Matthew D. Green

Assistant Professor
Department of Computer Science
Johns Hopkins University


I am an Assistant Professor at the Johns Hopkins Information Security Institute. My research includes techniques for privacy-enhanced information storage, anonymous payment systems, and bilinear map-based cryptography. I am one of the creators of the Zerocash protocol, which is used by the ZCash cryptocurrency, and a founder of an encryption startup Zeutro.   I was formerly a partner in Independent Security Evaluators, a custom security evaluation and design consultancy and I currently consult independently. From 1999-2003, I served as a senior technical staff member at AT&T Laboratories/Research in Florham Park, NJ. 

Research Interests

My research focus is in the area of applied cryptography. My recent work includes developing privacy-preserving cryptographic protocols for implementing anonymous electronic cash and identification. I have also developed protocols that allow users to access databases without revealing which data they're accessing. Additionally, I have been working on new automation techniques to assist in the design and deployment of advanced cryptographic protocols.

I also work in the area of cryptographic engineering. This work involves understanding the practical aspects of cryptographic systems, implementing cryptographic protocols, and in some cases reverse-engineering deployed systems. I teach an introductory course on this subject. Additionally, I've designed several cryptographic tools, including Charm, a framework for rapidly prototyping cryptosystems, and a Functional Encryption library that provides implementations of several new Attribute Based Encryption schemes.

Download my Curriculum Vitae.


601.745: Advanced Topics in Applied Cryptography.   Spring 2018.
650.445, 600.454: Practical Cryptographic Systems.   Fall 2017. Previously: Fall 2016, Spring 2015, 2014, 2013. Fall 2012. Spring 2011, 2010, 2009.
600.444: Computer Networks.   Spring 2017.
600.443: Security and Privacy in Computing.   Fall 2015.
600.642: Advanced Topics in Cryptography.   Fall 2011.

My Blog

A Few Thoughts on Cryptographic Engineering. Started as a lazy man's attempt to write a book on practical crypto topics, this has gradually taken on a life of its own.

Conference Papers

"Fairness in an Unfair World: Computation from Append-only Ledgers".  A. Choudhuri, M. Green, A. Jain, G. Kaptchuk, I. Miers.  To appear in ACM CCS 2017. 

"Verified Correctness and Security of mbedTLS HMAC-DRBG".  K. Ye, M. Green, N. Sanguansin, L. Beringer, A. Petcher, A. Appel.  To appear in ACM CCS 2017. 

"Bolt: Anonymous Payment Channels for Decentralized Currencies".  M. Green, I. Miers  To appear in ACM CCS 2017. 

"Outsourcing Medical Dataset Analysis: A Possible Solution".  G. Kaptchuk, M. Green, A. Rubin  In Financial Cryptography 2017. (PDF)

"Decentralized Anonymous Micropayments".  A. Chiesa, M. Green, J. Liu, P. Miao, I. Miers, P. Mishra.  In EUROCRYPT 2017. (PDF)

"A Systematic Analysis of the Juniper Dual EC Incident".  S. Checkoway, J. Maskiewicz, C. Garman, J. Fried, S. Cohney, M. Green, N. Heninger, R.P. Weinmann, E. Rescorla, H. Shacham.  In ACM CCS 2016. (PDF)

"A Protocol for Privately Reporting Ad Impressions at Scale".  M. Green, W. B. Ladd, I. Miers.  In ACM CCS 2016. (PDF)

"A Unified Approach to Idealized Model Separations via Indistinguishability Obfuscation".  M. Green, J. Katz, A. Malozemoff, H-S. Zhou.  To appear in Security and Cryptography for Networks (SCN) 2016.  (ePrint PDF)

"Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage".  C. Garman, M. Green, G. Kaptchuk, I. Miers, M. Rushanan.  To appear in Usenix Security 2016.  (PDF)

"Downgrade Resilience in Key-Exchange Protocols".  K. Bhargavan, C. Brzuska, C. Fournet, M. Green, M. Kohlweiss, S. Zanella-Béguelin.  In IEEE Symposium on Security and Privacy (Oakland) 2016.  (PDF)

"Accountable Privacy for Decentralized Anonymous Payments".  C. Garman, M. Green, I. Miers.  In Financial Cryptography 2016.  (PDF)

"Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice".  D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. A. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, B. VanderSloot, E. Wustrow, S. Zanella-Béguelin, P. Zimmermann.  In ACM CCS 2015. (Site) (PDF)

