News & Events

Here we are giving you a peek into what keeps us busy, motivated and happy day in and day out.

Mia Filic on stage at Asiacrypt 2024.

Mia at Asiacrypt 2024

Mia is enjoying Asiacrypt in Kolkata (December 9-13, 2024), where she just presented her paper “Deletions and Dishonesty: PDS in Adversarial Settings."

12.12.2024

Welcome!

Dr. Stefan Mangold will join the Applied Cryptography group on 1 January 2025 as a senior scientist. Stefan will contribute to our research efforts in the ETH4D project titled "Wireless Mesh Networking for Humanitarian Communication."

This initiative aims to develop innovative connectivity solutions to support the coordination of humanitarian operations. In collaboration with the International Committee of the Red Cross, ICRC, the project addresses a critical challenge: the frequent lack of reliable internet access or wireless connectivity faced by humanitarian workers in the field. By integrating wireless mesh and delay tolerant networks, the project aims to create robust communication systems that can function even in the most challenging conditions.

We are happy to have Stefan’s expertise and passion on board and look forward to the impactful advancements this collaboration will bring!

5.12.2024

Prof. Ben Dowling

Ben Visiting the Applied Crypto Group

Prof. Ben Dowling from King’s College London, formerly a postdoc in the AC group, came back for a short visit to Zurich and presented his current research on security in deep space and his analysis of the BPSec Protocol.

It was great to have you back Ben!

2.12.2024

Farewell Simon!

Simon Rastikian successfully defended his Doctoral Thesis. Simon was affiliated with IBM Research Zurich and ETH Zurich, and supervised by Dr. Bertram Poettering and Prof. Dr. Kenny Paterson.

Best of luck, Simon!

30.11.2024

Walter Benjamin Fellowship for Simon-Philipp Merz

We are pleased to announce that Simon-Philipp Merz, a postdoctoral researcher in our group, has been awarded a competitive postdoctoral grant by the German Research Foundation. This grant is a recognition of Simon’s past achievements in the cryptanalysis of post-quantum cryptography and supports his future endeavours in the Applied Cryptography Group.

Please join us in congratulating Simon on this accomplishment. We look forward to seeing the advancements that will come from his research.

14.10.2024

Sync Key Hierarchy

Out of Embargo: Cloud Storage Security Analysis

Our security analysis of cloud storage providers is now out of embargo. See the higlight and read the paper at: https://brokencloudstorage.info/

The paper, titled "End-to-End Encrypted Cloud Storage in the Wild: A Broken Ecosystem", by Jonas Hofmann and Kien Tuong Truong will be presented next week CCS 2024.

10.10.2024

IACR Logo

Crypto '24 Talks Online

Talk recordings from Crypto '24 in Santa Barbara are now available on Youtube! Don't miss:

23.9.2024

Yuanmin Song

Willi Studer Prize for Yuanming

Yuanming Song won the Will Studer prize for the best Master's graduate of the Cyber Security 2024 MSc programme.

Yuanming completed his Master's thesis in the Applied Cryptography Group -- "Refined Techniques for Compression Side-Channel Attacks", and we are proud to now have him in the group as a doctoral student!

15.9.2024

Farewell Àlex

Àlex Rodríguez García returned home after spending July and August with our group for the Student Summer Research Fellowship programme.

We got to know Àlex as a very motivated, interested and friendly personality and really enjoyed having him around both on a professional and social level.

This is the farewell message Àlex left for us:

"I would like to thank the group for the help they have given me during the project but most of all for their kindness. During the summer I have felt comfortable and welcome in the group, I value above all the good atmosphere. I'm sad to leave but I'm happy to think that I've made new friends and that we'll keep in contact."

We hope so too, Àlex! All our very best wishes for whatever lies ahead.

2.9.2024

Applied Crypto @ CCS 2024

Several of our papers were accepted at CCS! You will see us in Salt Lake City presenting:

- "PathGES: An Efficient and Secure Graph Encryption Scheme for Shortest Path Queries", by Francesca Falzon, Esha Ghosh, Kenneth G. Paterson and Roberto Tamassia, on a graph encryption scheme designed for efficient and secure shortest path queries, with reduced leakage and server computation, and outperforming the state-of-the-art schemes with minimal additional storage overhead.

