You are now in the main content area
Atefeh (Atty) Mashatan

Dr. Atefeh Mashatan

Director, Cybersecurity Research Lab | Assistant Professor
DepartmentInformation Technology Management
EducationBMath, MMath, PhD
OfficeTRS 2-038
Phone416-979-5000 x 3632


Professor Atefeh (Atty) Mashatan joined the School of Information Technology Management of Ryerson University in 2016. Her research focus has been on Information Systems Security, Cryptography, and Combinatorics. 

Prior to joining Ryerson University, Dr. Mashatan was a Senior Information Security Consultant and Solutions Architect at CIBC (Canadian Imperial Bank of Commerce), 2012-2016, with a focus on cryptography and enterprise architecture where she led numerous solution design, implementation, and validation of strategic projects - many of which were NDA initiatives. Working with business technology partners, she also led the evaluation of newly proposed and existing security systems and provided subject matter expertise to the threat and risk management and enterprise gating partners.

Prior to that Dr. Mashatan was a Scientific Collaborator at the Security and Cryptography Laboratory of School of Computer and Communication Sciences, EPFL (Swiss Federal Institute of Technology, Lausanne), 2009-2012, where she conducted research on design and analysis of cryptographic protocols, such as authentication and revocation, by means of mathematical tools. She also collaborated with Nokia Research Centre and her work resulted in a patent.

Dr. Mashatan obtained her PhD from the University of Waterloo, under the supervision of Professor Douglas Stinson, and her Certificate in University Teaching from the Centre for Teaching Excellence. She is a Certified Service Oriented Architect (SOA) with Honours. She obtained the Certified Information Systems Security Professional (CISSP) certification from International Information Systems Security Certification Consortium (ISC2) in 2015.

Dr. Mashatan has an Erdős Number of 2!, external link This is the best a researcher can achieve since 1996 when Paul Erdős passed away.

Security of Internet of Things (IoT), Privacy enhancing technologies, Information Technology Security & Management, Big data and data security,   Cryptographic Protocols, Postquantum Cryptography, Security in Ad Hoc Pervasive Networks.

Refereed Journal Articles

Asli Bay, Atefeh Mashatan, and Serge Vaudenay (2014), Revisiting Iterated Attacks in the Context of Decorrelation Theory. Cryptography and Communications 6(4): 279- 311.

Ehsan Malekian, Atefeh Mashatan, and Ali Zakerolhosseini (2011), QTRU: Quaternionic Version of the NTRU Public-Key Cryptosystems. The ISC International Journal of Information Security 2011, Volume 3, Number 1 (pp. 2942).

Atefeh Mashatan and Douglas R. Stinson (2010), Practical Unconditionally Secure Two-channel Message Authentication. Designs, Codes and Cryptography 55 (2010), 169-188.

Ian Goldberg, Atefeh Mashatan, and Douglas R. Stinson (2010) On Message Recognition Protocols, Recoverability and Explicit Confirmation. International Journal of Applied Cryptography 2010 - Vol. 2, No.2 pp. 100 - 120.

Refereed Conference Proceedings
Asli Bay, Atefeh Mashatan, and Serge Vaudenay (2012), Resistance Against Iterated Attacks by Decorrelation Theory, Revisited. CRYPTO 2012, pp. 741-757.
Asli Bay, Atefeh Mashatan, and Serge Vaudenay (2012), Resistance Against Adaptive Plaintext-Ciphertext Iterated Distinguishers. INDOCRYPT: 528-544.
Atefeh Mashatan and Khaled Ouafi (2012), Forgery-Resilience for Digital Signature Schemes: A new paradigm for practical digital signature schemes exhibiting desirable legislative properties. 7th ACM Symposium on Information, Computer and Communications Security, AsiaCCS: 24-46.
Atefeh Mashatan and Khaled Ouafi (2011). Efficient Fail-Stop Signatures from the Factoring Assumption. The 14th Information Security Conference (ISC 2011), volume 7001 of Lecture Notes in Computer Science, Springer, pp.372-385, 2011.
Atefeh Mashatan and Serge Vaudenay (2010), A Message Recognition Protocol Based on Standard Assumptions. In Jianying Zhou and Moti Yung, editors, Applied Cryptography and Network Security (ACNS), volume 6123 of Lecture Notes in Computer Science, Springer, pp. 384-401, 2010.
Method and apparatus for providing efficient management of certificate revocation, US 9083535 B2, US 13/882,812, Publication Date: July 14, 2015.

Atefeh Mashatan and Serge Vaudenay (2013), Fully Dynamic Universal Accumulators. Proceedings of the Romanian Academy, vol. 14: 269-285.

Jean-Philippe Aumasson, Atefeh Mashatan, and Willi Meier (2009), More on Shabal’s permutation. Official Comment - NIST Hash Competition.

Atefeh Mashatan (2008), Do student ratings of mathematics professors in research universities tend to discriminate against female instructors? 19 pages. This paper was a research project and a requirement for Certificate In University Teaching, Centre for Teaching Excellence, Waterloo, Ontario.


Course Code Course Title
ITM 706 Enterprise Architecture
ITM 820 Information Systems Security and Privacy


  • Cryptography and Security
  • Advanced Security
  • Introduction to Graph Theory
  • Math Discovery and Innovation
  • Applied Cryptography
  • Calculus II for Engineers
  • Math of Public-Key Cryptography
  • Discrete Math for Engineers
  • Combinatorial Enumeration
  • Introduction to Combinatorics




  • PhD, Mathematics, University of Waterloo
  • MMath
  • BMath
  • Certificate in University Teaching
  • Certified Information Systems Security Professional (CISSP)
  • Certified Service Oriented Architect (SOA) with Honours
  • Service Oriented Architect with Honours
  • Individual Achievers Award, Canadian Imperial Bank of Commerce, Quarter 1, 2015
Media Mentions
"Companies see cyber threat, but security spending tight", external link - National Post - May 30, 2017
"Be ‘vigilant’ online Cyber attack a wake-up call for KLers", external link - Northern News - May 16, 2017
"WannaCry ransomware: Is the GTA at risk?", external link - CTV News Toronto - May 16, 2017
"Experts cite security gaps as ‘WannaCry’ attacks abate", external link - Globe & Mail - May 16, 2017
"What you need to know about WannaCry ransomware", external link - Inside Toronto - May 15, 2017
"It’s a fluke Canada was largely spared from massive WannaCry cyber attack, expert says", external link - National Post - May 15, 2017
"Oshawa hospital among thousands of global ‘ransomware’ cyberattack victims", external link - CBC News - May 14, 2017

"We were lucky’: massive cyberextortion attack could have affected Canada", external link - National Post - May 13, 2017

Story was picked by 41 news outlets including:

"San Francisco transit system hijacked by ransomware attack", external link - CBC News - November 29, 2016
"Metrolinx making ‘significant investments’ to protect Presto from hackers", external link - CBC News - November 20, 2016
"How can you tell if you’ve fallen victim to a credit card sequencing scam?", external link - City News - October 13, 2016