Real-World Cryptography Group › Chair of Applied Cryptography

The Real-World Cryptograpy Research Group (RWC) is headed by Paul Rösler. Our research is focused on analyzing and developing cryptographic protocols for secure communication and storage applications. A major field of applications includes secure messaging protocols (e.g. Signal, WhatsApp, etc). However, all practically relevant cryptographic solutions for establishing confidentiality, authenticity, integrity, and anonymity on the Internet lie within the research field of the RWC group.

Teaching

Winter 2023/24	Seminar: Cryptography in Secure Messaging: Understanding and Enhancing Signal [StudOn Course]
Summer 2023	Lecture: Cryptographic Communication Protocols: Key Exchange and Channels [StudOn Course]
Winter 2022/23	Seminar: Cryptography in Secure Messaging: Understanding and Enhancing Signal [StudOn Course]

Theses and Research

If you are interested in working with with us (bachelor theses, master theses, joint research, or PhD advisor), don’t hesitate to get in touch via email. Ideally, you mention an area of interest: E.g., a particular secure communication application, a cryptographic/network protocol, a problem or a question about secure communication you consider relevant, or simply a research paper you found interesting. Bachelor and master students don’t have to have a clear thesis topic in mind – we will find an interesting, individual problem together.

Research

Our research area is real-world cryptography which covers all practically relevant means of secure communication and storage, especially cryptographic messaging protocols. Particular topics, questions, and concepts we are (currently) working on include:

Secure Messaging Protocols
(Authenticated) Key Exchange and Confidential Channels
Security Guarantees under (temporary) Corruption of User Secrets
Systematization of Definitions and Models for Real-World Cryptography

Major Research Contributions
Three of our important results can be summarized as follows:

We developed a systematic framework for strongly secure messaging protocols. This was one of few starting (and reference) points for the new, quickly evolving field of continuous and ratcheted key exchange. Many follow-up works on secure messaging protocols, including our own publications, are based on this framework.
We analyzed widely deployed group messaging apps (WhatsApp and Signal), which revealed novel weaknesses in the underlying protocols and triggered the development of substantially improved mechanisms.
With theoretic performance analyses of group messaging protocols (article 1, article 2), we obtained lower and upper bounds for the (necessary and sufficient) communication overhead of these protocols.