Anwar Hithnawi
hithnawi at
421 Soda Hall, UC Berkeley, CA-94720

I am a postdoctoral researcher at UC Berkeley. My research interests are in the areas of distributed systems and data privacy. I am broadly interested in designing privacy-preserving systems (currently focusing on streaming systems and collaborative machine learning) and tackling problems afflicting modern network systems.

Prior to that I was a researcher at ETH Zurich, Switzerland, affiliated with the Distributed Systems Group.


TimeCrypt: A Scalable Private Time Series Data Store

Today, a growing number of services collect detailed time series data that is stored in the cloud. Protecting the confidentiality of this vast and continuously generated data, while preserving its utility, is crucial for many applications in this space. TimeCrypt is a system that provides scalable and real-time analytics over large volumes of encrypted time series data. To enable granular access con- trol and efficient analytics over large encrypted streams, we introduce a new encryption-based access control construc- tion that is additively homomorphic. TimeCrypt supports rich functionalities and access control semantics needed for time-series data. In TimeCrypt, data is encrypted end-to-end, and authorized parties can only decrypt and verify queries within their authorized access scope., PDF,

Droplet: Decentralized Authorization for IoT Data Streams

Secure storage and management of data generated by the myriad of IoT devices present new challenges in the cloud era. How do we empower the user with ownership and fine-grained access control for IoT data without sacrificing performance or security? To address this challenge, we design Droplet a novel decentralized data access control service, which operates without intermediate trust entities. We leverage the blockchain technology to bootstrap trust, for a decentralized, secure, and resilient access control management. Droplet handles time series data, enables reliable sharing among heterogeneous applications from different trust domains, and features a cryptographically-protected fine-grained and scalable access control to data streams. PDF

We have implemented three apps on top of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard. Code

Pilatus: Partially Homomorphic Encrypted Sharing for IoT Data

IoT applications often utilize the cloud to provide storage and ubiquitous access to collected data. This naturally facilitates data sharing with third-party services and other users, but bears privacy risks, due to data breaches or unauthorized trades with user data. To address these concerns, we present Pilatus, a new data protection platform tailored for the IoT ecosystem, that protects data confidentiality while enabling secure processing and selective sharing of encrypted data. Our solution includes a suite of novel techniques that enable efficient partially homomorphic encryption, re-encryption and decryption. Pilatus grants users low-level control over their cloud data with cryptographic guarantees. Pilatus features a novel encrypted data sharing scheme with revocation capabilities and in situ key-update. We present performance optimizations that make these advanced cryptographic tools practical for mobile platforms. PDF

We have implemented an Avawomen app with Pilatus. Code

Talos: Encrypted Data Processing for the IoT

To tackle the data privacy concerns in IoT, we introduce Talos, a system that stores IoT data securely in a Cloud database while still allowing query processing over the encrypted data. We enable this by encrypting IoT data with a set of cryptographic schemes such as order-preserving and partially homomorphic encryption. To achieve this in constrained IoT devices, Talos relies on optimized algorithms that accelerate order-preserving and partially homomorphic encryption by 1 to 2 orders of magnitude. We assess the feasibility of Talos on low-power devices with and without cryptographic accelerators and quantify its overhead regarding energy, computation, and latency. With a thorough evaluation of our prototype implementation, we show that Talos is a practical system that can provide a high level of security with a reasonable overhead. PDF, Demo, Code

We relied on the Flocklab testbed at ETH Zurich to evaluate the performance of Talos. Code

We have implemented a benchmark tool for the Contiki OS to automate the macro-benchmark of Talos. Code
Our drivers for the hardware crypto engine are merged into the main Contiki repo.

We implemented a FitBit app with Talos to operate on encrypted data. Code, Demo

Proximity-based Authentication for the Internet of Things

In this project, we introduce a proximity-based authentication approach for the IoT that works in-band by solely utilizing the wireless communication interface. The novelty of this approach lies in its reliance on ambient radio signals to infer proximity within about one second, and in its ability to expose imposters located several meters away. We identify relevant features sensed from the RF channel to establish a notion of proximity across co-located low-power devices. We introduce our proximity-based authentication protocol and show the feasibility of our approach with an early prototype using off-the-shelf 802.15.4 sensors. PDF, Demo, Code

CrossZig:Cross-Layer Optimization for Low-power Wireless Coexistence

Current wireless designs still largely impose layer isolation. Thereby, conventional approaches to tackle wireless performance have focused on separately optimizing different layers of the networking stack. This rigid design fails to harness the rich ambient information embedded in the physical signals. Hence, reliability solutions targeting layers in isolation are typically suboptimal. In recent years, cross-layer optimizations were profoundly advocated in the wireless community. In this project, we pursue this research direction. We show how physical layer information and primitives can be coupled with the link layer to enhance low-power wireless systems coexistence and performance under interference. Notably, we develop CrossZig, a cross-layer wireless design, that enables low-power wireless networks to exploit fine-grained physical layer information to make informed decisions that can help them recover from varying sources of interference. CrossZig utilizes physical layer information to detect the type of interference in corrupted packets and to apply an adaptive packet recovery. Our packet recovery incorporates a novel cross-layer based packet merging scheme and an adaptive channel coding. PDF.

