [PDF] [BibTeX]

Cryptography & Society, Law, and Policy

I examine the social impact of cryptography and the design of cryptosystems that achieve certain legal and policy objectives.

Murmurs of the Silenced: Secure Reporting of Misconduct Settlements. Peter K. Chan, Alyson Carrel, Mayank Varia, Xiao Wang. CSLaw 2025.
Can the Government Compel Decryption? Don't Trust — Verify. Aloni Cohen, Sarah Scheffler, Mayank Varia. CSLaw 2022. [PDF] [BibTeX]
Formalizing Human Ingenuity: A Quantitative Framework for Copyright Law's Substantial Similarity. Sarah Scheffler, Eran Tromer, Mayank Varia. CSLaw 2022. [PDF] [BibTeX]
Multi-Regulation Computing: Examining the Legal and Policy Questions That Arise From Secure Multiparty Computation. Julissa Milligan Walsh, Mayank Varia, Aloni Cohen, Andrew Sellars, Azer Bestavros. CSLaw 2022. [PDF] [BibTeX]
Protecting Cryptography Against Compelled Self-Incrimination. Sarah Scheffler, Mayank Varia. USENIX Security 2021. [PDF] [BibTeX] [Code]
A Cryptographic Airbag for Metadata: Protecting Business Records Against Unlimited Search and Seizure. Charles V. Wright, Mayank Varia. FOCI 2018. [PDF] [BibTeX]

Cryptographic & Distributed Algorithms

I study foundational crypto algorithms, including distributed algorithms that allow parties to reach consensus over an asynchronous network.

Haven++: Batched and Packed Dual-Threshold Asynchronous Complete Secret Sharing with Applications. Nicolas Alhaddad, Mayank Varia, Ziling Yang. Communications in Cryptology 2024. [PDF] [BibTeX]
Balanced Byzantine Reliable Broadcast with Near-Optimal Communication and Improved Computation. Nicolas Alhaddad, Sourav Das, Sisi Duan, Ling Ren, Mayank Varia, Zhuolun Xiang, Haibin Zhang. PODC 2022. [PDF] [BibTeX]
High-Threshold AVSS with Optimal Communication Complexity. Nicolas Alhaddad, Mayank Varia, Haibin Zhang. FC 2021. [PDF] [BibTeX]
BooLigero: Improved Sublinear Zero Knowledge Proofs for Boolean Circuits. Yaron Gvili, Sarah Scheffler, Mayank Varia. FC 2021. [PDF] [BibTeX]
Two-Server Distributed ORAM with Sublinear Computation and Constant Rounds. Ariel Hamlin, Mayank Varia. PKC 2021. [PDF] [BibTeX]
Bounded-Collusion Attribute-Based Encryption from Minimal Assumptions. Gene Itkis, Emily Shen, Mayank Varia, David Wilson, Arkady Yerukhimovich. PKC 2017. [PDF] [BibTeX]

Formal Analysis of Cryptosystems

I construct formal, composable proofs of security for cryptographic protocols and real-world systems.

Universally Composable End-to-End Secure Messaging. Ran Canetti, Palak Jain, Marika Swanberg, Mayank Varia. CRYPTO 2022. [PDF]
EasyUC: Using EasyCrypt to Mechanize Proofs of Universally Composable Security. Ran Canetti, Alley Stoughton, Mayank Varia. CSF 2019. [PDF] [BibTeX] [Code]
On the Universally Composable Security of OpenStack. Kyle Hogan, Hoda Maleki, Reza Rahaeimehr, Ran Canetti, Marten van Dijk, Jason Hennessey, Mayank Varia, Haibin Zhang. SecDev 2019. [PDF]
The Security of NTP's Datagram Protocol. Aanchal Malhotra, Matthew Van Gundy, Mayank Varia, Haydn Kennedy, Jonathan Gardner, Sharon Goldberg. FC 2017. [PDF]
A Universally Composable Treatment of Network Time. Ran Canetti, Kyle Hogan, Aanchal Malhotra, Mayank Varia. CSF 2017. [PDF]
Mechanizing the Proof of Adaptive, Information-Theoretic Security of Cryptographic Protocols in the Random Oracle Model. Alley Stoughton, Mayank Varia. CSF 2017. [PDF] [BibTeX] [Code]

Privacy & Inference

I find information theoretic bounds on data reconstruction attacks, and characterize the tradeoffs between privacy and utility.

Privacy With Estimation Guarantees. Hao Wang, Lisa Vo, Flávio P. Calmon, Muriel Médard, Ken R. Duffy, Mayank Varia. IEEE Transactions in Information Theory 2019. [PDF] [BibTeX]
Principal Inertia Components and Applications. Flávio P. Calmon, Ali Makhdoumi, Muriel Médard, Mayank Varia, Mark Christiansen, Ken R. Duffy. IEEE Transactions in Information Theory 2017. [PDF] [BibTeX]
On Information-Theoretic Metrics for Symmetric-Key Encryption and Privacy. Flávio P. Calmon, Mayank Varia, Muriel Médard. Allerton 2014. [PDF] [BibTeX]
Bounds on inference. Flávio P. Calmon, Mayank Varia, Muriel Médard, Mark M. Christiansen, Ken R. Duffy, Stefano Tessaro. Allerton 2013. [PDF] [BibTeX]

Program Obfuscation

My PhD thesis provides concrete methods to obfuscate computer programs in a provably secure, virtual black-box manner while preserving their functionality.

Obfuscation of Hyperplane Membership. Ran Canetti, Guy N. Rothblum, Mayank Varia. TCC 2010. [PDF] [BibTeX]
On Symmetric Encryption and Point Obfuscation. Ran Canetti, Yael Tauman Kalai, Mayank Varia, Daniel Wichs. TCC 2010. [PDF] [BibTeX]
Non-Malleable Obfuscation. Ran Canetti, Mayank Varia. TCC 2009. [PDF] [BibTeX]

Grant Awards

I am grateful for the research support provided by the following organizations.

National Science Foundation: Grants 1414119, 1718135, 1739000, 1801564, 1915763, 1931714, 1955579, 2209194, 2217770, and 2228610
DARPA: HARDEN (Contract N66001-22-C-4020), SIEVE (Agreement HR00112020021), and Brandeis (Contract N66001-15-C-407)
Honda Research Institute Europe
Massachusetts Technology Collaborative
Red Hat Collaboratory
Robert Bosch GmbH
Zcash Foundation
BU Hariri Focused Research Programs: Mobile Health Analysis, Datacenter Energy Analytics
BU Hariri Data Privacy Collaborative