Profile
He has over 15 years of experience in designing, implementing, and deploying cryptographic algorithms and protocols for various platforms and applications. Kris is passionate about solving complex and challenging problems at the intersection of cryptographic research, implementation, and deployment. He leverages his expertise in post-quantum cryptography, embedded devices, and Linux to deliver secure and efficient solutions for his clients. He is always eager to learn new technologies and skills, and to collaborate with other experts in the field.
Education
Poznan University of Technology | Poznań, Poland
MSc in Mathematics | 2006AGH University of Science and Technology | Kraków, Poland
Computer System Architecture & Design | 2007
Interests
- Post-Quantum cryptography
- High performance cryptography
- Cryptographic implementations for resource constrained devices
- Network security protocols
Professional experience
PQShield
Staff Cryptography Architect
Oxford, UK
Dec 2019 - present
I have created two products - PQCryptoLib and PQCryptoLib Embedded - that offer FIPS 140-3 certified and CNSA 2.0 compliant post-quantum key exchange for protocols like TLS v1.3. I am responsible for the software implementation of cryptographic schemes, memory and performance optimizations for different CPU architectures, as well as the security hardening against side-channel attacks.
Cloudflare
Cryptography Engineer
London, UK
Feb 2018 - Dec 2019
Working as a Cryptography Engineer in Cloudflare’s Technology Research team. Most of the activities were around implementing improvements to the TLS stack as well as the implementation of Proof of Concepts in the area of post-quantum cryptography (isogeny based).
Trustonic
Security Engineer
Cambridge, UK
May 2015 - Jan 2018
I was part of the team working on an implementation of the Trusted Execution Environment (TEE) based on ARM TrustZone technology. My responsibility was the implementation of cryptographic components and security validation of various parts of the system.
Amadeus
Software Engineer
Sophia-Antipolis, France
Jun 2008 – May 2015
Responsible for maintaining and implementing various functionalities in the Amadeus core system security and communication framework (C++ based). Focusing mainly on security and stability of TLS connections, performance optimization, improvements to failure resilience of high-availability components.
Tieto, BenQ
Project Manager
Wrocław, Poland
Dec 2005 – May 2008
Started as a Software Engineer and grew to a manager position. I’ve been managing teams developing PC software tools for Nokia/Symbian based mobile phones. Products were used in Nokia’s customer care centres for device reparation as well as end-users for firmware update. I’ve built a team of 20 developers and testers located in Poland, the Czech Republic and China working on multiple software projects for Nokia.
Projects
Below I have outlined the project examples that truly spark my interest and enthusiasm for collaboration.
PQCryptoLib | [
PQShield
I have created two products - PQCryptoLib and PQCryptoLib Embedded - that offer CNSA 2.0 compliant post-quantum key exchange for protocols like TLS v1.3. I am responsible for the software implementation of cryptographic schemes, memory and performance optimizations for different CPU architectures, as well as the security hardening against side-channel attacks. The PQCryptoLib has been certified according to FIPS 140-3, level 1 requirements, as a software module. I’ve been leading the certification effort from beginning to the very end. I’m currently working on this project as a Cryptography Architect.
It is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ). Project is open-source and was co-inveted with Armando Faz-Hernández.
Implementation of cryptographic algorithms in C++.
Kinibi TEE
Trustonic
I was part of the team implementing, Trustonic’s Trusted Execution Environment - Kinibi.
Publications
- NIST SP 1800-38C: Migration to Post-Quantum Cryptography - Quantum Readiness |
W. Newhouse, M. Souppaya, J. Prat, R. Larrieu, R. Burns, W. Barker, J. Gray, M. Ounsworth, C. Viana, J. Gilbert, G. Scinta, C. Brown, H. Le Van Gong, P. Kampanakis, K. Kwiatkowski, E. Kim, J. Goodman, A. Hu, V. Krummel - An Efficient and Generic Construction for Signal’s Handshake (X3DH): Post-Quantum, State Leakage Secure, and Deniable |
Keitaro Hashimoto, Shuichi Katsumata, Kris Kwiatkowski, Thomas Prest - Scalable Ciphertext Compression Techniques for Post-Quantum KEMs with Applications |
Shuichi Katsumata, Kris Kwiatkowski, Federico Pintore, Thomas Prest - Measuring TLS key exchange with post-quantum KEM |
Adam Langley, Dave Levin, Kris Kwiatkowski, Alan Mislove, Nick Sullivan, Luke Valenta - The TLS Post-Quantum Experiment |
Kris Kwiatkowski, Luke Valenta - Towards Post-Quantum Cryptography in TLS |
Kris Kwiatkowski
Talks
- Post-Quantum Cryptography for IoT Edge. Implementation tradeoffs and security pitfalls |
| TPM.dev, Cambridge, UK | Sep, 2024 - Cryptographic interfaces for secure IoT devices |
| ICMC 2022, Washington D.C., USA | Sep, 2022 - Implementing a FIPS-Certifiable Crypto Module for Post-Quantum TLS |
| CryptoMod 2022, Brussels, Belgium | May, 2021 - Report on IETF and ETSI activities around Post-Quantum systems |
| GlobalPlatform, Online | Nov, 2021 - Post-Quantum cryptography for C++ developers |
| Online | Nov, 2021 - Ciphertext Compression Techniques for Post-Quantum KEMs |
| Online | Oct, 2020 - Measuring post-quantum TLS | ICMC 2020, Virtual | Sep, 2020
- Towards Post-Quantum Cryptography in TLS |
| ECC, Ruhr-University, Germany | Dec, 2019
Volunteering
- CHES 2025 - Member of artifact review committee
- CHES 2024 - Member of artifact review committee | [
] - PETS 2024 - Member of artifact review committee
- PETS 2023 - Member of artifact review committee
- CHES 2021 - Member of artifact review committee
- CARDIS 2020 - Additional reviewer
- COSADE2020 Additional reviewer
- 17th IMA International Conference on Cryptography and Coding, 2019 - Additional reviewer
- Technical reviewer for a book Demystifying Cryptography with OpenSSL 3.0 by Alexei Khlebnikov