TIIM:Technology-Independent Interference Mitigation

Interfering radio technologies differ widely in the way they affect wireless links. Cross-Technology Interference has a complex impact on wireless links, which needs to be taken into account when treating interference. To date, much of the interference solutions focus on resolving interference between devices of the same technology. There exists no systematic mechanism for radios to be aware of what other radio types exist in their environments and make smart decisions to adapt accordingly. To address this challenge, we developed TIIM, a receiver design that identifies, quantifies, and reacts to CTI in real-time. In the design of TIIM, we took an unconventional approach, where we resort to machine learning to assist wireless nodes in recovering from interference; we employ supervised learning to train radios to recognize interference patterns at which a particular link-layer mitigation scheme would work best, regardless of the interference type. PDF (our Traces).

CIG: Wireless Coexistence Experimentation

Wireless research testbed infrastructures often lack proper tools for repeatable replay of realistic radio interference commonly found in real-world deployments. Hence, benchmarking wireless coexistence solutions is often cumbersome, time-consuming, and even infeasible in remote testbeds. To facilitate Cross-Technology Interference and wireless coexistence experimentations, we designed and developed CIG, a framework that extends wireless testbed infrastructures with the capability of reproducing heterogeneous external interference at high fidelity. In the design of CIG, we consider a unified approach that incorporates a careful selection of interferer technologies (implemented in software), to expose networks to realistic interference patterns. PDF.


Conferences and Journals:

Posters and Demos:


I advise\advised the following students:

    Ph.D. Students:
  • Lukas Burkhalter, ETH Zurich, co-advisor, 2017-present
  • Alexander Viand, ETH Zurich, co-advisor, 2019-present

  • M.S. Thesis Students:
  • Matthias Lei, Privacy-Preserving Federated Learning with Range Checks, 2019
  • Liangcheng Yu (now Ph.D. student at the University of Pennsylvania), Learning-based Network Scheduler, 2018
  • Michel Kaporin, Privacy-preserving Multidimensional Search over Time-series Data, 2017-2018
  • Lukas Burkhalter (thesis awarded ETH medal, now Ph.D. student at ETH Zurich), Towards Blockchain-based Auditable Storage and Sharing of IoT Data, 2017
  • Dominic Plangger, Proximity-based Authentication in the Internet of Things, 2015
  • Su Li (now Ph.D. student at EPFL), Exploiting PHY Layer Information to Combat Cross-Technology Interference in Low-power Wireless Networks, 2014-2015
  • Vaibhav Kulkarni (now Ph.D. student at the University of Lausanne), Facilitating Wireless Coexistence Research, 2015

  • Others:
    Yonathan Fisseha (Research internship, 2019), Liangcheng Yu (Research internship, 2018), Erfan Abdi (Semester project, 2016), Jan Wolf (Bachelor thesis, 2014).


Teaching Assistant at ETH Zurich

My role includes designing problem sets, teaching weekly tutorial sessions, grading assignments and course projects, correction of exams, helping in designing final exams, and guiding students on presenting and writing seminar research papers. I have been a teaching assistant for the following courses:

  • Informatics II for Electrical Engineers - Spring 2013, 2014, 2015, 2016, 2017
  • Distributed Systems - Fall 2012, 2015
  • Ubiquitous Computing Seminar - Spring 2014, 2015
  • Ubiquitous Computing (Lead TA)- Spring 2014


  • Swiss National Science Foundation (SNSF) Postdoctoral Fellowship, 2017-2019
  • Networking Networking (N2)Women Young Researcher Fellowship, 2014 [Website]
  • Google Anita Borg Scholarship, 2011 [Website]
  • Awarded DAAD Scholarship for Master's Degree, Germany, 2009-2011
  • Co-authored with Adnan Yahya (PI), a proposal on "Query Preprocessing for Efficient Search in Arabic Web Documents", that received the Google research award, 2009 [Website] [News]
  • Bachelor thesis awarded first prize in Information Technology Student’s Activity Fair (ITSAF), Jordan, 2008 [News]
  • Birzeit University Merit Scholarship, Palestine



  • Publication Chair, ACM IPSN Conference, 2015 [Website]
  • Shadow Technical Program Committee member, ACM IPSN Conference, 2015 [Website]
  • Reviewing: International Workshop on the Web of Things (WoT'13), IEEE LCN'14 Conference, Elsevier Computer Communications Journal 2014, ACM MSWiM’16 Conference, ACM Transactions on Sensor Networks (TOSN'17), HotNets'19 (external reviewer)
  • ACM UbiComp (Joint Conference on Pervasive and Ubiquitous Computing), Local Arrangement Committee (local chair for demos and posters), 2013 [Website] [Photos]
  • ISWC (International Symposium on Wearable Computers), Local Arrangement Committee (design exhibition), 2013

Service and Leadership

  • ETH Zurich, Invited Panelist, Panel for Woman in Computer Science, 2017 [Website]
  • ETH Zurich, Discovery Semester for Refugees, Organizer and Mentor, 2016 [Website]
  • Grace Hopper Celebration of Women in Computing, Scholarship Applications Reviewer, 2016 [Website]
  • N2Women Board Member, Co-chair Mentoring Program, 2015-2016 [Website]
  • Organizer, N2Women event at the ACM MobiCom Conference, 2014 [Photo]