- "Obfuscated Key Exchange", by Felix Günther, Douglas Stebila and Shannon Veitch, formalizing the notion of obfuscated key exchange with applications to the Tor network's obfs4 protocol and presenting a quantum-safe variant of obs4 using ML-KEM (Kyber) standard.

- "End-to-End Encrypted Cloud Storage in the Wild: A Broken Ecosystem", by Kien Tuong Truong and Jonas Hofmann, surveying the landscape of E2EE Could Storage providers and proposing attacks and mitigations.
 

30.08.2024

Welcome!

Yuanming Song joins the Applied Cryptography Group as a doctoral student on 1 August 2024. Yuanming recently completed his Master's in Cyber Security at ETH Zurich and EPFL. His work focused on improving cryptanalysis techniques, cryptography "in the wild" and password security. He has a broad interest in understanding the security of cryptographic systems.

30.7.2024

Goodbye!

Zichen Gui has worked as a postdoctoral researcher in our group since April 2022. He is now off to new shores as he has accepted an offer from the University of Georgia to take on a new role as an Assistant Professor.

Congratulations on this great success, Zichen!

We have very much enjoyed working with Zichen and wish him all the very best both professionally and personally. The Applied Crypto group looks forward to keeping in touch and to the collaboration that lies ahead.

Take care, Zichen!

29.7.2024

Mia @ HP Labs

As of July, Mia Filić is joining HP Labs in Bristol for an internship. She will be back at ETH in December.

17.7.2024

Eurocrypt - Cryptography in the Wild

Kenny's keynote talk at Eurocrypt 2024 is now available online.

If you missed it, you can watch it external page here!

10.7.2024

Welcome Àlex Rodríguez García!

Àlex has won an ETH Student Summer Research Fellowship and will spend July and August in our group. We look forward to making this an exciting and memorable time for Àlex as he will get an insight into our work, hands-on experience in a research project and the chance to meet and talk to many innovative people at ETH.

1.7.2024

USENIX Security '24

Several of our papers were accepted at the 33rd USENIX Security Symposium:

- "Cryptographic Analysis of Delta Chat", by Yuanming Song, Lenka Mareková and Kenneth G. Paterson, analysing Delta Chat, a PGP-based decentralised messaging application, and identifying several vulnerabilities in it.

- "MFKDF: Multiple Factors Knocked Down Flat", by Matteo Scarlata, Matilda Backendal and Miro Haller, breaking MFKDF, a construction for Key Derivation using multiple factors (such as TOTP codes and passwords) presented at USENIX last year.

20.6.2024

Applied Cryptography Group at Crypto 24

Two works from people in AC were accepted at Crypto, and will be presented in Santa Barbara this August!

We have:

  • "Improved algorithms for finding fixed-degree isogenies between supersingular elliptic curves", by Benjamin Benčina, Péter Kutas, Simon-Philipp Merz, Christophe Petit, Miha Stopar, and Charlotte Weitkämper
    Short abstract: The paper presents new algorithms to compute isogenies of a specific degree between supersingular elliptic curves. For a range of parameters the algorithms are faster than any previously known ones, improving cryptanalysis of isogeny-based constructions. Additionally, the paper can be seen as providing a link between the problems of computing endomorphism rings of supersingular elliptic curves and the problem of finding fixed-degree isogenies, thus relating two well-known cryptographic hardness assumptions.
  • "A Formal Treatment of End-to-End Encrypted Cloud Storage, by Matilda Backendal, Hannah Davis, Felix Günther, Miro Haller, Kenneth G. Paterson
    Short abstract: In this paper, we formalize E2EE cloud storage, defining its core functions and security against malicious servers. Our approach addresses recent attacks, including those on MEGA. We present an efficient and provably secure E2EE storage system, discussing challenges in achieving security parity with other end-to-end primitives like secure messaging and TLS.

8.5.2024

Applied Crypto at SOLA 2024

Many members of our group took part in the SOLA staffette this weekend! Kudos to Francesca, Kien, Simon, Lenka, Matilda and Matteo to keep the Applied Cryptography Group running!

6.5.2024

Anu joins the Quantum Center at ETH Zürich as Executive Director

We are all happy to have Anu back at ETH, and we wish her all the best with her new position at the Quantum Center. Congrats Anu!

