Semester Projects
Available Projects
Students interested in a project with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography, to the contact noted under Student Projects.
Last updated: 17.09.2025
This student project's aim is to contribute to an ongoing, larger project focused on developing a secure mesh messaging application for the International Committee of the Red Cross [1]. We want to build an application that enables field workers to communicate via smartphones in areas lacking internet or phone connectivity, without requiring additional hardware. We have already developed a prototype mobile application that implements the networking layer, including routing and delay-tolerant networking, using peer-to-peer WiFi connections on both major mobile platforms. Student projects already scheduled to run in the next phase will build upon this foundation by integrating security mechanisms and improving the networking parts.
The final aspect of the larger project, and the topic of this student project, involves conducting a comprehensive experimental evaluation of the application. This includes managing a testbed of physical devices, running basic performance tests to assess the application's real-world effectiveness, but also conducting larger experiments with people. Potential extensions could include developing a simulation framework to test scenarios we cannot run in practice, as well as performing security tests.
Familiarity with subjects such as testing, network security, and Android and/or iOS app development in general would be advantageous. However, it is not a strict requirement for highly motivated students eager to learn.
References
Ongoing Projects (Master's Level)
(We recommend students currently doing a project in our group to use this Download LaTeX template (ZIP, 230 KB) for the write-up.)
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Kien Tuong Truong, Dr. Lenka Mareková)
This project seeks to support communication among humanitarian workers in areas with limited connectivity by developing a smartphone application that operates without additional hardware. Initially, a prototype was created using distinct Wi-Fi technologies for Android and iOS, resulting in communication barriers between these platforms. With the recent introduction of Wi-Fi Aware on iOS, prompted by the EU's Digital Markets Act, the project now aims to achieve platform interoperability by re-implementing the iOS link layer. It willinvestigate conditions for successful interoperability with Android's existing Wi-Fi Aware solution. Additionally, the project may explore improvements to the shared routing layer to bolster its resilience against frequent network disruptions, further enhancing the application's usability in diverse field settings.
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Kien Tuong Truong, Dr. Lenka Mareková)
This project involves enhancing communication capabilities for humanitarian workers operating in areas with unreliable connectivity. Building on previous prototypes of mobile applications that utilize peer-to-peer Wi-Fi connections, the project is now focusing on integrating robust cryptographic security mechanisms. These include authentication and key exchange protocols, secure messaging protocols, and revocation mechanisms tailored to diverse field conditions and restrictions facing humanitarian workers. This means that the implementation must take into account the varied security and privacy risks as well as adapt to the unique requirements of the setting, providing multiple modes of operation that can be further configured based on local context.
(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Yuanming Song, Kien Tuong Truong)
This project investigates the largely unexplored area of timing side channels in data compression and decompression, building upon recent findings that highlight vulnerabilities in decompression processes. Data compression, while effective in reducing data size by eliminating redundancy, unintentionally introduces information leakage vectors, such as compression ratio side channels, previously exploited in attacks like CRIME and BREACH. The project aims to investigate timing variations during both compression and decompression, striving to enhance the reliability and efficiency of decompression timing side-channel attacks and exploring the potential for similar vulnerabilities during compression. The research may also extend to examining other compression algorithms, such as brotli and bzip2, for their susceptibility to timing side channels. Practically, the project involves crafting payloads to exploit timing differences, potentially through manual analysis, automated tools, or by adapting existing techniques for compression ratio side-channel attacks, with a strong focus on implementation and experimentation.
Completed Projects (Master's Level)
2025
Adam Arifi Mernissi. A Survey on Information Set Decoding. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Simon-Philipp Merz, Kien Tuong Truong.
Timon Meyer. SoK: Secure Mesh Messaging in Context. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Lenka Mareková.
Tony Raffoul. Practical Evaluation of Radio Standards for Mesh Networks in Humanitarian Missions. Supervisor: Prof. Christoph Studer, Co-supervisor: Dr. Stefan Mangold.
Christian Mürtz. Optimized Implementation of Poly1163 and ChaCha20-Poly1163
for x86_64 [Download pdf (PDF, 3.8 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.
Kevin Verhaeghe. Key Management Systems in the Wild: An Analysis of HashiCorp Vault. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Jean-Philippe Aumasson (Taurus), Dr. Lenka Mareková.
Fiona Willi. Identifying Compiler Optimizations that Break Constant Time Programming Techniques [Download pdf (PDF, 916 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.
Daniela Thurnher. Fuzzy BFFs: Distance-Sensitive Binary Fuse Filters [Download pdf (PDF, 1005 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Laura Hetz, Dr. Francesca Falzon.
