Christopher Patton
I'm a cryptography engineer at Cloudflare Research focused on the last mile of cryptography research. My work ranges from security analysis and protocol design to implementation and deployment. I've spent most of my time at the intersection of privacy and standardization: I'm leading a significant amount of work in the PPM working group at IETF, which aims to bring MPC and other tools to bear on user measurement; and I contributed to the design of the Encrypted Client Hello extension for TLS. I've also spent some time helping with Cloudflare's post-quantum transition.
I finished my PhD in 2020 under Tom Shrimpton at the University of Florida. My thesis focused on bridging the gap between the proven security of cryptographic protocols and their security in the real world. I began my crypto education with Phil Rogaway at the University of California, Davis, where I earned my master's and bachelor's. I interned on the Crypto team at Cloudflare (SF) during the summer of 2018. I've done two internships at Google, the first on the Cloud Security team (KIR, 2015) and the second on the Chrome Protector team (MON, 2016).
Papers
- Mastic: Private Weighted Heavy-Hitters and Attribute-Based Metrics (ia.cr/2024/221). D. Mouris, C. Patton, H. Davis, P. Sarkar, and N. Tsoutsos. PETS 2025.
- Verifiable Distributed Aggregation Functions (ia.cr/2023/130). H. Davis, C. Patton, M. Rosulek, and P. Schoppmann. PETS 2023.
- SMS OTP Security (SOS): Hardening SMS-Based Two Factor Authentication (10.1145/3488932). C. Peeters, C. Patton, I. Munyaka, D. Olszewski, T. Shrimpton, and P. Traynor. AsiaCCS 2022.
- Quantifying the security cost of migrating protocols to practice (ia.cr/2020/573). C. Patton and T. Shrimpton. Crypto 2020.
- Probabilistic data structures in adversarial environments. D. Clayton, C. Patton, and T. Shrimpton. CCS 2019.
- Security in the presence of key reuse: Context-separable interfaces and their applications (ia.cr/2019/519). C. Patton and T. Shrimpton. Crypto 2019.
- A hybrid approach to secure function evaluation using SGX. J. Choi, D. Tian, G. Hernandez, C. Patton, B. Mood, T. Shrimpton, K. Butler, and P. Traynor. AsiaCCS 2019.
- Digital healthcare-associated infection: A case study on the security of a major multi-campus hospital system. L. Vargas, L. Blue, V. Frost, C. Patton, N. Scaife, K. Butler, and P. Traynor. NDSS 2019.
- Partially specified channels: The TLS 1.3 record layer without elision (ia.cr/2018/634). C. Patton and T. Shrimpton. CCS 2018.
- Hedging public-key encryption in the real world (ia.cr/2017/510). A. Boldyreva, C. Patton, and T. Shrimpton. Crypto 2017.
Internet-Drafts
- Verifiable Distributed Aggregation Functions (draft-irtf-cfrg-vdaf). R. Barnes, D. Cook, C. Patton, and P. Schoppmann.
- Distributed Aggregation Protocol for Privacy Preserving Measurement (draft-ietf-ppm-dap). T. Geoghegan, C. Patton, E. Rescorla, and C. Wood.
- Task Binding and In-Band Provisioning for DAP (draft-ietf-ppm-dap-taskprov). S. Wang and C. Patton.
Code
- VDAF (prio). Rust implementations of the Verifiable Distributed Aggregation Functions specification. While I am not the maintainer of this crate, I have contributed a ton of code, including the FLP implementation.
- DAP (daphne). Rust implementation of the Distributed Aggregation Protocol specification, targeting the Cloudflare Workers platform. Still a work-in-progress.
- TLS Encrypted Client Hello (cloudflare/go). Cloudflare Research maintains a fork of the Go standard library in order to facilitate experiments. I contributed a significant amount of code to this library, including its implementation of the Encrypted Client Hello extension for TLS (draft-ietf-tls-esni).
- Delegated credentials for TLS (boringSSL server / NSS client). A protocol extension (RFC9345) that allows a TLS operator to delegate credentials for terminating connections on its behalf.
- Roughtime (roughtime). A simple protocol for synchronizing clocks with enough accuracy for common cryptographic applications. I deployed the server on Cloudflare's infrastructure during my internship.
Talks
- How to write proofs for cryptographic protocols at IETF (Usable Formal Methods Research Group, IETF 120). YouTube recording and corresponding writeup.
- Computing on your data with MPC (Cryptographic Applications Workshop, co-located with Eurocrypt 2024). Slides.
- MPC for Privacy Preserving Measurement (ASCrypto 2023, co-located with Latincrypt 2023). Slides.
- Standardizing MPC for Privacy-preserving Measurement (RWC 2022). YouTube recording. Please forgive the terrible recording. There was an AV issue during our session, the result of which is that only the Zoom recording survived.
- Quantifying the Security Cost of Migrating Protocols to Practice (Crypto 2020). YouTube recording.
- Interpretation of Provable Security for Cryptographic Practice (PhD defense, delivered via Zoom). YouTube recording.
- Partially specified channels (CCS 2018). YouTube recording.
- Hedging public-key encryption in the real world (Crypto 2017). YouTube recording.