Martianus Frederic Ezerman, Ph.D.  (Fred Ezerman)
Martianus Frederic Ezerman, Ph.D. (Fred Ezerman)

Job Title / Jabatan :
CEO and Resident Cryptographer at Sandhiguna
Adjunct Assistant Professor, Nanyang Technological University, Singapore 

Biography / Riwayat Hidup :
Fred Ezerman is a mathematician. He has more than 15 years of experience in research and development in various areas of information theory, particularly in cryptography, coding theory, and data representations, in both classical and quantum setups. 

He started his research career as a student scholar in the Cryptology and Coding Theory Research Group (CCRG) at Nanyang Technological University (NTU) in Singapore, where he obtained his Ph.D. in mathematical sciences in 2011. His thesis presents significant contributions in quantum error-control coding for quantum information processing, an area that he has since been known internationally as an expert.
After a post-doctoral fellowship at Laboratoire d’Information Quantique in Universite Libre de Bruxelles, Belgium, he joined Centre for Quantum Technologies at National University of Singapore as a research scientist. Dr. Ezerman came back to CCRG at NTU in early 2014 as a full-time researcher, reaching the rank of Senior Research Mathematician in 2017. 

In cryptography he has been working on public key protocols, sequences with applications in cryptography and communications, cryptanalysis, quantum (attack) algorithms, as well as design and evaluation of quantum-secure proposals. Several more recent interests cover confidential computing and secure software deployment in trusted execution environment. His interests in the broader areas of information theory cover DNA storage, locally recoverable codes, holographic data representations, and deep learning techniques in image generations. 

An educator at heart, his teaching credentials range from mentoring talented high schoolers and undergraduate students to guiding Ph.D. candidates. He regularly teaches classes in cryptography and coding theory, from introductory courses to advanced seminars. 

He co-founded Sandhiguna in 2021 and currently serves as its CEO and Resident Cryptographer. His technical responsibility covers the design and analysis of cryptographic algorithms and modules for implementation in trusted execution environment. He is also deeply involved in raising public awareness for computer security and cryptography in Indonesia. The aim is to influence policy makers and practitioners to take concrete and strategic steps to enhance capabilities in securing data and processes which are critical for public services.

Fred Ezerman earned a double bachelor’s degrees, in philosophy and mathematics, and a master’s degree in pure mathematics from Ateneo de Manila University in 2005 and 2007, respectively. His Ph.D. in mathematical sciences was conferred by Nanyang Technological University in 2011. 

Presentation Title / Judul Presentasi :
Cryptographic Tools in Web Security

Presentation Synopsis / Ringkasan Presentasi :
Cryptography provides powerful algorithms and modules that can improve existing security protections in our network/web. 

Nowadays, using TLS as a protection layer for http is a must. It is best to store and deploy the keypairs required in TLS communication in a tamper resistant hardware. The common practice, however, relies only on access controls, such as DAC and MAC on SELinux. A malicious administrator can easily access the keypairs. It is crucial to manage cryptographic keypairs in various states: in storage, in transit, and in use. One can perform such tasks through integration with Hardware Security Module (HSM), with portable physical devices, or by deploying enterprise-grade KMS. We will also discuss the advantages of using KMS in securing application credentials, protecting against DNS cache poisoning, and strengthening email servers. 

Looking ahead, we must prepare for transition to quantum-secure cryptosystems. Our public key infrastructure (PKI) relies heavily on RSA-based Cryptosystem and Elliptic Curve Cryptosystems. They have been known to be completely broken, if and when adversaries have access to quantum computer capable of implementing Shor Algorithm at scale. The backbone of our internet communication is already exposed to the "harvest now and decrypt later" attacks. TLS handshaking and Diffie Hellman Key Exchange Protocols, for examples, are vulnerable to quantum attacks. Equipped with the right quantum tools, attackers, who may not be able to access webservers directly, can forge the signatures. As countries around the world are ramping up their transition strategy towards post-quantum era in cybersecurity, we in Indonesia must also get going. We will discuss current national landscape and capabilities as well as some strategic choices to make.