"Forward Secure Asynchronous Messaging from Puncturable Encryption".  M. Green, I. Miers.  In IEEE Symposium on Security and Privacy (Oakland) 2015.  (PDF)

"Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs".  E. Ben-Sasson, A. Chiesa, M. Green, E. Tromer, M. Virza.  In IEEE Symposium on Security and Privacy (Oakland) 2015.  (PDF)

"On the Practical Exploitability of Dual EC in TLS Implementations".  S. Checkoway, M. Fredrikson, R. Niederhagen, M. Green, T. Lange, T. Ristenpart, D. J. Bernstein, J. Maskeiwicz, H. Shacham.  In Usenix Security 2014. (Website) (PDF)

"Automated Analysis and Synthesis of Block-Cipher Modes of Operation".  M. Green, J. Katz, A. Malozemoff.  In CSF 2014. (PDF)

"Zerocash: Practical Decentralized Anonymous E-Cash from Bitcoin".  E. Ben-Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, M. Virza.  In IEEE Symposium on Security and Privacy (Oakland) 2014.

"Rational Zero: Economic Security for Zerocoin with Everlasting Anonymity".  C. Garman, M. Green, I. Miers, A. Rubin.  In First Workshop on Bitcoin Research (BITCOIN '14). (PDF)

"Decentralized Anonymous Credentials".  C. Garman, M. Green, I. Miers.  In NDSS 2014.

"Using SMT Solvers to Automate Design Tasks for Encryption and Signature Schemes".  A. Akinyele, M. Green, S. Hohenberger.  In ACM CCS 2013.

"Zerocoin: Anonymous Distributed e-Cash from Bitcoin".  I. Miers, C. Garman, M. Green, A. Rubin.  In IEEE Symposium on Security and Privacy (Oakland) 2013. (PDF)

"Machine-Generated Algorithms, Proofs and Software for the Batch Verification of Digital Signature. Schemes".  A. Akinyele, M. Green, S. Hohenberger, M. Pagano.  In CCS 2012. (Springer) (ePrint PDF)

"Vis-a-Vis Cryptography: Private and Trustworthy In-Person Certifications".  I. Miers, M. Green, C. Lehman, A. Rubin.  In Healthsec 2012. (PDF)

"New Definitions and Separations for Circular Security".  D. Cash, M. Green, S. Hohenberger.  In PKC 2012 (ePrint PDF)

"Self-Protecting Electronic Medical Records Using Attribute-Based Encryption".  J. A. Akinyele, C. Lehmann, M. Green, M. Pagano, Z. Peterson, A. Rubin.  In ACM CCS SPSM 2011 (ePrint PDF)

"Outsourcing the Decryption of ABE Ciphertexts".  M. Green, S. Hohenberger, B. Waters.  In Usenix Security 2011.

"A Research Roadmap for Healthcare IT Security Inspired by the PCAST Health Information Technology Report".  M. Green, A. Rubin.  In HealthSec 2011. (PDF)

"Practical Oblivious Transfer from Simple Assumptions".  M. Green, S. Hohenberger.  In TCC 2011. (ePrint draft, PDF)

"Secure Blind Decryption".  M. Green.  In PKC 2011. (ePrint PDF).

"Synchronized Aggregate Signatures".  J. H. Ahn, M. Green, S. Hohenberger.  In ACM CCS 2010. (eprint PDF)

"On the Practicality of Short Signature Batch Verification".  A. L. Ferrara, M. Green, S. Hohenberger, M. O. Pedersen.  In CT-RSA 2009. (ePrint PDF)

"Securing Medical Records on Smart Phones".  R. W. Gardner, S. Garera, M. W. Pagano, M. Green and A. Rubin.  In SPIMACS 2009.

"Controlling Access to an Oblivious Database using Stateful Anonymous Credentials".  S. Coull, M. Green, S. Hohenberger.  In PKC 2009(ePrint PDF)

"Universally Composable Adaptive Oblivious Transfer".  M. Green, S. Hohenberger.  In ASIACRYPT 2008(ePrint PDF)

"Blind Identity-Based Encryption and Simulatable Oblivious Transfer".  M. Green, S. Hohenberger.  ASIACRYPT 2007. (ePrint PDF) (conference PDF)

"Identity-Based Proxy Re-encryption".  M. Green, G. Ateniese.  In ACNS 2007. (ePrint PDF)

"Security Analysis of a Cryptographically-Enabled RFID Device".  S. Bono, M. Green, A. Stubblefield, A. Juels, A. Rubin, M. Szydlo.  14th USENIX Security Symposium, August 2005. (PDF). "Best Student Paper", Usenix Security 2005.