6.5.2024

Kenny's current and past PhD students at RWC

Academic Reunion: Kenny's Current and Former PhD Students Gather at RWC

Kenny's doctoral students and his alumni gathered for a reunion at RWC, celebrating past research and forging future connections.

24.4.2024

Varun with best paper award

Best Paper Award for "Quantum CCA-Secure PKE, Revisited"

The work by Navid Alamati and Varun Maram, concerns the privacy of messages in the presence of quantum decryption queries, i.e., when an adversary can query a superposition of ciphertexts. They study this notion of security, dubbed qCCA, for public-key encryption (PKE) schemes based on both generic cryptographic primitives and concrete mathematical assumptions, and present constructions.

The paper was presented at PKC 2024, where it received a Best Paper Award. Congrats Varun and Navid!

24.4.2024

Looking forward to hosting Miro and David

In May, external page Miro Haller (PhD student at UC San Diego, US, advised by Nadia Heninger) and external page David Balbás (PhD student in Cryptography at IMDEA Software Institute, Spain, advised by Dario Fiore) are coming to visit. They will be working with Matilda Backendal on advanced security guarantees for file sharing systems.

23.4.2024

Mia @ Swiss Joint Research Centre | Spring Workshop

Mia, our doctoral student, gave a presentation on Probabilistic Data Structures in Adversarial Settings at the Microsoft Swiss Joint Research Centre (MSJRC) workshop last Wednesday. This presentation showcased her focus over the past 3 years, with two years of her PhD being funded by MSJRC. The presentation was well-received, sparking interesting discussions and discussions about future research directions. You can find more information about the workshop here: external page https://www.microsoft.com/en-us/research/event/swiss-joint-research-centre-spring-workshop/.

12.4.2024

RWC 24 Talks are online!

Recordings for our RWC talks are now online!

Compact Frequency Estimators in Adversarial Environments by Mia Filić: external page link.
Obfuscated Key Exchange by Shannon Veitch: external page link.
What's wrong with Poly1305? - Improving Poly1305 through a Systematic Exploration of Design Aspects of Polynomial Hash Functions by Jan Gilcher Jérôme Govinden: external page link.

10.4.2024

Thriving in between theory and practice: How applied cryptography bridges the gap

The National Institure of Standards and Technology (NIST) Crypto Reading Club invited Matilda Backendal and Miro Haller for a presentation on their recent cryptoanalytical work. They discuss where and why the gap between theory and practice arises, and how applied cryptography helps bridging the gap.

Find more about the talk external page here!

3.4.2024

End-to-End Encrypted Cloud Storage @IEEE S&P Magazine

End-to-end encryption is rapidly becoming the accepted security goal for personal data. Matilda Backendal, Miro Haller and Kenny Paterson discuss the challenges and the state of the art of end-to-end secure cloud storage in a recent S&P magazine article. They survey the security guarantees of current service providers and the issues they face, discuss open research questions, and highlight the challenges that impede the deployment of end-to-end secure cloud storage.

Read more on the IEEE article external page here, and on the Author's version external page pdf.

8.4.2024

Tianxin Tang was a postdoctoral researcher in our group from March 2022 to March 2024. Tianxin is off to new shores. We are sad to see her go and wish her all the very best for her future career.

31.3.2024

Breaking Nextcloud E2EE -- at Euro S&P 24!

Our work on "Share with Care:Breaking E2EE in Nextcloud", by Martin Albrecht, Matilda Backendal, Daniele Coppola and Kenny Paterson has been accepted to Euro S&P and will be presented in Vienna this July.

Our research debunks yet another claim of “Zero Knowledge" encryption -- a term much liked by cloud storage providers, but with no concrete meaning, and a red flag for broken cryptography. We present three attacks that violate the confidentiality and integrity of all user files. Two of the vulnerabilities have been mitigated by Nextcloud after disclosure, while the third resulted in the "file sharing" feature being removed.

Lessons learnt: get your thread modelling right, don't beta-test security-critical features, prove your desgin secure before releasing it... And don't call it zero knowlege unless it involves ZKPs!

