I am passionate about defending our digital world and have spent over a decade researching applied cryptographic techniques to secure critical systems. I previously served as a Technical Lead within elite cyber units of the Department of Defense (DOD) and Central Intelligence Agency (CIA), where I received the directorate's Exceptional Performance Award for advancing the frontiers of US cyber operations. I completed my Ph.D. in Computer Science at UC Berkeley at the age of 22, supported by prestigious fellowships from the National Science Foundation, the National Physical Science Consortium, and the Fannie and John Hertz Foundation.

CompTIA Certified IT Operations Specialist (CIOS)
CompTIA Certified Systems Support Specialist (CSSS)
CompTIA Certified Cloud Admin Professional (CCAP)
CompTIA Certified Linux Network Professional (CLNP)
CompTIA Certified Secure Infrastructure Specialist (CSIS)
CompTIA Certified Secure Cloud Professional (CSCP)
CompTIA Certified Security Analytics Professional (CSAP)
CompTIA Certified Network Vulnerability Assessment Professional (CNVP)
CompTIA Certified Network Security Professional (CNSP)
CompTIA Certified Security Analytics Expert (CSAE)
CompTIA Certified Secure Infrastructure Expert (CSIE)
Google Certified Cybersecurity
Amazon Web Services Certified Cloud Practitioner
Amazon Web Services Certified Solutions Architect – Associate
Amazon Web Services Certified Certified Security – Specialty
Microsoft Certified Azure Fundamentals
Microsoft Certified Security, Compliance, and Identity Fundamentals
Microsoft Certified Azure Data Fundamentals
Microsoft Certified Azure AI Fundamentals
Microsoft Certified Azure Administrator Associate
Microsoft Certified Azure Security Engineer Associate
CompTIA Certified Tech+
CompTIA Certified A+
CompTIA Certified Network+
CompTIA Certified Security+
CompTIA Certified Cloud+
CompTIA Certified Linux+
CompTIA Certified CySA+
CompTIA Certified PenTest+
CompTIA Certified SecurityX

  Washington, D.C.   —    TS/SCI w/ FS   —    [email protected]   —    Schedule a meeting  

Featured In

Washington PostForbesBloombergPoliticoVentureBeat

& 30 others

Experience

US Government

US Government, Cyber Researcher

  1. Central Intelligence Agency (CIA): 20232025

  2. Department of Defense (DOD): 20202021

UC Berkeley

UC Berkeley, Computer Security Researcher

  1. Center for Responsible Decentralized Intelligence (RDI): 20222023

  2. Initiative for CryptoCurrencies & Contracts (IC3): 20212022

Solid Security

Solid Security, Authentication Consultant

20152020

Holmusk

Holmusk, Software Engineer

20152015

VCNinc

VCNinc, Software Engineer

20142015

Education

University of California, Berkeley

  1. Ph.D. in Computer Science

University of Illinois Urbana-Champaign

  1. Master's Degree in Computer Science

  2. Bachelor's Degree in Computer Science

Awards

Central Intelligence Agency (CIA)

  1. Exceptional Performance Award

    Awarded for extraordinary contributions to US national security.

University of California, Berkeley

  1. Tong Leong Lim Pre-Doctoral Prize

    Awarded annually to the student who achieves the highest distinction in the pre-doctoral examination.

  2. Fannie and John Hertz Foundation Fellowship

  3. National Physical Science Consortium Fellowship

University of Illinois Urbana-Champaign

  1. National Science Foundation Scholarship

Publications

Exploring the Privacy Risks of Adversarial VR Game Design

Vivek Nair*, Gonzalo Munilla Garrido*, Dawn Song, and James F. O'Brien

  1. Preprint in arXiv, 2022.
    [view] [pdf] []
  2. Published in PoPETs, 2023.
    [view] [pdf] [video] [code] []
Learn more at rdi.berkeley.edu 

Multi-Factor Key Derivation Function (MFKDF) for Fast, Flexible, Secure, & Practical Key Management

Vivek Nair and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in USENIX Security, 2023.
    [view] [pdf] [video] [code] []
  3. Distinguished Artifact Award

Learn more at mfkdf.com 

Unique Identification of 50,000+ Virtual Reality Users from Head & Hand Motion Data

Vivek Nair, Wenbo Guo, Justus Mattern, Rui Wang, James F. O'Brien, Louis Rosenberg, and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in USENIX Security, 2023.
    [view] [pdf] [video] [code] []
Learn more at rdi.berkeley.edu 

Decentralizing Custodial Wallets with MFKDF

Vivek Nair and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in IEEE ICBC, 2023.
    [view] [code] []
Learn more at mfkdf.com 

MEVade: An MEV-Resistant Blockchain Design

Julien Piet, Vivek Nair, and Sanjay Subramanian

  1. Published in IEEE ICBC, 2023.
    [view] []

Multi-Factor Credential Hashing for Asymmetric Brute-Force Attack Resistance

Vivek Nair and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in IEEE EuroS&P, 2023.
    [view] [code] []
Learn more at mfchf.com 

Going Incognito in the Metaverse: Achieving Theoretically Optimal Privacy-Usability Tradeoffs in VR

Vivek Nair*, Gonzalo M. Garrido*, and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in ACM UIST, 2023.
    [view] [pdf] [video] [code] []
  3. Best Paper Award

Learn more at rdi.berkeley.edu 

SoK: Data Privacy in Virtual Reality

Gonzalo M. Garrido, Vivek Nair, and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in PoPETs, 2024.
    [view] [pdf] []
Learn more at rdi.berkeley.edu 

Truth in Motion: The Unprecedented Risks and Opportunities of Extended Reality Motion Data

Vivek Nair, Louis Rosenberg, James F. O'Brien, and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in IEEE S&P, 2024.
    [view] [pdf] []
Learn more at rdi.berkeley.edu 

