My name is Zach. My pronouns are he/him/his. I’m currently a researcher at MongoDB in the Cryptography Research Group.
My research goal is to advance the state-of-the-art in privacy-preserving, efficient systems for multi-party computation, data processing, and retrieval. To do this, I combine a broad set of interests in cryptography, data structures, formal methods and optimization, and algorithms. I also like to study cryptanalysis attacks that are motivated by practical, real-world systems but grounded in theoretically interesting formalisms. As a corollary to all of these goals, I also like to ask questions about the practicality and usability of cryptography research itself—specifically, how we can build practical tooling and infrastructure to enable researchers to perform research (both in theory and in practice).
I completed a concurrent Sc.B. and Sc.M. at Brown University with a focus in security, systems, and theory. My studies were generously supported by grants from Brown CS, CrowdStrike, (ISC)2, and the CIT Group. I was also affiliated with the following research groups:
I am passionate about teaching computer security. While at Brown, I spent a lot of time thinking about creatively designing effective mechanisms for developing security mindsets. I was the course designer and Head Teaching Assistant of the Computer Science department’s flagship computer systems security course from 2019 to 2021.
Previously, I worked as a security engineer at D. E. Shaw. & Co. and interned at Google and Order.
I spend a lot of time long distance running and thinking about things like: theatrical lighting design, immersive theater, tabletop gaming, public transit, speech and debate, and Dance Dance Revolution.
I’ve joined the inaugural IEEE Security & Privacy 2026 Artifact Evalaution Committee! I’ve also joined the PETS 2026 Artifact Evaluation Committee!
Our paper “Structured Encryption and Distribution-aware Leakage Suppression” will appear at Asiacrypt 2025 in Melbourne, Australia!
Our paper “PolySys: an Algebraic Leakage Attack Engine” will appear at the 34th USENIX Security Symposium in Seattle, WA, USA!
Our paper “Bayesian Leakage Analysis” was published in IACR Communications of Cryptography!
Our paper “Sequentially Consistent Concurrent Encrypted Multimaps” will appear at IEEE Euro Security & Privacy 2025 in Venice, Italy!
Range Search is now generally available in MongoDB’s Queryable Encryption!
Our paper “Synq: Public Policy Analytics Over Encrypted Data” will appear at IEEE Security & Privacy 2024 in San Francisco, CA!
Our new product at MongoDB—Queryable Encryption, the first industry database product implementing structured encryption—is now generally available!
I reunited with some of my former collaborators from the Encrypted Systems Lab at Brown University by joining the Cryptography Research Group at MongoDB!
Our paper “Range Search over Encrypted Multi-Attribute Data” will appear at VLDB 2023 in Vancouver, Canada!
Five months after completing my requirements, I “officially” graduated with a Sc.B. in Computer Science (with Honors) and an Sc.M. in Computer Science at Brown University’s annual Commencement.
I was awarded a Senior Prize in Computer Science “for academic work as well as service to Brown CS” (awarded to 6.8% of the graduating class in CS). I also received the Norman K. Meyrowitz ’81 Award for “exceptionally meritorious service to Brown CS” (second to receive the award in the award’s history).
Our paper “Time- and Space- Efficient Aggregate Range Queries on Encrypted Databases” will appear at PETS 2022!
I defended my honors thesis on “Time- and Space- Efficient Aggregate Range Queries on Encrypted Databases” and finished my Bachelor’s and Master’s requirements at Brown!
I received an Crowdstrike NextGen Scholarship for 2021!
Received an (ISC)2 Undergraduate Information Security Scholarship for 2021.
I received the Randy Pausch Undergraduate Research Award from Brown CS to support my research with Roberto Tamassia on encrypted databases!
⁂ denotes authors listed alphabetically. Click abstracts to expand.
I served as a teaching assistant every semester I was at Brown University, sometimes even during semesters I wasn't enrolled. ⁂ denotes a Head Teaching Assistant role.
Software exploitation techniques and state-of-the-art mechanisms for hardening software. With Vasileios Kemerlis.
An introduction to principles of computer security from an applied viewpoint and provides hands-on experience on security threats and countermeasures. Topics include cryptosystems, web security, network security, malware, code execution vulnerabilities, access control, cryptocurrencies, machine learning, and human and social issues. With Roberto Tamassia (2019, 2020) and Bernardo Palazzi (2021).
Explores the principles of modern programming languages by implementation; studies data and their types, including polymorphism, type inference, and type soundness; examines compiler and run-time system topics: continuation-passing style and garbage collection. With Shriram Krishnamurthi.
Functional programming, data structures, and algorithms in Racket and Pyret. Includes a summer component taught using the first half of How to Design Programs, then transitions to content based on portions of Programming and Programming Languages during the semester. With Shriram Krishnamurthi.
Introduction to programming in MATLAB and Python, with an emphasis on STEM data analysis and simulation problems. With Dan Potter.
Data-focused introduction to computer science using Pyret. With Kathi Fisler.