CV

Research Interests

My research interests are in the intersection of applied cryptography, system security, and privacy. I am excited about using mathematical techniques for cryptanalysis. I leverage attacks to identify the root causes of cryptography failures in practice, and then build or improve systems to address these failures.

Education

• MSc ETH Zurich – EPF Lausanne in Computer Science Major in Cyber Security (short: MSc ETH EPF CS)
• BSc ETH Zurich in Computer Science (short: BSc ETH CS)

Ongoing:

• PhD at UCSD advised by Nadia Heninger (Fall 2022 - today)

Publications

Papers published in peer-reviewed proceedings:

• Matilda Backendal*, Hannah Davis, Felix Günther, Miro Haller*, Kenneth G. Paterson. (2024). "A Formal Treatment of End-to-End Encrypted Cloud Storage". Crypto 2024
• Matteo Scarlata*, Matilda Backendal, Miro Haller. (2024). "MFKDF: Multiple Factors Knocked Down Flat". USENIX Security 2024
• Sharon Goldberg, Miro Haller*, Nadia Heninger*, Mike Milano, Dan Shumow, Marc Stevens, Adam Suhl*. (2024). "RADIUS/UDP considered harmful". USENIX Security 2024
• Alex Bellon, Miro Haller*, Andrey Labunets, Enze Liu, and Stefan Savage. (2025). "An Empirical Analysis on the Use and Reporting of National Security Letters". CSLAW 2025
• Alexander Viand*, Patrick Jattke, Miro Haller, Anwar Hithnawi. (2023). "HECO: Fully Homomorphic Encryption Compiler". USENIX Security 2023.
• Martin R. Albrecht, Miro Haller, Lenka Mareková*, Kenneth G. Paterson. (2023). "Caveat Implementor! Key Recovery Attacks on MEGA". Eurocrypt 2023.
• Matilda Backendal, Miro Haller* and Kenneth G. Paterson. (2023). "MEGA: Malleable Encryption Goes Awry". IEEE S&P 2023.
• Ivan Puddu*, Moritz Schneider, Miro Haller, Srdjan Čapkun. (2021). "Frontal Attack: Leaking Control-​Flow in SGX via the CPU Frontend". USENIX Security 2021.

Unreviewed/pre-print papers:

Articles:

• M. Backendal, M. Haller, K. G. Paterson, "End-to-End Encrypted Cloud Storage" IEEE Security & Privacy Magazine

*first author(s)

Talks

• A Formal Treatment of End-to-End Encrypted Cloud Storage
  • Crypto 2024
  • Berkeley Security Seminar
  • Trails of Bits
  • UMD Crypto Reading Group
  • Apple
  • MIT Security Seminar
  • Amazon AWS
  • Google
• The Blast-RADIUS attack
  • IETF Meeting 120
  • UCSD Security Seminar
  • Black Hat Europe 2024
  • RealWorldCrypto 2025
• MFKDF: Multiple Factors Knocked Down Flat
  • UCSD Sysnet Seminar
• Thriving in between theory and practice: How applied cryptography bridges the gap
  • Crypto Reading Club at NIST
  • Zurich Information Security & Privacy Center at ETH Zurich
• Key Overwriting Attacks
  • MIT CSAIL
• CSE 207b: Key Overwriting Attacks
  • CSE207b Lecture
• MEGA: Malleable Encryption Goes Awry
  • IEEE Security and Privacy 2023
  • Brave Research Group
• Why E2EE Cloud Storage is hard - Challenges, Attacks and Best Practices
  • RealWorldCrypto 2023
  • Theory Seminar at UCSD
  • CNS Research Review at UCSD
• Climbing the Hacking /mnt/ain
  • Swiss Cyber Storm Conference
• Revisiting Microarchitectural Side-Channels
  • Security and Cryptography Laboratory (LASEC), EPFL
• SGX Accurate Time Measurements
  • System Security Group ETH Zurich

Academic Service

• Subreviewer for CRYPTO 2025.

• Organizing the Cryptographic Applications Workshop (CAW) at Eurocrypt 2025.

• Organizing the Workshop on Attacks in Cryptography (WAC) multiple times; WAC6 at CRYPTO 2023 and WAC7 at CRYPTO 2024.

• Co-founding and organizing the Cryptographic Applications Workshop (CAW) at Eurocrypt 2024.

Department Service

• Department-wide student lead for PhD student visit day at UC San Diego 2025.

• Area lead for organizing PhD student visit day at UC San Diego for the area “Systems, Networking, and Security” in 2024 and 2023.

Teaching

• Guest lecture in CSE 207b “Applied Cryptography” in 2023 on “Key Overwriting Attacks” (slides, recording).

• TA for CSE 207b “Applied Cryptography” in 2023.

• Guest lecture on “CTF in Practice” at HSLU (Hochschule Luzern) in Fall 24, Fall 23, Spring 23, Fall 22, Spring 22.

Professional experience

• Research assisstant at the Privacy Preserving Systems Lab of ETH Zurich - Content valuating and improving Fully Homomorphic Encryption (FHE) tool support

• Intern at DSwiss AG, a startup offering a password manager and end-to-end encrypted cloud storage (2016) - Adapting and extending automated server configurations, load and performance testing, E2E tests, replacing the company’s telephone system.

Achievements

• Google PhD Fellowship 2024.

• Distinguished paper award at IEEE S&P 2023.

• ETH Medal: Award for outstanding master’s thesis at ETH Zurich.

• Global Young Scientist Summit 2022: Nomination as ETH representative for the CS department.

• European Cyber Security Challenge: triple qualification for the Swiss National Team (2016, 2017, 2019), and team coach (2021, 2022).

• SwissSkills Expert: Expert for the Cyber Security Trait of the Swiss national championship for professions in 2022 and 2023.

• ISSS Excellence Award: Award for the best thesis in the field of information security in Switzerland in 2022.

• ICON: achieved first place with the team “sw1ss” in the 2018 final

• Swiss Olympiads of Informatics: double participation (2014, 2015)

• Best high school graduate of the year 2015 from the Neue Kantonsschule Aarau.