Noah Tittelbach. Breaking SSO. Supervisor: Prof. Kenny Paterson. Co-supervisor: Matteo Scarlata.
Vaclav Zvonicek. Concrete Cost Analysis of Finding Paths in Isogeny Graphs [Download pdf (PDF, 408 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Simon-Philipp Merz.
Eduarda Assunção. Analyzing IKEv2: Security Proofs, Known Attacks, and Other Insights [Download pdf (PDF, 812 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Shannon Veitch.
2024
Marc Himmelberger. Performance Analysis of AEAD Schemes [Download pdf (PDF, 1.9 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Jan Gilcher.
Melanie Jauch. UOV and MAYO: Analysis and Comparison. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Simon-Philipp Merz.
Andrea Raguso. Scalable Probabilistic Data Structures in Adversarial Environments [Download pdf (PDF, 1.8 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Mia Filić.
Domenico Nobile. Metadata-private Messaging in the Wild: Session. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Lenka Mareková.
Marko Lisicic. Breaking Cryptography in the Wild: CryptPad. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Zichen Gui.
Jonas Lauer. Exploring Anonymous One-to-One Messaging with a Single Server. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Tianxin Tang, Laura Hetz.
Emanuel Opel. SoK: Authenticated Dictionaries and their Applications. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Francesca Falzon.
Andraž Strgar. WhatsApp Multi-Device: Analysis and Noise Protocol Interceptor. Supervisor: Prof. Kenny Paterson. Co-supervisor: Matteo Scarlata.
Junzhen Lou. Homomorphic Encryption for Healthcare Data Privacy in Industry Use Cases [Download pdf (PDF, 823 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Anwar Hithnawi (Privacy Preserving Systems Lab, ETH Zurich), Roche.
Dimitri Francolla. Privacy implications of AMQ-based PQ TLS authentication [Download pdf (PDF, 932 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Mia Filić, Shannon Veitch.
2023
Jonas Hofmann. Exploring Cuckoo filters in Redis [Download pdf (PDF, 1.9 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Anupama Unnikrishnan, Mia Filić.
Iana Peix. Repairable Threshold Schemes with Malicious Security [Download pdf (PDF, 1.1 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Shannon Veitch.
Yuanming Song. Cryptography in the Wild: Briar [Download pdf (PDF, 614 KB)]. Supervisor: Prof. Kenny Paterson.
César Descalzo. Crypto in the wild – Analysing the security of CipherStash. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Zichen Gui.
Keran Kocher. Cuckoo filters in adversarial settings [Download pdf (PDF, 636 KB)]. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Anupama Unnikrishnan.
Sophia Artioli. How Practical is Single-Server Private Information Retrieval? [Download pdf (PDF, 1.5 MB)] Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Tianxin Tang.
2022
Daniele Coppola. Breaking Cryptography in the Wild: Nextcloud. Supervisor: Prof. Kenny Paterson. Co-supervisors: Prof. Martin Albrecht and Matilda Backendal. [report Download pdf (PDF, 492 KB)] [paper external page pdf]
Younis Khalil. Implementing a Puncturable Key Wrapping Library [Download pdf (PDF, 1.6 MB)]. Supervisor: Prof. Kenny Paterson. Co-supervisors: Dr. Felix Günther and Matilda Backendal.
Daniel Pöllmann. Perceptual Hash Functions. Supervisor: Prof. Kenny Paterson. Co-supervisor: Dr. Fernando Virdia.
Mirco Stäuble. Actually Good Encryption? Confusing Users by Changing Nonces [Download pdf (PDF, 1023 KB)]. Supervisor: Prof. Kenny Paterson.
2021
Theo von Arx. Analysis of Telegram Clients' Security [Download pdf (PDF, 675 KB)]. Supervisor: Prof. Kenny Paterson.
Louis Leclair. Analysing Encrypted Databases Using Learning Algorithms. Supervisor: Prof. Kenny Paterson.
Lena Csomor. Why Johnny Can’t Compute Securely: Exploring the Gap between Threat Models and Stakeholder Concerns [Download pdf (PDF, 618 KB)]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Alexander Viand.
Silvia Ritsch. Analysing Privacy of Zcash PKE scheme. Joint supervisor: Prof. Kenny Paterson.
2020
Mathilde Aliénor Raynal. Probabilistic Data-structures in Adversarial Scenarios: The HyperLogLog Case [external page pdf]. Supervisor: Prof. Kenny Paterson.
2019
Ali El Wahsh. Compromises in Private Set Intersection for Contact Discovery. Supervisor: Prof. Kenny Paterson.