News

  • Find out where I am on Dopplr Find out where I am and where I am going on my Dopplr page.
  • My paper on defibrillator and pacemaker security has won the Best Paper award at IEEE Security and Privacy
  • For information on my recent collaborative work on defibrillator and pacemaker security please see the New York Times article on our work, or our official FAQ

Old News

Photograph of Tom Heydt-Benjamin

Detail of a portrait by Jacob Applebaum taken while attending PET 2007

Research

I am responsible for research in security and cryptography with a focus on privacy enhancing technologies and pervasive/ubiquitous computing. I am a pre-doctoral researcher at IBM Zürich Research Laboratory and the ETH Zürich System Security Group of the Zürich Information Security Center where Srdjan Capkun is my supervisor.

Publications

Rethinking Accountable Privacy Supporting Services
Jan Camenisch, Thomas Gross,  Thomas S. Heydt-Benjamin		 ACM Digital Identity Management, October 2008

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses [FAQ][bibtex]

Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William H. Maisel M.D.

Winner of Best Paper award

IEEE Security and Privacy (Oakland), May 2008

Security and Privacy for Implantable Medical Devices[bibtex]
Daniel Halperin, Thomas S. Heydt-Benjamin, Kevin Fu, Tadayoshi Kohno, William H. Maisel M.D.

IEEE Pervasive Computing, January 2008

Vulnerabilities in First-Generation RFID-enabled Credit Cards [bibtex][slides]
Thomas S. Heydt-Benjamin, Daniel V. Bailey, Kevin Fu, Ari Juels, and Tom O’Hare

Financial Cryptography and Data Security 2007
Scarborough, Trinidad/Tobago

Nonesuch: A Mix Network with Sender Unobservability [bibtex][slides]
Thomas S. Heydt-Benjamin, Andrei Serjantov, and Benessa Defend

Workshop for Privacy in Electronic Society 2006
Alexandria, VA

Privacy for Public Transit [bibtex][slides]
Thomas S. Heydt-Benjamin, Hee-Jin Chae, Benessa Defend, and Kevin Fu

Biographical Sketch

Privacy Enhancing Technologies 2006
Cambridge University, England

Thomas Heydt-Benjamin is currently responsible for advances in security and privacy properties of ubiquitous and pervasive computing systems in the IBM Zurich Research Laboratory with the goal of  producing practical secure electronic identification systems with user centric privacy management in resource constrained contexts such as electronic identity cards.  Thomas brings with him to IBM his prior experience in both attacks on and defenses of pervasive computing systems.  In 2007 he investigated new contactless smart credit cards used in the United States, discovering serious flaws.  In 2008 he examined security and privacy properties of pacemakers and implantable cardiac defibrillators, determining that some aspects of existing designs may present dangerous security vulnerabilities.  Now a member of the security and cryptography team at IBM Zurich Research Laboratory, Thomas’s team invents novel solutions to real world security problems in resource constrained devices similar to the credit cards and pacemakers he has previously studied.

Thomas started hacking and exploring computer security systems at age 6 when first exposed to assembler programming on the IBM PC.  This early interest lead to formal study of computer science during high school through the Science Honors Program at Columbia University.  He then earned a Bachelor of Science in computer science from Yale University, and a Master of Science in computer science from the University of Massachusetts Amherst.

Thomas sometimes appears on television and radio to provide computer security commentary and information.  Past appearances include ABC’s Good Morning America, NBC’s Today Show, and NPR’s Leonard Lopate Show.

Disclaimer

This is my personal website; opinions and information offered here do not reflect those of my employers or any organization to which I belong.