Semester Projects

Available Projects

Students interested in a project with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography, to the contact noted under Student Projects.

Last updated: 03.07.2025

This student project's aim is to contribute to an ongoing, larger project focused on developing a secure mesh messaging application for the International Committee of the Red Cross [1]. We want to build an application that enables field workers to communicate via smartphones in areas lacking internet or phone connectivity, without requiring additional hardware. We have already developed a prototype mobile application that implements the networking layer, including routing and delay-tolerant networking, using peer-to-peer WiFi connections on both major mobile platforms.

The next phase of the project involves building upon this by integrating security mechanisms (which we are currently developing), as well as conducting an experimental evaluation of the application. These security mechanisms encompass all parts of the technology stack, ranging from basic authentication and key exchange protocols to group messaging protocols, so it's a great opportunity to see how cryptography gets implemented in practice.

The student project thus includes prototyping on mobile platforms, implementing cryptographic protocols, and conducting performance tests to assess the application's real-world effectiveness. Familiarity with Android and/or iOS app development in general, as well as React Native in particular, would be advantageous. However, it is not a strict requirement for highly motivated students eager to learn.

References

[1]: external page https://eha.swiss/case-study/wireless-mesh-networking-for-humanitarian-communication-2/

Ongoing Projects (Master's Level)

(We recommend students currently doing a project in our group to use this Download LaTeX template (ZIP, 230 KB) for the write-up.)

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Yuanming Song, Kien Tuong Truong)

This project investigates the largely unexplored area of timing side channels in data compression and decompression, building upon recent findings that highlight vulnerabilities in decompression processes. Data compression, while effective in reducing data size by eliminating redundancy, unintentionally introduces information leakage vectors, such as compression ratio side channels, previously exploited in attacks like CRIME and BREACH. The project aims to investigate timing variations during both compression and decompression, striving to enhance the reliability and efficiency of decompression timing side-channel attacks and exploring the potential for similar vulnerabilities during compression. The research may also extend to examining other compression algorithms, such as brotli and bzip2, for their susceptibility to timing side channels. Practically, the project involves crafting payloads to exploit timing differences, potentially through manual analysis, automated tools, or by adapting existing techniques for compression ratio side-channel attacks, with a strong focus on implementation and experimentation.

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Dr. Simon-Philipp Merz, Kien Tuong Truong)

This student project focuses on the emerging field of post-quantum cryptography, specifically exploring cryptographic systems based on the computational difficulty of decoding linear error-correcting codes. As quantum computers pose a threat to current public-key encryption, research in post-quantum cryptography has gained importance. The project aims to systematize recent advancements in information-set decoding (ISD) algorithms, which are crucial for understanding and potentially improving code-based cryptanalysis. The project will provide a comprehensive overview of existing ISD algorithms, analyze their variations and how they exploit the structure of decoding problems, such as regular syndrome decoding. Additionally, it will evaluate current leading implementations of ISD algorithms and seek to achieve concrete performance improvements. This research will contribute to the standardization efforts by organizations like the US National Institute of Standards and Technology (NIST) in developing secure cryptographic systems for a post-quantum world.

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Dr. Lenka Mareková)

This project's aim is to develop a Systematization of Knowledge, a type of work which aims to comprehensively review, organize, and synthesize existing knowledge on a particular topic. In this case the focus will be on mesh networks and their applications to offline communications, taking a broad definition of "mesh" to include traditional ad-hoc networks [1,2], peer-to-peer systems as well as more recently proposed mesh messaging designs [3,4,5], spanning cryptography but also security research more widely. The project will also survey a host of existing practical tools and their capabilities [6,7,8], thus providing a comprehensive overview of what is available in the real world, and what the potential gaps are.

The goal will be to catalogue existing usecases in which these networks have been or were intended to be utilised and describe the functionality they provide; to identify key assumptions behind the proposed designs; describe common threat models as well as the promised security guarantees. The work could also draw on related concepts from the anonymity and censorship resistance literature, and as a potential extension explore social science works on internet shutdowns and other contexts where standard communication media are not available or not reliable enough for use.

Completed Projects (Master's Level)

2025

Tony Raffoul. Practical Evaluation of Radio Standards for Mesh Networks in Humanitarian Missions. Supervisor: Prof. Christoph Studer, Co-supervisor: Dr. Stefan Mangold.

Christian Mürtz. Optimized Implementation of Poly1163 and ChaCha20-Poly1163
for x86_64
[Download pdf (PDF, 3.8 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.

Kevin Verhaeghe. Key Management Systems in the Wild: An Analysis of HashiCorp Vault. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Jean-Philippe Aumasson (Taurus), Dr. Lenka Mareková.

