Team Insights Gorka, Research Lead
We’re excited to share our interview with our newest addition to the Witnet team, Gorka Irazoqui. Gorka will be working to ensure the strength and safety of the Witnet Decentralized Oracle Network Protocol for its users and participants. Enjoy his story as he details his work and educational experience spanning the globe and what inspired him to join the Witnet Team.
Hi Gorka and welcome to the team. Could you start by telling us a bit about you, your career and academic background?
Thank you! I started my career in a company named Orona, which works on building and maintaining elevators. The project they hired me for involved the incorporation and validation of an on-board security device that allowed the company to authenticate embedded devices against each other, thus knowing that the components can be trusted. During the year I spent in Orona, I also incorporated confidentiality mechanisms like encrypted communications among peers.
Once I decided that I wanted to expand my career in security, I was contacted to start a PhD in Worcester Polytechnic Institute, on side channel attacks. These attacks try to infer information by “traces” that a security operation leaves behind in terms of power, EM emanation, memory footprint, etc. In my case I mainly worked on detecting cryptographic keys by manipulating the cache memory in a scenario where attacker and victim co-reside in the same physical hardware (e.g. cloud VMs or smartphone apps). We launched a number of attacks by which we were able to recover AES keys, RSA keys and others from a number of crypto libraries (e.g. BouncyCastle, Intels library or WolfSSL) and environments (VMware, AWS EC2 instances..).
Thanks to these papers I had the opportunity to work as a research assistant in University of Adelaide for 3 months, as well as in an internship in Intel for another 3 months.
Once I finished my PhD I joined Nagravision Iberica to work on anti-piracy. My first main goal was to reverse engineer boxes and android applications to be able to replicate, monitor, obtain evidence, and shut down IPs showing the channels that we were protecting. Then I developed several components in our AWS architecture, like our we API back-end. However the component I am most proud of is the video-downloader, which given a website containing a video was able to download it, record its metadata and generate a decrypted network traces as evidence.
What are some of your favorite technologies to work and build with at the moment?
In terms of programming languages I have always liked to work with C and Python. In terms of what I like to do most, I always have liked diving into cryptographic libraries finding new possible ways of breaking them. Also recently I have seemed to awaken an interest on binary reverse engineering, with tools like IDA or debuggers.
I also developed an interest in working with the cloud, e.g., provisioning and running instances.
In our space, there are some great projects working on inspiring missions. What attracted you to Witnet and what would you say is the potential of the project?
The possibility of combining my research/crypto skills towards improving a life-changing protocol. The times I enjoyed the most were those finding vulnerabilities, but never with the specific goal of having a word in the design of a (possibly widely used) end-to-end protocol. I believe Witnet has the opportunity to fight for a position in the market that has not been developed yet.
To wrap up, what are some things that you like to do outside of your work life?
Soccer is the activity that I would say consumes most of time outside my work life. Other than that the usual: series, beers with my friends and video games from time to time.
You can follow Witnet on Twitter and stay up to date on our blog.
You can also:
- Kauri original title: Team Insights Gorka, Research Lead
- Kauri original link: https://kauri.io/team-insights-gorka-research-lead/b6d848a946a24482b7f7b6bbd94030a4/a
- Kauri original author: Witnet (@witnet)
- Kauri original Publication date: 2018-11-20
- Kauri original tags: none
- Kauri original hash: QmQHHsVuGAqSV36pCjwkHZQCYWLLaSJinr8eFV9bAc5LGp
- Kauri original checkpoint: QmYRYAA1TRyDiXS6uLXdt6qS8AnW63tqJHYpUQKrdyNz7h