01 · Feb 2026 - Sep 2026 expected
Dusseldorf, North Rhine-Westphalia, Germany - On-site
At Huawei Research / Huawei Data Privacy Lab, I research post-quantum policy-based anonymous tokens for privacy-preserving authorization, anonymous credentials, and AI-era access-control problems.
- Protocol engineering: Extended a Rust-based post-quantum anonymous-token framework from plain anonymous tokens to policy-bound tokens, adding Dilithium-based issuance and tag-bound authorization logic.
- Privacy-preserving access control: Designed token flows for policy, quota, endpoint, and tool-call checks where verifiers confirm scoped authorization without learning a stable user identity, master credential, or issuance history.
- Measured overhead: Evaluated the policy layer against a plain-token baseline: +31.1% trace width, +22.4% proof size, about 2x constraint-evaluation time, and +16.4% public verification time.
- Agentic-AI connection: Mapped policy-based anonymous tokens to MCP/tool/API gateway authorization, positioning them as a privacy-preserving complement to OAuth for non-account-specific policy checks.





