Joining Eran Tromer's research group

Eran Tromer's research group at Boston University studies a variety of research problems in information security and cryptography. We have open positions in several projects, on a variety of topics.

Research directions and projects

Here are some of the things you could do in the group:

Cryptographically verified computation

Proving correct execution of programs running on untrusted platforms, using zero-knowledge SNARK proofs and other advanced cryptographic tools. We address open problems in the constructions, implementation (e.g., in our libsnark open-source library), and applications.

Side-channel attacks

Analyze physical side-channel leakage from computers and embedded devices, from several possible angles:

  • Physical leakage
    (e.g., extracting secret information from commodity computers by exploiting their acoustic, electric or electromagnetic emanations)
  • Software-based microarchitectural leakage
    (e.g., how a JavaScript ad can glean information from outside its sandbox, using cache timing attacks)
  • Signal processing and machine learning
  • Cryptanalysis of specific implementations and protocols

See the LEISec web page for examples of our recent projects.


We design and analyze improved blockchain protocols, focusing on privacy and scalability. For example, we work on improving the functionality and performance of our Zerocash protocol (underlying the Zcash cryptocurrency). We are also study how public policy and regulation can be integrated with blockchains, while preserving users' privacy.

We also have a project on implementing a secure Bitcoin wallet using a novel hybrid software/hardware approach.

Physical cryptography

Explore novel cryptographic constructions based on nonconventional physical and biological phenomena, to achieve functionality that cannot be achieved in the purely digital domain.

Cyberphysical, mobile and Internet of Things security

Design and implement new security mechanisms in federated, multisensor systems, such as mobile devices, smart-home deployments, hybrid local/cloud computing and sensor networks. We devise novel permissions systems that let users express (and enforce) their preferences at a higher level than raw resource permissions: for example, reasoning about information flow control, and about the human users' intentions in the context where the operations happen.

To see other recent projects, see Publications.

Requisite background

Research in this area typically requires very high programming proficiency, general computer problem-solving, and working in quirky environments such as Unix shell and LaTeX (or at least the willingness and dedication to spend nights learning these as you go). Other background, such as mathematics and electronics, depends on the project.

You also need excellent communication skills and good English language skills, in order to read papers and documentation, write up your results, and communicate with colleagues. Incidentally, your application email (see below) is a good opportunity to demonstrate these skills, by clearly addressing all pertinent points.


To inquire about joining, email Eran Tromer. Our goal is then to understand which project best suits you, in terms of your skills, background and availability. To help us figure this out, explain the following in your email:

Which projects sound interesting, and why? Do you have independent ideas for security/cryptography projects, or have found bugs in our papers, or are you particularly excited about some problem?

What relevant background do you have, via academic education, prior work/projects, informal experience, training courses, and so forth?

What type of position are you interested in, and how much time can you dedicate? What are your long-term plans? (See "position types" above with regard to our expectations.)

Please attach a CV, grade transcript, and links or documents about exciting things you've done.