• Michael Reichle is visiting from 12.12.-15.12. Welcome Michael!
  • Erkan Tairi is visiting from 28.11.-2.12. Welcome Erkan!
  • Christoph Striecks is visiting from 19.9.-23.9. Welcome Christoph!
  • Karen Klein got a paper accepted at ASIACRYPT 2022. Congratulations!
  • Thomas Attema is visiting from 12.9.-16.9. Welcome Thomas!
  • David Niehues is visiting from 5.9.-9.9. Welcome David!
  • Julia Kastner got a paper accepted at ASIACRYPT 2022. Congratulations!
  • Nicholas Brandt, Dennis Hofheinz, Julia Kastner, and Akin Ünal got a paper accepted at TCC 2022. Congratulations!
  • Photograph of the group in front of the CAB building




    PhD Students



    Cryptography is a crucial tool for securing information systems. Cryptographic building blocks ensure the secrecy and integrity of information, and help to protect the privacy of users. Still, most actually deployed cryptographic schemes are not known to have any rigorously proven security guarantees. This has led to a number of far-reaching security issues in widely deployed software systems.


    Our goal is to provide practical cryptographic building blocks that come with rigorously proven security guarantees. These building blocks should be efficient enough for the use in large-scale modern information systems, and their security should be defined and formally analyzed in a mathematically rigorous manner.

    Technical interests.

    We are interested in the foundations of theoretical cryptography, and in general ways to derive constructions and security guarantees in a modular fashion. One research focus in our group concerns new cryptographic building blocks such as indistinguishability obfuscation, functional encryption, and fully homomorphic encryption. We are particularly interested in the design and analysis of cryptographic schemes in the public-key setting. This covers common tools like public-key encryption and digital signatures, specifically in realistic modern scenarios (such as settings with adaptive adversaries, and a huge number of users).


    Lecture: Digital Signatures

    This information concerns the “Digital Signatures” lecture in the Spring 2022 semester at ETH. The content for this course will be provided through Moodle.

    Lecture: Information Security

    This information concerns the “Information Security” lecture in the Spring 2022 semester at ETH. The content for this course will be provided through Moodle.

    Seminar: Current Topics in Cryptography

    You can find the link to the seminar page here.

    Available Theses

    For more details or questions in general please contact
    Subexponential Attacks on Variational LPN (Master Thesis)

    Learning Parity with Noise is a mathematical problem on whose intractability several advanced cryptographic primitives are based. While LPN is similar to Learning With Errors it has received less attention than its lattice-based pendants. However, there are signs that some cryptographic primitives can be achieved by LPN, but not by LWE (Indistinguishability Obfuscation and VOLE e.g.).
    In this thesis, we will study a variation of LPN that is given over large fields (instead of bits). Our aim is to find new subexponential attacks on LPN, where we put our focus on algebraic attacks.
    A student interested in this talk should have some basic knowledge in commutative algebra (polynomial rings and ideals).

    Akin Ünal
    Survey Meta-complexity literature (Semester project)

    Meta-complexity is an emergent field that provides intriguing insights into how computation fundamentally works. In particular, meta-complexity techniques have established some intereseting results between complexity theory and cryptography (see [1]) and seem promising in ruling out some of Impagliazzo's five worlds (see [2]).
    The goal of this project is to survey the existing literature on meta-complexity, in particular in connection to the theory of cryptography.
    A student interested in this topic should have a strong background and interest in theoretical computer science ("Theoretische Informatik" or an equivalent basic TCS course). Knowledge of cryptographic principles is beneficial but not strictly necessary.

    Nicholas Brandt
    Foundations of Cryptography Contact
    Universitaetstrasse 6
    CAB Building, H Floor
    8092 Zurich