"Improved Proxy Re-encryption Schemes with Applications to Secure Distributed Storage" (Conference version).  G. Ateniese, K. Fu, M. Green, S. Hohenberger.  Proceedings of the 12th Annual Network and Distributed Systems Security Symposium (NDSS 2005), San Diego, California, 2005. (Full Version PDF)

"PRISM, an IP-Based Architecture for Broadband Access to TV and Other Streaming Media"  A. Basso, C. Cranor, R. Gopalakrishnan, M. Green, C.R. Kalmanek, D. Shur, S. Sibal, C.J. Sreenan, J.E. van der Merwe.  Proceedings of IEEE International Workshop of Network and Operating System Support for Digital Audio and Video (NOSSDAV), June 2000.  (PDF)

Journal Publications

"Developers Are Not The Enemy! The need for usable security APIs". M. Green, M. Smith.  To appear in IEEE Security & Privacy.

"Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications". H. Abelson, R. Anderson, S. M. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, M. Green, S. Landau, P. G. Neumann, R. L. Rivest, J. I. Schiller, B. Schneier, M. Specter, D. J. Weitzner.  In Journal of Cybersecurity. (PDF)

"Machine-Generated Algorithms, Proofs and Software for the Batch Verification of Digital Signature Schemes". A. Akinyele, M. Green, S. Hohenberger, M. Pagano.  In Journal of Computer Security (JCS).

"Charm: A Framework for Rapidly Prototyping Cryptosystems". A. Akinyele, C. Garman, I. Miers, M. Pagano, M. Rushanan, M. Green, A. Rubin  In Journal of Cryptographic Engineering (JCEN).

"The Threat in the Cloud". M. Green.  In IEEE Security & Privacy Magazine (Spring 2013).

"Access Controls for Oblivious and Anonymous Systems". G. S. Coull, M. Green, S. Hohenberger.  In ACM Transactions on Information and System Security (TISSEC).

"Improved Proxy Re-encryption Schemes with Applications to Secure Distributed Storage". G. Ateniese, K. Fu, M. Green, S. Hohenberger.  ACM Transactions on Information and System Security (TISSEC), Volume 9, Issue 1, 2006. (ACM Portal)

"Security Through Legality".  S. Bono, A. Rubin, A. Stubblefield, M. Green.  Communications of the ACM (CACM), June 2006. 

"Prism Architecture: Supporting Enhanced Streaming Services in a Content Distribution Network".  C. Cranor, M. Green,C.Kalmanek, D. Shur, S. Sibal, K. van der Merwe.  IEEE Internet Computing,pp. 66-75, July/August 2001  (PDF)

Technical Reports and Submissions

"How to Squeeze a Crowd: Reducing Bandwidth in Mixing Cryptocurrencies".  A. Chator and M. Green.  Technical Report.  (PDF)

"Managing Secrets with Consensus Networks: Fairness, Ransomware and Access Control".  G. Kaptchuk and I. Miers and M. Green.  Technical Report.  (PDF)

"Correlation-Resistant Storage via Keyword-Searchable Encryption".  L. Ballard, M. Green, B. de Medeiros, F. Monrose.  Technical Report. (PDF)

"Content Protection for Optical Media".  M. Green.  2005. (PDF)

Other Writing

"The Daunting Challenge of Secure Email".  M. Green. In The New Yorker, Elements blog.  November 2013.

"Why Apple Won't Unlock your iPhone for Police".  M. Green. In Slate, Future Tense.  September 2014.


"Cryptography for Secure and Private Databases: Enabling Practical Database Access without Compromising Privacy".  M. Green; Ph. D. Thesis (PDF)


I am advising Alishah Chator and co-advising Gabriel Kaptchuk. I previously advised Dr. Christina Garman, Dr. Ian Miers, Dr. Ayo Akinyele and Dr. Matthew Pagano.

Software Projects / Misc.

"The OpenABE Attribute-Based Encryption Toolkit". Developed by my company Zeutro, a library implementation of Ciphertext-Policy and Key-Policy Attribute-Based Encryption schemes and other cryptographic primitives. Available under the AGPL license.

"The Open Crypto Audit Project". An organization founded to perform public audits of opens source cryptography software, including Truecrypt and OpenSSL.

