Applied Cryptography Group

Search

EN

News & Events

Here we are giving you a peek into what keeps us busy, motivated and happy throughout the current year. Curious about what happened before? Browse our News & Events Archive.

Jan

Congratulations to Jan on a brilliant defence!

We're thrilled to share the news that our colleague and friend, Jan Gilcher, has successfully defended his doctoral thesis on the 26th of February 2026. His doctoral research, culminating in a thesis titled "Hashing It Out: Advancing Universal Hash Functions with Applications to Authenticated Encryption", pushes the boundaries of universal hash functions, exploring new designs with practical impact on the security and the performance of AE schemes.

We will remember Jan not only for his research and his valuable knowledge -- he was one of the most applied people in the group, and our go-to expert for benchmarking implementations -- but also for his long tenure as IT coordinator. Jan accompanied the group from its early years, through our rockety migration to a new internal chat system, relocation to new offices, and a growing server fleet that today counts four high-performance machines.

Join us in congratulating Jan on his success and wishing him all the best as he moves forward in his career.

02.03.2026

1Password, Bitwarden, Dashlane, LastPass

Password Managers, Analysed

Our research on password managers is now public at:

external page https://webro.ke/passwordmanagers

The paper, to appear at USENIX Security '26, sees Matteo Scarlata, Giovanni Torrisi (former MSc student in AC, now doctoral student at USI Lugano), Matilda Backendal (former doctoral student in AC, now Professor at USI Lugano) and Kenny Paterson take a "Crypto in The Wild" look at Bitwarden, LastPass, Dashlane and 1Password.

Surprisingly, despite their popularity and the importance of the data they protect, password managers were not analysed in depth before.
When considering a malicious server threat model (the de rigueur approach for E2EE protocols), we found "external page a cornucopia of practical attacks" against the products we analysed.

Our findings received wide press coverage: here we are on the ETH main page, on external page Ars Technicaexternal page Risky Biz and external page Medium

16.02.2026

DDR-SSE @ USENIX Security 2026

Congratulations to Simon-Philipp Merz and Kenny Paterson for their paper “DDR-SSE: Duplicated Retrieval of Documents for System-wide Secure Searchable Symmetric Encryption" which was recently accepted to USENIX Security 2026. The paper is joint work with with Zichen Gui from University of Georgia and Sikhar Patranabis from IBM Research India. Both Zichen and Sikhar are former postdocs from the Applied Crypto Group.

Searchable Symmetric Encryption (SSE) schemes enable efficient keyword searches over encrypted documents. An SSE scheme is said to be system-wide secure if it resists cryptanalysis by an adversary with access to leakage from retrieval of both encrypted indices and encrypted documents. In the new paper, the team presents DDR-SSE - a practically efficient, conceptually simple, system-wide secure SSE scheme that only requires a static client state, and has a simpler leakage profile than the state-of-the-art system-wide secure scheme. The paper also gives a formal security proof for DDR-SSE with respect to a rigorously formal system-wide leakage profile. Through extensive leakage cryptanalysis, DDR-SSE is shown to be resilient to query reconstruction attacks. Finally, the paper provides benchmarks for a prototype implementation of DDR-SSE, showing that it scales smoothly to large databases of the size seen in real-world applications.

20.01.2026

Welcome back Annamira!

Annamira O’Toole returned to the Applied Cryptography group as a doctoral student on 1 January 2026. She was previously a part of our group while she was a joint cybersecurity MSc student at EPFL and ETH Zürich. During her MSc, Annamira worked with us on two-server authenticated private information retrieval. She completed her MSc thesis at IBM Research on revocable publicly-verifiable anonymous credentials.

Annamira is from the United States, where she obtained her bachelor's degree from UC Berkeley. She is excited to be back in Switzerland, especially the mountains. 

Great to have you back Annamira!

20.01.2026

Congratulations!

Shannon, a doctoral student in our group, has been awarded a 2025 IBM PhD Fellowship. These competitive graduate fellowships recognize and support exceptional PhD students around the world. Shannon’s research focuses on improving the cryptographic anonymity guarantees of real-world protocols.

Congratulations, Shannon!

13.01.2026

Welcome!

We are delighted to welcome Professor Stefano Tessaro from the University of Washington who will be visiting ETH Zurich during his sabbatical year in 2026. He will be jointly hosted by the Applied Cryptography and Foundations of Cryptography research groups, reflecting his research interests at the intersection between applied and theoretical aspects of cryptography.

We are looking forward to learning from and collaborating with you, Stefano!

05.01.2026

JavaScript has been disabled in your browser