CV
Research Interests
My research interests are in the intersection of applied cryptography, system security, and privacy. I am excited about using mathematical techniques for cryptanalysis. I leverage attacks to identify the root causes of cryptography failures in practice, and then build or improve systems to address these failures.
Education
- MSc ETH Zurich – EPF Lausanne in Computer Science Major in Cyber Security (short: MSc ETH EPF CS)
- BSc ETH Zurich in Computer Science (short: BSc ETH CS)
Ongoing:
- PhD at UCSD advised by Nadia Heninger (Fall 2022 - today)
Publications
Papers published in peer-reviewed proceedings:
- Chengsong Diao*, Danielle Dang, Sierra Lira, Angela Tsai, Miro Haller, and Nadia Heninger (2025). "No Key, No Problem: Vulnerabilities in Master Lock Smart Locks". USENIX WOOT 2025.
- Matilda Backendal*, Hannah Davis, Felix Günther, Miro Haller*, Kenneth G. Paterson. (2024). "A Formal Treatment of End-to-End Encrypted Cloud Storage". Crypto 2024
- Matteo Scarlata*, Matilda Backendal, Miro Haller. (2024). "MFKDF: Multiple Factors Knocked Down Flat". USENIX Security 2024
- Sharon Goldberg, Miro Haller*, Nadia Heninger*, Mike Milano, Dan Shumow, Marc Stevens, Adam Suhl*. (2024). "RADIUS/UDP considered harmful". USENIX Security 2024
- Alex Bellon, Miro Haller*, Andrey Labunets, Enze Liu, and Stefan Savage. (2025). "An Empirical Analysis on the Use and Reporting of National Security Letters". CSLAW 2025
- Alexander Viand*, Patrick Jattke, Miro Haller, Anwar Hithnawi. (2023). "HECO: Fully Homomorphic Encryption Compiler". USENIX Security 2023.
- Martin R. Albrecht, Miro Haller, Lenka Mareková*, Kenneth G. Paterson. (2023). "Caveat Implementor! Key Recovery Attacks on MEGA". Eurocrypt 2023.
- Matilda Backendal, Miro Haller* and Kenneth G. Paterson. (2023). "MEGA: Malleable Encryption Goes Awry". IEEE S&P 2023.
- Ivan Puddu*, Moritz Schneider, Miro Haller, Srdjan Čapkun. (2021). "Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend". USENIX Security 2021.
Unreviewed/pre-print papers:
- Matilda Backendal, David Balbás, and Miro Haller. (2025). "Group Key Progression: Strong Security for Shared Persistent Data". preprint
Articles:
- M. Backendal, M. Haller, K. G. Paterson, "End-to-End Encrypted Cloud Storage" IEEE Security & Privacy Magazine
*first author(s)
Talks
- A Formal Treatment of End-to-End Encrypted Cloud Storage
- RSA Conference 2025
- RealWorldCrypto 2025
- CRYPTO 2024
- Berkeley Security Seminar
- Trails of Bits
- UMD Crypto Reading Group
- Apple
- MIT Security Seminar
- Amazon AWS
- Blast-RADIUS: Breaking Enterprise Authentication
- RealWorldCrypto 2025
- BlackHat Europe 2024
- IETF meeting 120
- UCSD Security Seminar
- CNS Research Review 2025
- MFKDF: Multiple Factors Knocked Down Flat
- UCSD Sysnet Seminar
- Thriving in between theory and practice: How applied cryptography bridges the gap
- Crypto Reading Club at NIST
- Zurich Information Security & Privacy Center at ETH Zurich
- An Empirical Analysis on the Use and Reporting of National Security Letters
- ACM Symposium on Computer Science and Law (CS&Law 2024)
- Key Overwriting Attacks
- CSE 207b
- MIT CSAIL
- MEGA: Malleable Encryption Goes Awry
- IEEE Symposium on Security and Privacy 2023
- Brave Research Group
- Why E2EE Cloud Storage is hard - Challenges, Attacks and Best Practices
- RealWorldCrypto 2023
- UCSD Theory Seminar
- CNS Research Review 2023 (lightning talk)
- Climbing the Hacking /mnt/ain
- Swiss Cyber Storm 2021
- Revisiting Microarchitectural Side-Channels
- Security and Cryptography Laboratory (LASEC), EPFL
- SGX Accurate Time Measurements
- Bachelor Thesis Presentation at ETH Zurich
Academic Service
Subreviewer for CRYPTO 2025.
Organizing the Cryptographic Applications Workshop (CAW) at Eurocrypt 2025.
Organizing the Workshop on Attacks in Cryptography (WAC) multiple times; WAC6 at CRYPTO 2023 and WAC7 at CRYPTO 2024.
Co-founding and organizing the Cryptographic Applications Workshop (CAW) at Eurocrypt 2024.
Department Service
Department-wide student lead for PhD student visit day at UC San Diego 2025.
Area lead for organizing PhD student visit day at UC San Diego for the area “Systems, Networking, and Security” in 2024 and 2023.
Teaching
Guest lecture in CSE 207b “Applied Cryptography” in 2023 on “Key Overwriting Attacks” (slides, recording).
Guest lecture on “CTF in Practice” at HSLU (Hochschule Luzern) in Fall 24, Fall 23, Spring 23, Fall 22, Spring 22.
Professional experience
Research assisstant at the Privacy Preserving Systems Lab of ETH Zurich - Content valuating and improving Fully Homomorphic Encryption (FHE) tool support
Intern at DSwiss AG, a startup offering a password manager and end-to-end encrypted cloud storage (2016) - Adapting and extending automated server configurations, load and performance testing, E2E tests, replacing the company’s telephone system.
Achievements
Google PhD Fellowship 2024.
Distinguished paper award at IEEE S&P 2023.
ETH Medal: Award for outstanding master’s thesis at ETH Zurich.
Global Young Scientist Summit 2022: Nomination as ETH representative for the CS department.
European Cyber Security Challenge: triple qualification for the Swiss National Team (2016, 2017, 2019), and team coach (2021, 2022).
SwissSkills Expert: Expert for the Cyber Security Trait of the Swiss national championship for professions in 2022 and 2023.
ISSS Excellence Award: Award for the best thesis in the field of information security in Switzerland in 2022.
ICON: achieved first place with the team “sw1ss” in the 2018 final
Swiss Olympiads of Informatics: double participation (2014, 2015)
Best high school graduate of the year 2015 from the Neue Kantonsschule Aarau.