NIST FOIA. Results of a Freedom of Information Act (FOIA) request to NIST (by EFF/Matthew Stoller) seeking information on the alleged NSA subversion of the Dual EC DRBG algorithm in NIST Special Publication 800-90A.

libzerocoin. A C++ implementation of the core cryptographic routines for the Zerocoin protocol.

Charm: A framework for rapidly prototyping cryptosystems. A Python-based prototyping framework to assist cryptographers and researchers in the development of new cryptographic schemes and protocols.

The Functional Encryption Library. An implementation of several modern key-policy and ciphertext-policy Attribute-Based Encryption schemes, part of the FEATURES project.

"The JHU-MIT Proxy Re-cryptography Library". A C++ implementation of two proxy re-encryption schemes.

The Advanced Crypto Software Collection. A repository of advanced crypto implementations created the community at large. Curated by my student Matthew Pagano.

"The JHU-MIT Proxy Re-cryptography Library". A C++ implementation of two proxy re-encryption schem es.

"Art for Cryptographers". Not a software project at all -- a bit of wonderful graphic art for use in security presentations.

Program Committees

ENIGMA 2018. Website and CFP.
IEEE European Symposium on Security and Privacy. Website and CFP.
CRYPTO 2017. Website and CFP.
Financial Cryptography 2017. Website and CFP.
Usenix Security 2016. Website and CFP.
Oakland 2015. Website and CFP.
ACM CCS 2014. Website and CFP.
Financial Cryptography 2014. Website and CFP.
ICISC 2013. Website and CFP.
Usenix Security 2013. Website and CFP.
Usenix Security 2012. Website and CFP.
PKC 2012. Website and CFP.
Usenix Security 2011. Website and CFP.
CANS 2010. Website and CFP.
EC-Web 2010. Website and CFP.
ProvSec 2010. Website and CFP.
ICISC 2009. Website and CFP.
Pairing 2009. Website and CFP.
EC-Web 2009. Website and CFP.

Invited Talks

2.21.2016    Network and Distributed Systems Symposium (NDSS) 2016 keynote. "On Subverting Trust". (Slides).
6.4.2015    Cryptographic Hardware and Embedded Security (CHES) 2015 keynote. "Secure Protocols in a Hostile World" (Slides).
6.4.2015    Applied Cryptography and Network Security conference. "From Strong Mathematics to Weak Cryptography".
1.24.2015    Yale University. "Decentralized Electronic Cash from Bitcoin".
10.21.2014   Princeton University. "Decentralized Anonymous Credentials and Electronic Payments from Bitcoin".
8.19.2014    Usenix WOOT. Invited talk, "Practical Kleptography". (Slides and recording).
8.19.2014    Usenix HOTSEC. Discussion lead, "Life after Heartbleed".
1.13.2014    Yale University. "Decentralized Electronic Cash from Bitcoin".
1.13.2014    Rutgers University. "Zerocash: Decentralized Anonymous Payments from Bitcoin".
1.13.2014    Real World Crypto (RWC '14). "Toward making Bitcoin Anonymous". (Video, Slides)
8.13.2013    Usenix Summit on Hot Topics in Security (HotSec '13). "What's wrong with cryptographic API design and what we can do to fix it". (Audio, Slides)
4.24.2013    Microsoft Research. "Zerocoin: Anonymous Distributed e-Cash from Bitcoin". (Video)
2.19.2013    Dartmouth College. "Cryptography is a Systems Problem (or Should we Deploy TLS?)". (Video)
7.19.2011    Microsoft Research. "Charm: A framework for rapidly prototyping cryptosystems". (Video)
9.15.2005    National Science Foundation. "Attacking and Defending RFID Security Systems".
"Award for Outstanding Research in Privacy Enhancing Technologies (PET award)", 2007. (press release).

Industry Experience

Co-Founder, Zeutro LLC. 2010-present. Developing Attribute-Based Encryption technology for enterprise use.

Founder, Cryptography Engineering LLC. 2012-present. Security evaluation and expert witness consulting.

Co-founder, Independent Security Evaluators (ISE). 2004-2011. Custom evaluation and design of security systems.

Senior Technical Staff Member, AT&T Laboratories/Research, Florham Park, NJ. 1999-2003. Conducted research and oversaw technology transfer for audio coding, secure content delivery and content distribution network projects.

Contact Information

Postal Mail: Matthew Green, JHU Information Security Institute, 3400 North Charles Street, 313 Malone Hall, Baltimore, MD 21218
Phone: (410) 861-0344
Fax: (410) 516-8457


Available on


Page last updated September 5, 2017