Daniel Zappala



BYU | Computer Science

Internet Research Lab


My current research is in network security and usable security, with a particular focus on authentication systems. I am generally interested in any situations that humans interact with security and privacy features.

Current Projects

Let's Authenticate

We are creating a system to replace password authentication for websites and mobile applications, based on issuing certificates to users. Our goal is to provide automated registration and login, while providing privacy for users, since websites see only anonymous identifiers and certificate authorities can't track logins. More details can be found in our workshop paper.

The Secure Socket API

The secure socket API extends the POSIX socket API to provide simple developer usability for TLS and administrator control over how TLS is configured on their machines. Our paper on this system won an award at USENIX Security in 2018. We are continuing to develop the system as open source software so that more developers can use it.

Grass Roots Adoption of Encryption

We are interested in understanding obstacles to the adoption of encryption by the general public. Our current work includes a recent paper developing mental models of how people understand and interact with encryption. We are working on applying lessons learned from this work to new designs for secure applications.

Past Research

Past research topics include improving the usabilty of the authentication ceremony in secure messaging applications, automating interactions with secure email systems, measurements of TLS proxies, measurements of the Steam game network, cloud storage, sentiment analysis, wireless networks, streaming video algorithms, peer-to-peer networking, and multicast routing. See Publications for more details.