Biography

I am now an Assistant Professor in the Department of Information Engineering at The Chinese University of Hong Kong (CUHK), where I teach and conduct research on information security. Before moving back to my hometown to join CUHK, I was a postdoctoral researcher at Carnegie Mellon University CyLab. I obtained my PhD in Computer Science from Purdue University, working primarily on network and system security, under the supervision of Prof. Ninghui Li and Prof. Aniket Kate. My research interest is mainly on the (in)security of the design, implementation, and deployment of network and cryptographic protocols. Specifically, I have been testing and measuring different aspects of TLS and PKI, which led to the discovery of many vulnerabilities in various ecosystems.


Selected Recent Publications

A full list of my publications and the relevant CVEs can be found here.

  1. ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation
    Joyanta Debnath; Christa Jenkins; Yuteng Sun; Sze Yiu Chau; Omar Chowdhury
    [IEEE Symposium on Security and Privacy 2024] (Paper)

  2. Towards Precise Reporting of Cryptographic Misuses
    Yikang Chen; Yibo Liu; Ka Lok Wu; Duc V. Le; Sze Yiu Chau
    [The Network and Distributed System Security (NDSS) Symposium 2024] (Paper)

  3. The Devil is in the Details: Hidden Problems of Client-side Enterprise Wi-Fi Configurators
    Ka Lok Wu; Man Hong Hue; Ka Fun Tang; Sze Yiu Chau
    [The 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2023)] (Paper)
    ※ Best Paper Award from ACM WiSec '23

  4. Back to School: On the (In)Security of Academic VPNs
    Ka Lok Wu; Man Hong Hue; Ngai Man Poon; Kin Man Leung; Wai Yin Po; Kin Ting Wong; Sze Ho Hui; Sze Yiu Chau
    [The 32nd USENIX Security Symposium (USENIX Security '23)] (Paper)

  5. All your credentials are belong to us: On Insecure WPA2-Enterprise Configurations
    Man Hong Hue; Joyanta Debnath; Kin Man Leung; Li Li; Mohsen Minaei; M. Hammad Mazhar; Kailiang Xian; Endadul Hoque; Omar Chowdhury; Sze Yiu Chau
    [The 28th ACM Conference on Computer and Communications Security (CCS 2021)] (Paper)
    CUEngineering Jul 2022 Issue 19 coverage

  6. On Reengineering the X.509 PKI with Executable Specification for Better Implementation Guarantees
    Joyanta Debnath; Sze Yiu Chau; Omar Chowdhury
    [The 28th ACM Conference on Computer and Communications Security (CCS 2021)] (Paper)
    Best Paper Award Runner-Up from ACM CCS 2021

  7. Morpheus: Bringing The (PKCS) One To Meet the Oracle
    Moosa Yahyazadeh; Sze Yiu Chau; Li Li; Man Hong Hue; Joyanta Debnath; Sheung Chiu Ip; Chun Ngai Li; Endadul Hoque; Omar Chowdhury
    [The 28th ACM Conference on Computer and Communications Security (CCS 2021)] (Paper)

  8. When TLS Meets Proxy on Mobile
    Joyanta Debnath; Sze Yiu Chau; Omar Chowdhury
    [The 18th International Conference on Applied Cryptography and Network Security (ACNS 2020)] (Paper)
    ※ Best Student Paper Award from ACNS 2020

  9. Analyzing Semantic Correctness with Symbolic Execution: A Case Study on PKCS#1 v1.5 Signature Verification
    Sze Yiu Chau; Moosa Yahyazadeh; Omar Chowdhury; Aniket Kate; Ninghui Li
    [The Network and Distributed System Security Symposium (NDSS) 2019] (Paper|Talk)
    WIRED coverage


Professional Activities

  • Program Committee: IEEE S&P '24, USENIX Security '24, '23, '22, '21; ACM RAID '24; PETS '23, '22; ACM CODASPY '24, '23; ACM SACMAT '23, '22, '21; EAI SecureComm '23; ESORICS '23, '20
  • External Reviewer: TheWebConf '21
  • Journal Reviewer: IEEE Transactions on Dependable and Secure Computing (TDSC); ACM Transactions on Privacy and Security (TOPS); IEEE Transactions on Network and Service Management (TNSM); IEEE Systems Journal (ISJ)


Current Research Students

  • Doria Tang (MPhil student) [Aug 2023-]

  • Zeddy Lu (MPhil student) [Aug 2023-]

  • Yanxiang BI (PhD student) [Aug 2022-]

  • Yikang CHEN (PhD student) [Aug 2021-]

  • Yuteng SUN (PhD student) [Aug 2021-]


Alumni

  • Ka Lok WU (MPhil student) [Aug 2021 - Dec 2023], now a PhD student at Stony Brook

  • Yibo Liu (full-time RA) [Aug 2022 - Dec 2022], now a PhD student at Arizona State

  • Man Hong HUE (Ug student helper + full-time RA) [Feb 2020 - Jul 2022], now a PhD student at Georgia Tech


Awards & Recognitions

  • Dean's Exemplary Teaching Award 2022 (CUHK Faculty of Engineering)

  • Best Paper Award (ACM WiSec 2023)

  • Best Paper Award Runner-Up (ACM CCS 2021)

  • Best Student Paper Award (ACNS 2020)


Invited Talks


Press & Media Coverage


Contact

    If you want to send me encrypted emails, here is my PGP public key.


Miscellaneous

My Erdös number is 4, with multiple paths through my PhD advisors:

  • Chau → Kate → Goldberg → Stinson → Erdös
  • Chau → Kate → Zaverucha → Stinson → Erdös
  • Chau → Li → Bertino → Wagstaff → Erdös