NOTE: I like my current job, and I *am not* looking for a job right now. When that changes, I'll change this resume. If you email me with a job offer based on having read this resume, I will assume you are not a very careful recruiter. If you email saying "I know you say you aren't looking, but just in case", I will assume you are the kind of thoughtless recruiter who thinks it's okay to ignore the stated preferences of the people you are trying to recruit. =========================================================================== NICK MATHEWSON Email: nickm at alum.mit.edu Web: http://www.wangafu.net/~nickm/ Education Massachusetts Institute of Technology Sep 1995-Jun 2002 - Received BS/MEng degrees in Computer Science, with minor in Linguistics. - Undergraduate GPA: 5.0/5.0. Graduate GPA: 4.7/5.0. - Relevant courses included: Multithreaded Parallelism Computer Systems Engineering Computer Language Engineering Machine Learning (Compiler development) Network and Computer Security Theory of Programming Languages - Masters thesis focused on automatic verification of information-hiding properties in Java bytecode. Employment History CertCo Cambridge, MA Contractor June 1999-Aug 1999 - Helped develop security/PKI software on Windows NT. - Worked with a small team to extend code in a large (200+ kloc) certificate distribution system. - Duties focused on developing user interface, database interface, and automatic code generation. MIT Computer Science Department Cambridge, MA Teacher's Assistant Jan 1999-May 1999 - Taught software engineering principles and techniques to a class of 20 students. - Designed and maintained course software (8 kloc) and web pages. MIT Laboratory for Computer Science Cambridge, MA Research Assistant, Programmer May 1997-June 2000 - As an undergraduate, developed PolyJ, a compiler to add parameterized types to Java. (35 kloc) - As a graduate student, researched thesis on privacy enforcement in Java bytecode through information flow control. (Part of the Jif system.) Reputation Technologies Somerville, MA Chief Architect June 2000-Jan 2003 - Designed and developed a data collection, analysis, and visualization tool for use by purchasing managers in large corporations. - Served as technical lead for small team of engineers with varying degrees of expertise, to coordinate standards and practices to write software in Java; deliver on Linux, Windows, and Solaris; run on Oracle and SQLServer databases; and deploy on the JBoss and Weblogic J2EE application servers. - Investigated, designed, and implemented analytic tools to run on large data sets, including Support Vector Machines, statistical classification, and various other machine learning techniques. Onion Routing Project Cambridge, MA Subcontractor Apr 2003-2006 - Subcontracted to develop an anonymous communications network for a research project at the US Naval Research Laboratory. (This network tool later became Tor.) - Focused on optimizing a tightly written C network application, while improving software quality and developing new features, including location-hidden servers. - Co-drafted technical specification of anonymity protocol. The Tor Project Cambridge, MA Founder, Senior Engineer, Team Lead, etc Feb 2007-present - Responsible for maintenance, design, security, and development of Tor, the well-known privacy tool. - Led a team of volunteers, employees, and contractors to coordinate software engineering efforts. - Oversaw multiple urgent security patches and major architectural shifts. - Created many tools to help test, develop, and extend Tor securely, including: - the Chutney lightweight network simulator. - the Trunnel encoder/decoder for legacy binary formats. - the first version of the obfsproxy anti-censorship tool. - the bridgedb anti-censorship bridge distribution tool. Open source projects Mixminion http://www.mixminion.net Principal developer May 2002-Sep 2007 - Helped design a next-generation secure anonymous communications protocol to address flaws in current Type I ("Cypherpunks") and Type II ("Mixmaster") designs. - Created a reference implementation for Type III anonymous remailers in a mixture of C and Python (31 kloc). - Worked with server operators to deploy a testing network, currently in operation. Libevent http://libevent.org Project Lead ???-present - Revised a widely used open-source network compatibility project for improved usability, portability, and robustness, while maintaining backward source compatibility. Other interesting projects - Libottery: a high-performance high-security experimental portable userspace random number generator. - pyaez: a pure-python implementation of the AEZ submission to the CAESAR cipher contest. - tinytest: a minimal pure-C unit test library. Volunteer positions held Served on Tor Board of Directors: 2002 through 2016. Served on program committees for various privacy- and security-related academic conferences. Publications Roger Dingledine, Nicholas Hopper, George Kadianakis, Nick Mathewson. One Fast Guard For Life (or 9 months). PETS 2014. Aaron Johnson, Paul Syverson, Roger Dingledine, and Nick Mathewson. Trust-based Anonymous Communication: Adversary Models and Routing Algorithms. CCS 2011. Justin Samuel, Nick Mathewson, Justin Cappos, Roger Dingledine. Survivable key compromise in software update systems. CCS 2010. Roger Dingledine, Nick Mathewson. Anonymity Loves Company: Usability and the Network Effect. WEIS 2006. Len Sassaman, Bram Cohen, and Nick Mathewson. The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval. WPES 2005. Nick Mathewson, Roger Dingledine. Practical Traffic Analysis: Extending and Resisting Statistical Disclosure. PET 2004. Roger Dingledine, Nick Mathewson, Paul Syverson. Tor: The Second-Generation Onion Router. USENIX 2004. Nick Mathewson, Roger Dingledine. Mixminion: Strong Anonymity for Financial Cryptography. Financial Cryptography, Feb 2004. Roger Dingledine, Nick Mathewson, Paul Syverson. "Reputation in Privacy Enhancing Technologies." Computers, Freedom, and Privacy, Apr 2002. George Danezis, Roger Dingledine, and Nick Mathewson. "Mixminion: Design of a Type III Anonymous Remailer Protocol." IEEE Symposium on Security and Privacy, May 2003. Roger Dingledine, Nick Mathewson, Paul Syverson. "Reputation in P2P Anonymity Systems." Workshop on Economics of P2P systems, June 2003. ===========================================================================