ProtoBlocks: Programming Language for Secure Implementation of Cryptographic Protocols

Vivek Nair, William Mullen, and Ethan Lee

  1. Preprint in EECS Technical Reports, 2023.
    [pdf] []

MFDPG: Multi-Factor Authenticated Password Management With Zero Stored Secrets

Vivek Nair and Dawn Song

  1. Preprint in arXiv, 2023.
    [view] [pdf] [code] []

Effect of Duration and Delay on the Identifiability of VR Motion

Mark Roman Miller, Vivek Nair, Eugy Han, Cyan DeVeaux, Christian Rack, Rui Wang, Brandon Huang, Marc Erich Latoschik, James F. O'Brien, and Jeremy N. Bailenson

  1. Preprint in arXiv, 2024.
    [view] [pdf] []
  2. Published in IEEE WoWMoM, 2024.
    [view] [code] []

Effect of Data Degradation on Motion Re-Identification

Vivek Nair, Mark Roman Miller, Rui Wang, Brandon Huang, Christian Rack, Marc Erich Latoschik, and James F. O'Brien

  1. Preprint in arXiv, 2024.
    [view] [pdf] []
  2. Published in IEEE WoWMoM, 2024.
    [view] [code] []

Fast Anonymous Consensus and Private Authentication in Large Distributed Systems

Vivek Nair and Bolton Bailey

  1. Preprint in arXiv, 2023.
    []

Results of the 2023 Census of Beat Saber Users

Vivek Nair, Viktor Radulov, and James F. O'Brien

  1. Preprint in arXiv, 2023.
    [view] [pdf] []

“I Can’t Believe It’s Not Custodial!”: Usable Trustless Decentralized Key Management

Tanusree Sharma, Vivek C. Nair, Henry Wang, Yang Wang, and Dawn Song

  1. Published in ACM CHI, 2024.
    [view] [pdf] [video] [code] []

Inferring Private Personal Attributes of Virtual Reality Users

Vivek Nair, Christian Rack, Wenbo Guo, Rui Wang, Shuixian Li, Brandon Huang, Atticus Cull, James F. O'Brien, Marc Latoschik, and Louis Rosenberg

  1. Preprint in arXiv, 2023.
    [view] [pdf] []
  2. Published in IEEE VRW, 2024.
    [view] [code] []
Learn more at rdi.berkeley.edu 

Berkeley Open Extended Reality Recordings 2023 (BOXRR-23)

Vivek Nair, Wenbo Guo, Rui Wang, James F. O'Brien, Louis Rosenberg, and Dawn Song

  1. Preprint in arXiv, 2024.
    [view] [pdf] []
  2. Published in IEEE TVCG, 2024.
    [view] [code] []
Learn more at rdi.berkeley.edu 

Deep Motion Masking for Secure, Usable, and Scalable Real-Time Anonymization of Ecological Virtual Reality Motion Data

Vivek Nair, Wenbo Guo, James F. O'Brien, Louis Rosenberg, and Dawn Song

  1. Preprint in arXiv, 2024.
    [view] [pdf] []
  2. Published in IEEE VRW, 2024.
    [view] [code] []
Learn more at rdi.berkeley.edu 

Navigating the Kinematic Maze: Analyzing, Standardizing and Unifying XR Motion Datasets

Christian Rack, Vivek Nair, Lukas Schach, Felix Foschum, Marcel Roth, and Marc Erich Latoschik

  1. Published in IEEE VRW, 2024.
    [view] []
Learn more at cschell.github.io 

* denotes equal first-authors

Patents

Secure System and Method for Managing the Multi-Factor Authentication Data of a User

  1. Provisional Application US62/435,227, 2016.
    []
  2. Utility Application US15/845,400, 2017.
    []
  3. Published as US20180176212A1, 2018.
    [view] []
  4. Granted as US10701064B2, 2020.
    [view] []
  5. Utility Application US16/882,041, 2020.
    []
  6. Published as US20210014219A1, 2021.
    [view] []
  7. Granted as US11483307B2, 2022.
    [view] []

Secure System and Method for Preventing Cross-Site Credential Reuse

  1. Provisional Application US63/029,165, 2020.
    []
  2. Utility Application US17/303,209, 2021.
    []
  3. Published as US20210367934A1, 2021.
    [view] []
  4. Granted as US12058121B2, 2024.
    [view] []

Secure System and Method for Detecting Credential Stuffing Attacks

  1. Provisional Application US63/268,912, 2022.
    []
  2. Utility Application US18/171,700, 2023.
    []
  3. Published as US20230195887A1, 2023.
    [view] []
  4. Pending

Secure System and Method for Sharing Online Accounts

  1. Provisional Application US63/267,612, 2022.
    []
  2. Utility Application US18/165,365, 2023.
    []
  3. Published as US20230254288A1, 2023.
    [view] []
  4. Pending

System and Method for Efficient Cryptographically-Assured Data Access Management for Advanced Data Access Policies

  1. Provisional Application US63/269,336, 2022.
    []
  2. Utility Application US18/173,111, 2023.
    []
  3. Published as US20240070309A1, 2024.
    [view] []
  4. Pending

System and Method for Multi-Factor Key Derivation

  1. Provisional Application US63/266,610, 2022.
    []
  2. Utility Application US18/152,660, 2023.
    []
  3. Pending

System and Method for Determining Personal Information from Extended Reality Tracking Data

  1. Provisional Application US63/366,499, 2022.
    []
  2. Open-Sourced, 2023.

System and Method for Protecting Personal Information from Extended Reality Devices

  1. Provisional Application US63/366,500, 2022.
    []
  2. Open-Sourced, 2023.

Presentations