Real-World Cryptography Group
The Real-World Cryptograpy Research Group (RWC) is headed by Paul Rösler. Our research is focused on analyzing and developing cryptographic protocols for secure communication and storage applications. A major field of applications includes secure messaging protocols (e.g. Signal, WhatsApp, etc). However, all practically relevant cryptographic solutions for establishing confidentiality, authenticity, integrity, and anonymity on the Internet lie within the research field of the RWC group.
|WiSe 2022/23||Seminar: Cryptography in Secure Messaging: Understanding and Enhancing Signal [StudOn Course]|
Theses and Research
If you are interested in working with with us (bachelor theses, master theses, joint research, or PhD advisor), don’t hesitate to get in touch via email. Ideally, you provide an area of interest: E.g., a particular secure communication application, a cryptographic/network protocol, a problem or a question about secure communication you consider relevant, or simply a research paper you found interesting. Bachelor and master students don’t have to have a clear thesis topic in mind – we will find an interesting, individual problem together.
Our research area is real-world cryptography which covers all practically relevant means of secure communication and storage, especially cryptographic messaging protocols. Particular topics, questions, and concepts we are (currently) working on include:
- Secure Messaging Protocols
- (Authenticated) Key Exchange and Confidential Channels
- Security Guarantees under (temporary) Corruption of User Secrets
- Systematization of Definitions and Models for Real-World Cryptography
Major Research Contributions
Three of our important results can be summarized as follows:
- We developed a systematic framework for strongly secure messaging protocols. This was one of few starting (and reference) points for the new, quickly evolving field of continuous and ratcheted key exchange. Many follow-up works on secure messaging protocols, including our own publications, are based on this framework.
- We analyzed widely deployed group messaging apps (WhatsApp and Signal), which revealed novel weaknesses in the underlying protocols and triggered the development of substantially improved mechanisms.
- With theoretic performance analyses of group messaging protocols (article 1, article 2), we obtained lower and upper bounds for the (necessary and sufficient) communication overhead of these protocols.