Khandaker Md. Al-Amin
Cybersecurity Engineer · Berlin
I am a Cybersecurity Engineer at ITK Engineering GmbH, focused on cryptographic integration and automotive security standards (ISO/SAE 21434). Previously at EAGLYS Inc. in Tokyo, I worked on fully homomorphic encryption for privacy-preserving machine learning and secure computing. My interests span cryptography, secure computing, privacy-preserving technologies, EU CRA compliance, SBOM management, vulnerability handling, and incident response.
I occasionally take on select advisory and consulting engagements outside my primary role. See areas I can help with →
In 2015, I was awarded the Japan Government Scholarship (MEXT) to pursue a Ph.D. in cryptography under Professor Yasuyuki NOGAMI. My doctoral research focused on optimization and efficient implementation techniques for elliptic curve pairing-based cryptography and its application for IoT security.
Research Interests
- Application of Homomorphic-Encryption
- Private Set Intersection
- Privacy-Preserving Machine Learning
- Secure Multi-Party Computation
- EU CRA compliance & SBOM management
- Vulnerability handling & incident response
Education
- Ph.D. in Public Key Cryptography Okayama University, Japan 2019
- B.Sc. in Computer Science and Engineering Jahangirnagar University, Bangladesh 2012
Experience
Cybersecurity Engineer
Responsibilities include:
- Performed in-depth Threat Analysis & Risk Assessment, integrating cryptographic measures to comply with industry security standards (e.g., ISO/SAE 21434).
- Developed and integrated cryptographic libraries (Mbed-TLS) across large-scale systems for secure data processing in diverse environments.
- Prepared secure coding guidelines (aligned with SEI CERT) and performed code reviews to ensure robust security for embedded systems.
Research Engineer
Responsibilities include:
- Requirement analysis, design and development of the secure computing project GateDB
- Converting business requirements and theoretic algorithms into PoC
- Performance and security improvement of existing products
- Technology used: Python, Rust, C++, gRPC, Docker, SQL, PostgreSQL, MySQL, AWS, Azure, Tensorflow
Areas of expertise
Topics I work on day-to-day and occasionally advise on independently.
EU CRA consulting
Cyber Resilience Act readiness for manufacturers and importers: essential requirements mapping, conformity assessment routes, and vulnerability disclosure obligations.
SBOM management
SPDX / CycloneDX generation, provenance, signing, continuous SBOM refresh, and integration into CI/CD and supplier onboarding workflows.
Vulnerability handling
Coordinated disclosure processes (ISO/IEC 29147 / 30111), triage playbooks, CVE workflows, and PSIRT operating models.
Incident response
Readiness assessments, playbook design, tabletop exercises, and post-incident lessons-learned reviews aligned with NIST SP 800-61.
Automotive cybersecurity
ISO/SAE 21434 threat analysis & risk assessment (TARA), UN R155 alignment, secure boot, HSM integration, and Mbed-TLS on embedded.
Applied cryptography
FHE / MPC design, protocol review, primitive selection, and migrations from legacy crypto to modern, audited implementations.
Featured Projects
DataArmorGate DB
A database proxy that enables SQL queries over encrypted data without exposing the key to the database server.
Selected Publications
An Improvement of Scalar Multiplication by Skew Frobenius Map with Multi-Scalar Multiplication for KSS Curve
Scalar multiplication over higher degree rational point groups is often regarded as the bottleneck for faster pairing based cryptography. This paper presents a skew Frobenius mapping technique in the sub-field isomorphic sextic twisted curve of KSS pairing friendly curve.
Invited Talks
Towards the Implementation of Efficient and Distributable Pairing-based Crypto Library
Invited talk on pairing-based cryptography and the design of an open-source library for distributable cryptographic primitives.
Writing
Welcome to my blog where I share insights on cryptography, secure computing, and privacy-preserving technologies.
Visit Blog