Objective: I would like to find research or engineering position in the industry, related to privacy and security.
Research: My thesis was about assessing the threat stemming from the metadata of encrypted network communications, and building systems (in Go) to protect against it.
Core skills: Research in security and privacy. General knowledge in networking and applied cryptography. Software development (Web/desktop). Preparing and delivering talks for various audiences. Project management.
Technologies: Go, Python. Previous experience with Front & Back-end Web development, (Typescript, JS, PHP, HTML/CSS, SQL), Scala, Java. Good knowledge of software development lifecycle (infra, testing, deployment).
Selected Research
- Groove: Flexible Metadata-Private Messaging2022
L. Barman, M. Kol, D. Lazar, Y. Gilad, N. Zeldovich. OSDI 22
paper, slides
- Every Byte Matters: Traffic-Analysis of Bluetooth Wearable Devices (Distinguished Paper Award) 2021
L. Barman, A. Dumur, A. Pyrgelis, J-P. Hubaux. Ubicomp 2021
paper, code, press article
- Decentralized Privacy-Preserving Proximity Tracing (DP3T)2020
My contribution to this large team effort consists of security/privacy analysis of the initial PEPP-PT, then of DP3T, and security reviews of alternative proposals (ROBERT/DESIRE).
paper, some press articles: Reuters, BBC, Financial Times, Blick, Le Temps
- PriFi: Low-Latency Metadata Protection for Organizational Networks 2018
L. B., I. Dacosta, M. Zamani, E. Zhai, A. Pyrgelis, B. Ford, J. Feigenbaum, J-P. Hubaux. PETS 2020
paper, code
- Reducing Metadata Leakage from Encrypted Files and Communication with PURBs 2018
K. Nikitin & L. Barman, M. Underwood, W. Lueks, B. Ford, J-P. Hubaux. PETS 2019
paper, presentation, press article, code, blog post. Padmé is now used in iMessage.
- Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud 2015
F. Armknecht, L. Barman, J-M. Bohli, G. Karame. USENIX Security 2016
paper
Work
- Privacy Engineer at Google, Zurich
2022
I work on the privacy of the Android ecosystem: I build privacy features on AOSP or Google backend, and I review launches with product teams. I also work on Rust on Android as a side project, maintaining and upreving crates.
- Research Intern at Cloudflare, London
2020
Website Fingerprinting and Defenses on QUIC
- Teaching Assistant at EPFL, Lausanne
2015 - 2021
In the class "Information Security and Privacy", I rebuilt the exercise platform for the students. I also designed several exercises such as a TLS downgrade attack & implementation of a PAKE protocol.
In the class "Mobile Networks", I helped building hands-on exercises about Wireless networks and their security/privacy aspects. I gave lectures about Tor and the anonymity on the Web.
I supervised ~10 semester/master projects for students, and I enjoyed helping them thrive both on the technical aspects as well as presenting their work.
- Intern (Master Thesis) at NEC Laboratories Europe, Heidelberg
2015
Supervised by G. Karame (NEC Laboratories Europe) and P. Oechslin (LASEC, EPFL)
Led to the USENIX Security publication "Mirror".
- Teaching assistant at EPFL
2012
For the class "System-oriented Programming", where students learn about SH, C, Perl, Unix.
Supervision of semester projects for students in Java, involving cryptography and networking.
- various Web Developer positions (Sunergic, CJ Online Works, JE EPFL, Intemporare)
2008 - 2019
At Sunergic, I created a Web application for planning a solar panel installation. Users could design a roof through a graphical wizard and estimate the expected efficiency. This application has been used by several partners of Sunergic and Romande Energie.
Education
- EPFL, Lausanne: PhD in Security and Privacy, co-advised by Jean-Pierre Hubaux and Bryan Ford
2021
- EPFL: Bachelor/Master in Communications Systems (with a 1-year exchange at NUS, Singapore)
2015
Blog posts
Non-peer-reviewed posts, highlights on personal projects & random discussions.