Profile
Accomplished cryptography specialist with over 20 years of experience architecting, implementing, and deploying cryptographic algorithms and protocols for a wide range of platforms. Expert in cryptographic software and embedded systems, with a strong record of delivering secure, high-performance solutions and working collaboratively with top professionals in the industry.
Education
Poznan University of Technology | Poznań, Poland
MSc in Mathematics | 2006AGH University of Science and Technology | Kraków, Poland
Computer System Architecture & Design | 2007
Interests
- Post-Quantum cryptography
- High performance cryptography
- Cryptographic implementations for resource constrained devices
- Network security protocols
Professional experience
PQShield
Staff Cryptography Architect
Oxford, UK
Dec 2019 - present
Developed multiple products providing FIPS 140-3 certified and CNSA 2.0 compliant post-quantum key exchange for protocols such as TLS v1.3. Led software implementation of cryptographic schemes, optimized memory and performance across diverse CPU architectures, and implemented security hardening against side-channel attacks.
Cloudflare
Cryptography Engineer
London, UK
Feb 2018 - Dec 2019
Deployed post-quantum cryptography in TLS on production servers using BoringSSL, collaborating with Google to advance CECPQ2 adoption. Co-authored CIRCL, Cloudflare’s high-performance cryptographic library, and contributed to the implementation and optimization of TLS 1.3.
Trustonic
Security Engineer
Cambridge, UK
May 2015 - Jan 2018
Contributed to the development of a Trusted Execution Environment (TEE) based on ARM TrustZone technology. Responsible for implementing cryptographic components and performing security validation across multiple system modules.
Amadeus
Software Engineer
Sophia-Antipolis, France
Jun 2008 – May 2015
Responsible for maintaining and implementing various functionalities in the Amadeus core system security and communication framework (C++ based). Focusing mainly on security and stability of TLS connections, performance optimization, improvements to failure resilience of high-availability components.
Tieto, BenQ
Project Manager
Wrocław, Poland
Dec 2005 – May 2008
Started as a Software Engineer and grew to a manager position. I’ve been managing teams developing PC software tools for Nokia/Symbian based mobile phones. Products were used in Nokia’s customer care centres for device reparation as well as end-users for firmware update. I’ve built a team of 20 developers and testers located in Poland, the Czech Republic and China working on multiple software projects for Nokia.
Projects
Below I have outlined the project examples that truly spark my interest and enthusiasm for collaboration.
draft-ietf-tls-ecdhe-mlkem | [
Personal effort / Volunteering
An IETF effort to standardize hybrid key agreement for TLS 1.3 that combines a post-quantum KEM with elliptic curve Diffie-Hellman (ECDHE). Standard is already deployed by major browsers (Chrome, Firefox) as well as cloud service providers (Cloudflare, Google, AWS).
PQCryptoLib | [
PQShield
Original author, principal investigator and designer of PQCryptoLib and PQMicroLib Embedded, CNSA 2.0 compliant post-quantum key exchange solutions for protocols such as TLS v1.3. Led the end-to-end development from concept to production over a 5-year period, including software implementation of cryptographic schemes, memory and performance optimization for multiple CPU architectures, and security hardening against side-channel attacks. Directed and completed the FIPS 140-3 Level 1 certification process for PQCryptoLib as a software module.
It is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ). Project is open-source and was co-inveted with Armando Faz-Hernández.
Implementation of cryptographic algorithms in C++.
Kinibi TEE
Trustonic
I was part of the team implementing, Trustonic’s Trusted Execution Environment - Kinibi.
Publications
- Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3 |
P. Kampanakis, K. Kwiatkowski, D. Stebila, B. E. Westerbaan - NIST SP 1800-38C: Migration to Post-Quantum Cryptography - Quantum Readiness |
W. Newhouse, M. Souppaya, J. Prat, R. Larrieu, R. Burns, W. Barker, J. Gray, M. Ounsworth, C. Viana, J. Gilbert, G. Scinta, C. Brown, H. Le Van Gong, P. Kampanakis, K. Kwiatkowski, E. Kim, J. Goodman, A. Hu, V. Krummel - An Efficient and Generic Construction for Signal’s Handshake (X3DH): Post-Quantum, State Leakage Secure, and Deniable |
Keitaro Hashimoto, Shuichi Katsumata, Kris Kwiatkowski, Thomas Prest - Scalable Ciphertext Compression Techniques for Post-Quantum KEMs with Applications |
Shuichi Katsumata, Kris Kwiatkowski, Federico Pintore, Thomas Prest - Measuring TLS key exchange with post-quantum KEM |
Adam Langley, Dave Levin, Kris Kwiatkowski, Alan Mislove, Nick Sullivan, Luke Valenta - The TLS Post-Quantum Experiment |
Kris Kwiatkowski, Luke Valenta - Towards Post-Quantum Cryptography in TLS |
Kris Kwiatkowski
Talks
- Post-Quantum Cryptography in Practice: Migration Strategies for Constrained and Embedded Systems |
London Crypto, Imperial College London | London, UK | Nov, 2025 - Post-Quantum Cryptography for IoT Edge |
IPSoC Days Silicon Valley | Santa Clara, USA | Apr, 2025 - Post-Quantum Cryptography for IoT Edge. Implementation tradeoffs and security pitfalls |
TPM.dev | Cambridge, UK | Sep, 2024 - PQC Implementations, Tradeoffs and Pitfalls
GlobalPlatform Workshop | Virtual | Feb, 2024 - Cryptographic interfaces for secure IoT devices |
International Cryptographic Module Conference (ICMC 2022) | Washington D.C., USA | Sep, 2022 - Implementing a FIPS-Certifiable Crypto Module for Post-Quantum TLS |
CryptoMod 2022 | Brussels, Belgium | May, 2021 - Report on IETF and ETSI activities around Post-Quantum systems |
GlobalPlatform Workshop | Virtual | Nov, 2021 - Post-Quantum cryptography for C++ developers |
WroC++ | Virtual | Nov, 2021 - Ciphertext Compression Techniques for Post-Quantum KEMs |
University of Waterloo | Virtual | Oct, 2020 - Measuring post-quantum TLS
International Cryptographic Module Conference (ICMC 2020) | Virtual | Sep, 2020 - Towards Post-Quantum Cryptography in TLS |
Workshop on Elliptic Curve Cryptography (ECC) | Ruhr-University, Germany | Dec, 2019
Volunteering
- CHES 2026 - Member of artifact review committee | [
] - CHES 2025 - Member of artifact review committee | [
] - CHES 2024 - Member of artifact review committee | [
] - PETS 2024 - Member of artifact review committee
- PETS 2023 - Member of artifact review committee
- CHES 2021 - Member of artifact review committee
- IETF 115 - …
- CARDIS 2020 - Additional reviewer
- COSADE 2020 - Additional reviewer
- 17th IMA International Conference on Cryptography and Coding, 2019 - Additional reviewer
- Technical reviewer for a book Demystifying Cryptography with OpenSSL 3.0 by Alexei Khlebnikov