6.3.2024

Simon-Philipp Merz at the Isogeny Club

Simon gave the opening talk of the external page fourth season of The Isogeny Club, presenting SCALLOP, an effective group action based on isogenies of supersingular curves.

The talk is based on the paper "SCALLOP: scaling the CSI-FiSh", by Luca De Feo, Tako Boris Fouotsa, Peter Kutas, Antonin Leroux, Simon-Philipp Merz, Lorenz Panny and Benjamin Wesolowski.

You can watch a recording external page here.

6.3.2024

Mia Filić at the FU Berlin Cybersecurity and AI Seminar

Mia is visiting Prof. Wunder's group at FU Berlin this week. She presented her work with Sam Markelon and Tom Shrimpton on Compact Frequency Estimators in Adversarial Environments at the FU Berlin Cybersecurity and AI Seminar this Wednesday, 28.02.2024. On Tuesday, Mia also explored HPI in Potsdam where the group of Prof. Lehmann welcomed her.

28.2.2024

Applied Crypto Group Retreat

The Applied Crypto group is back in full energy for the semester start after some nice days in the Southern Alps, enjoying the sun and some high-altitude research time in Airolo.

19.2.2024

Applied Crypto @ RWC 2024 Toronto

Our group will be featured in several talks at this year's RWC!

  • Shannon Veitch will present "Obfuscated Key Exchange", a security analysis and extensions of key exchange algorithms used for censorship circumvention (by Felix Günther, Douglas Stebila, and Shannon Veitch).
  • Jan Gilcher will present his work on benchmark and design of Polynomial Hash Functions over Prime Fields, "What’s Wrong with Poly1305? Improving Poly1305 through a Systematic Exploration of Design Aspects of Polynomial Hash Functions" (by Jean Paul Degabriele, Jan Gilcher, Jérôme Govinden and Kenneth Paterson).
  • Mia Filić will present her work on frequency estimators (such as Count-Min Sketch and HeavyKeeper) in the presence of adversaries, "Compact Frequency Estimators in Adversarial Environments" (by Sam A. Markelon, Mia Filić and Thomas Shrimpton).

29.1.2024

New Publications from the Applied Cryptography group

Some papers from members of our group have recently been published!

You can read about:

  • What's the best way to implement fast polynomial hashing: "SoK: Efficient Design and Implementation of Polynomial Hash Functions over Prime Fields", by Jean Paul Degabriele, Jan Gilcher, Jérôme Govinden and Kenneth Paterson @ SP 24.
  • Quantum CCA security for public-key encryption (PKE) from generic cryptographic primitives and concrete mathematical assumptions: "Quantum CCA-Secure PKE, Revisited", by Navid Alamati and Varun Maram @ PKC 2024.
  • A new way to design physically unclonable functions (PUFs) in silicon: "Using Gate Tunneling in Bulk CMOS to Create a PUF", by Patrick Camilleri, Shahram Mossayebi, Kenneth G. Paterson and Charles Grover @ IEEE IoT-J.
  • New bounds in probabilistic primality testing: "Average case error estimates of the strong Lucas test", by Semira Einsele and Kenneth Paterson @ Des. Codes Cryptogr.

29.1.2024

Join us for CAW @ Eurocrypt 24

Matilda Backendal and Miro Haller (UCSD) are organising the Cryptographic Applications Workshop (CAW), as an official Affiliated Event to Eurocrypt 2024.

CAW will focus on the construction and analysis of cryptography built for practice, and feature invited and contributed talks on recent developments in the field of applied cryptography.

It will take place at ETH Zurich on Sunday, May 26, just before the start of Eurocrypt on Monday. Don't forget to register!

26.1.2024

Varun is off to new shores

In December 2023 Varun Maram successfully completed his PhD in our group. He is leaving ETH at the end of January 2024 to pursue his career as a postdoc at SandboxAQ. We lose a brilliant researcher, great colleague and friend with a very fine sense of humour. Congratulations once again, Dr. Maram, thank you for everything and all the very best wishes for your future endeavours.

25.1.2024

We are looking forward to hosting Christoph Coijanovic

Christoph will join our group during February and March 2024.

Christoph is a PhD Student at the Chair of IT Security at Karlsruhe Institute of Technology (KIT) in Germany, working on anonymous group communication.

15.1.2024

JavaScript has been disabled in your browser