Fiona Willi. Identifying Compiler Optimizations that Break Constant Time Programming Techniques. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.

Daniela Thurnher. Fuzzy BFFs: Distance-Sensitive Binary Fuse Filters. Supervisor: Prof. Kenny Paterson. Co-supervisors: Laura Hetz, Dr. Francesca Falzon.

Noah Tittelbach. Breaking SSO. Supervisor: Prof. Kenny Paterson. Co-supervisor: Matteo Scarlata.

Vaclav Zvonicek. Concrete Cost Analysis of Finding Paths in Isogeny Graphs [Download pdf (PDF, 408 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Simon-Philipp Merz.

Eduarda Assunção. Analyzing IKEv2: Security Proofs, Known Attacks, and Other Insights [Download pdf (PDF, 812 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Shannon Veitch.  

2024

Marc Himmelberger. Performance Analysis of AEAD Schemes [Download pdf (PDF, 1.9 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.

Melanie Jauch. UOV and MAYO: Analysis and Comparison. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Simon-Philipp Merz.

Andrea Raguso. Scalable Probabilistic Data Structures in Adversarial Environments [Download pdf (PDF, 1.8 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Mia Filić.

Domenico Nobile. Metadata-private Messaging in the Wild: Session. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Lenka Mareková.

Marko Lisicic. Breaking Cryptography in the Wild: CryptPad. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Zichen Gui.

Jonas Lauer. Exploring Anonymous One-to-One Messaging with a Single Server. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Tianxin Tang, Laura Hetz.

Emanuel Opel. SoK: Authenticated Dictionaries and their Applications. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Francesca Falzon.

Andraž Strgar. WhatsApp Multi-Device: Analysis and Noise Protocol Interceptor. Supervisor: Prof. Kenny Paterson. Co-supervisor: Matteo Scarlata.

Junzhen Lou. Homomorphic Encryption for Healthcare Data Privacy in Industry Use Cases [Download pdf (PDF, 823 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Anwar Hithnawi (Privacy Preserving Systems Lab, ETH Zurich), Roche.

Dimitri Francolla. Privacy implications of AMQ-based PQ TLS authentication [Download pdf (PDF, 932 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Mia Filić, Shannon Veitch.

2023

Jonas Hofmann. Exploring Cuckoo filters in Redis [Download pdf (PDF, 1.9 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Anupama Unnikrishnan, Mia Filić.

Iana Peix. Repairable Threshold Schemes with Malicious Security [Download pdf (PDF, 1.1 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Shannon Veitch.

Yuanming Song. Cryptography in the Wild: Briar [Download pdf (PDF, 614 KB)]Supervisor: Prof. Kenny Paterson.

César Descalzo. Crypto in the wild – Analysing the security of CipherStash. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Zichen Gui.

Keran Kocher. Cuckoo filters in adversarial settings [Download pdf (PDF, 636 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Anupama Unnikrishnan.

Sophia Artioli. How Practical is Single-Server Private Information Retrieval? [Download pdf (PDF, 1.5 MB)] Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Tianxin Tang.

2022

Daniele Coppola. Breaking Cryptography in the Wild: Nextcloud. Supervisor: Prof. Kenny Paterson. Co-supervisors: Prof. Martin Albrecht and Matilda Backendal. [report Download pdf (PDF, 492 KB)] [paper external page pdf]

Younis Khalil. Implementing a Puncturable Key Wrapping Library [Download pdf (PDF, 1.6 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Felix Günther and Matilda Backendal.

Daniel PöllmannPerceptual Hash Functions. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Fernando Virdia.

Mirco Stäuble. Actually Good Encryption? Confusing Users by Changing Nonces [Download pdf (PDF, 1023 KB)]. Supervisor: Prof. Kenny Paterson.

2021

Theo von Arx. Analysis of Telegram Clients' Security [Download pdf (PDF, 675 KB)]. Supervisor: Prof. Kenny Paterson.

Louis Leclair. Analysing Encrypted Databases Using Learning Algorithms. Supervisor: Prof. Kenny Paterson.

Lena Csomor. Why Johnny Can’t Compute Securely: Exploring the Gap between Threat Models and Stakeholder Concerns [Download pdf (PDF, 618 KB)]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Alexander Viand.

Silvia Ritsch. Analysing Privacy of Zcash PKE scheme. Joint supervisor: Prof. Kenny Paterson

2020

Mathilde Aliénor Raynal. Probabilistic Data-structures in Adversarial Scenarios: The HyperLogLog Case [external page pdf]. Supervisor: Prof. Kenny Paterson.

2019

Ali El Wahsh. Compromises in Private Set Intersection for Contact Discovery. Supervisor: Prof. Kenny Paterson.

JavaScript has been disabled in your browser