N. Asokan has been named a University Professor. Conferred by the University of Waterloo, this rare and prestigious honour recognizes exceptional scholarly achievement and international pre-eminence. Once appointed, a faculty member retains the designation until retirement.
“Congratulations to N. Asokan on being named a University Professor, a much-deserved honour,” said Raouf Boutaba, Director of the Cheriton School of Computer Science. “His contributions to network and systems security have advanced the field and influenced practice, leading to both real-world applications and broad national and international recognition.”
Professor Asokan is one of three University of Waterloo faculty members to receive the prestigious recognition in 2026.
“It is a great honour to be named a University Professor at Waterloo,” Professor Asokan said. “It is a tribute to all my students and research collaborators without whose outstanding work, such an honour would not have been possible. Heartfelt thanks also to my colleague Professor Tamer Özsu, who led the nomination, and Professors Boutaba and Koenemann, who supported it on behalf of the School of Computer Science and the Faculty of Mathematics.”
Professor N. Asokan joined the Cheriton School of Computer Science in September 2019 as a Cheriton Chair, a position he held until December 2025. He is a Fellow of the Institute of Electrical and Electronics Engineers, the Association for Computing Machinery, and the Royal Society of Canada. ACM’s Special Interest Group on Security, Audit and Control selected him for the 2018 ACM SIGSAC Outstanding Innovation Award, a prestigious honour recognizing technical contributions with lasting impact on the theory and development of secure systems. He served as Executive Director of Waterloo’s Cybersecurity and Privacy Institute from May 2021 to November 2025.
As of April 2026, Professor Asokan published more than 175 conference and journal papers, cited collectively more than 26,000 times with an h-index of 78 according to Google Scholar.
About Professor Asokan’s research
Professor Asokan is internationally recognized for his contributions to network and systems security. His research spans secure protocol design, mobile and trusted computing, and, more recently, the privacy and security implications of artificial intelligence. Across these areas, his work has consistently shaped both theory and practice, leading to widely deployed industry technologies and influential new research directions.
Among his most notable contributions are the following —
- introducing optimistic fair exchange protocols
- designing trusted device pairing protocols used by every Bluetooth device today
- pioneering mobile trusted computing technologies
- identifying and helping to mitigate man-in-the-middle attacks in many Internet protocols
- advancing the use of AI to improve security of Internet-of-Things devices
- demonstrating security and privacy concerns in AI-based systems and designing techniques to mitigate them
Professor Asokan’s early work on fair exchange addressed a fundamental challenge: how two mutually distrustful parties can complete an exchange over an insecure network like the Internet such that either each party gets what it wants, or neither does. He pioneered optimistic fair exchange protocols, in which a trusted third party is involved only if one party misbehaves. Four papers based on Professor Asokan’s dissertation appeared in top computer science venues and, together with his dissertation, have received more than 2,500 citations to date. His protocols were also implemented by IBM Research. Optimistic fair exchange became a new line of research, spurring work ranging from theoretical impossibility results to improvements of the protocols themselves.
Professor Asokan’s work on analyzing security of communication protocols and designing more secure protocols continued throughout his career, with two significant examples standing out.
The first is his work in the late 2000s on trusted device pairing protocols, the process of setting up a secure channel between two previously unfamiliar devices, such that attackers cannot eavesdrop on or interfere with communications. Trusted device pairing is particularly challenging when devices are paired by nontechnical people, for example when pairing a Bluetooth headset with a phone. The key challenge is designing mechanisms that are both easy to use and sufficiently secure. Professor Asokan co-designed a secure pairing protocol that was incorporated into the Bluetooth standard specifications for the Secure Simple Pairing protocol. This protocol is now used in billions of devices. His paper related to this topic was presented at the IEEE Symposium on Security and Privacy, a top security conference, and has led to significant follow-up research.
The second example arose from his observation that worldwide mobile phone infrastructure can be used for global-scale authentication of users for services beyond phone calls and text messages. This research led to Generic Authentication Architecture, now part of the Third Generation Partnership Project (3GPP) specification that standardizes mobile phone communications worldwide. Professor Asokan co-authored a book on Generic Authentication Architecture. This work also identified a recurring problem in many settings, whereby incorrectly composing two security protocols leads to a man-in-the-middle attack, which allows attackers to interpose themselves between two communicating parties and impersonate one to the other. This work strongly influenced both research and practice, including several standard specifications by the Internet Engineering Task Force that governs Internet communication protocols. The impact of this work continued years later, including a 2012 Internet Engineering Task Force standard titled “The Network Endpoint Assessment (NEA) Asokan Attack Analysis.”
More recently, Professor Asokan’s work on trusted computing, especially use of hardware assistance to secure software, has had tremendous impact. With his colleagues at Nokia, Asokan pioneered the mobile Trusted Execution Environment technology, which allows computing platforms such as smartphones and tablets to protect confidential data and conduct sensitive computation. Today, Trusted Execution Environments allow countless users to perform sensitive operations such as touch payments from smartphones without worrying about malware intercepting or interfering with payments. Professor Asokan authored the first seminal academic research publications on Trusted Execution Environments almost 15 years ago, long before it became a popular research topic. Since then, he has co-authored many widely cited papers along with two books on mobile trusted computing — Mobile Platform Security in 2014 and Hardware Platform Security for Mobile Devices in 2022.
Professor Asokan’s more recent work explores the intersection of security, privacy and artificial intelligence. His work on the use of AI for securing Internet-of-Things settings led to significant follow-up research. One example is IoT Sentinel, his work on discovering vulnerable smart devices in smart home networks, which won the best demo award at the 37th IEEE International Conference on Distributed Computing Systems.
Professor Asokan’s work on model extraction attacks is also highly significant. Such an attack occurs when a malicious client of an AI service provider clones the AI model to undercut the service provider’s business. His paper was instrumental in demonstrating that model extraction is a real threat. His techniques to mitigate model extraction attacks were adopted by industry partner Intel, which integrated them into OpenVino, an open-source implementation for federated learning.
The significance of Professor Asokan’s research has been recognized by his peers through best paper awards in top venues including in the 15th ACM Conference on Data and Application Security and Privacy in 2025, the 45th IEEE Symposium on Security and Privacy in 2024, and IEEE Transactions on Computers in 2019.
In addition to his research excellence, Professor Asokan has made significant contributions to the broader academic and professional community. He served for six years on evaluation panels for the European Research Council Starting Grants. At Waterloo, he led the growth of the Cybersecurity and Privacy Institute, bringing in several new major industry partners, most notably MasterCard Canada, which made a half-million-dollar grant for CPI researchers. He also played a key role in establishing the National Cybersecurity Consortium, which now administers nearly $80 million in funding for cybersecurity and privacy research across Canada.
University Professors at the Cheriton School of Computer Science
Professor Asokan is the sixth faculty member at the Cheriton School of Computer Science to receive the distinction of University Professor, following Ian Munro (2006), Ming Li (2009), Doug Stinson (2013), M. Tamer Özsu (2018) and Raouf Boutaba (2024).