News archive

Read all the news.
Paper accepted!

In collaboration with CeTI: in the paper we investigate how identifying (recorded) gait actually is, and how difficult it will be to effectively anonymize, or protect this data in any other sensible way. Congrats to Evelyn and Simon!

PETS Paper

Thorsten Strufe: 'The preprint of our PETS paper on Facebook collecting data from (all sorts of!) third parties and its ineffective consent procedure is online, thanks Patricia Arias Cabarcos!'

Find the link to the paper below.

About the paper

50 years ago, the first faculty for computer science at a German university was established in Karlsruhe. Time for celebration! The faculty is organizing a ceremony on Thursday, October 20, starting at 11 a.m. in the Tullahörsaal, which will be celebrated by exciting lectures and a panel discussion. Please find the program and the link to the registration below.

About the jubilee
New Survey

We are currently performing a survey on the evaluation of face anonymization methods and are looking for participants. The survey is in english and takes about 15 minutes. We would appreciate it, if you would participate using the link below!

Survey page
Tutorial at ESWEEK '22

Thorsten Strufe will give a tutorial on 'Privacy of Behavioral Data' at this year's EMBEDDED SYSTEMS WEEK on October 9.

ESWEEK will take place in Shanghai and hybrid.



More about ESWEEK
Invited Talk Dr. Dantcheva

On July 18, Dr. Antitza Dantcheva (INRIA) will give a talk entitled 'Generation and Detection of Deepfakes'. The talk will take place at KIT in building 50.34, room 236 at 15:45.

Pre-registration is requested, and we also welcome participants to wear a medical mask.

The talk will also be streamed via BBB. An access code will be provided upon registration if needed.

While highly intriguing, video generation has thrusted upon us the imminent danger of deepfakes, which can offer unprecedented levels of increasingly realistic manipulated videos. Deepfakes pose an imminent security threat to us all, and to date, deepfakes are able to mislead face recognition systems, as well as humans. Therefore, we design generation and detection methods in parallel.

About the speaker
Talk in Darmstadt

On June 30, Thorsten Strufe will give a talk at the OpenS3 Lab's workshop 'Emerging Challenges in Cybersecurity and Privacy' entitled 'You better act normal! Ubiquitous electronic observation: Threats and Attempted Solutions.' More information about the program can be found via the link below.

With this presentation he is also represented at the Honda Research Colloquium on Security and Privacy in Frankfurt (June 15) and the Heinz Nixdorf Symposium in Paderborn (Sept. 15).
Student assistant wanted!

Simon Hanisch is looking for a student assistant to conduct studies.

Here you can find the job advertisement (in german).

Charity cybersecurity course for Ukraine

In view of the war in Ukraine, the BSI is calling for increased vigilance and readiness to react on the Internet. Dangers in this context are phishing e-mails relating to offers of help and fake news. Therefore, the research groups SECUSO (Security-Usability-Society) and PS (Practical IT-Security) offer an online course for citizens.

The course is in german, online via Zoom on 5/5/2022, 7-8pm. 

More about this course and praticipation
Paper awarded

The paper 'Ray-tracing based Inference Attacks on Physical Layer Security' by Paul Walther, Markus Richter and Thorsten Strufe was awarded with the Best Paper Award of NetSys 2021!

Link to article
Theses successfully defended

Congratulations to Christiane Kuhn and Martin Byrenheid on passing their (respective) doctoral examination!

Paper published

The Paper "Side-channel attacks on query-based data anonymization" was published on this years CCS. Authors are: Franziska Boenisch (Fraunhofer AISEC); Reinhard Munz (Max Planck Institute for Software Systems (MPI-SWS)); Marcel Tiepelt (Karlsruhe Institute of Technology); Simon Hanisch and Christiane Kuhn (Karlsruhe Institute of Technology); Paul Francis (Max Planck Institute for Software Systems (MPI-SWS)).


We offer four fully funded positions to do a PhD or Post-Doc (co-supervision of PhD students, in case of interest) on 6G security and privacy (location privacy, availability, security architectures, practical quantum key generation) at KIT/KASTEL and Excellence Cluster CeTI.

Contact: Thorsten Strufe

Our job page
Paper published

The paper "Is the Buzz on? - A Buzz Detection System for Viral Posts in Social Media" was published. Here, Facebook posts were examined to develop a buzz detection system. For more details, see the paper linked below.

Authors: Thorsten Strufe, Clemens Deusser, Nora Jansen and Oliver Hinz. 

paper online
Coming soon: Get to know our staff

Soon you will find short interviews of our staff members on this homepage.

"Get to know..." is an audio feature that portrays our scientific staff in three time periods:

Past: How did they come to start their work at the Institute for Practical IT Security?

Present: What is the researcher currently working on?

Future: What are the goals they are pursuing with their research?

Look forward to insights into our institute!

Invited Talk: Aurélien Francillon

On Friday 21st., Aurélien Francillon (associate professor, System and Software
Security (S3) EURECOM) will give a talk on "An overview of telephony fraud and abuse".

The lecture will be held via BBB, timespan 10:00-11:30.

Find out more about the lecturer
Paul Walther's defense of his doctor's thesis

On November 15, Paul Walther will defend his dissertation titled
"Towards Practical and Secure Channel Impulse Response based Physical
Layer Key Generation". We wish him good luck!

PhD position ML privacy

We have a fully funded position to pursue a PhD (or join us as a postdoc) as part of our French-German project Propolis (on Smart City Privacy), in a consortium with Eurecom, SAP, and The Urban Institute. We will primarily work on publishing location trajectories with DP guarantees and differentially private ML on location data (for instance for traffic management, public security, and risk management in smart cities).

Contact: Thorsten Strufe and Javier Parra-Arnau

Our job page
Guest Talk Christopher Kruegel

We're happy to have Prof. Christopher Kruegel (University of California) as our guest at KASTEL Distinguished Lectures. On Friday, November 12, 10am, he will give a talk on "Finding Vulnerabilities in Embedded Software". The venue is room HS 101 in building 50.34 at KIT Campus South.

for more information on the lecture
Prize for Christoph Coijanovic

Christoph Coijanovic won 1st place of the Academic Award of the CYBERSECURITY CONFERENCE 2021, which was awarded to him on Oktober 22 for his master thesis "Privacy Analysis of Anonymous Communication Networks at Example of Vuvuzela" (supervised by Christiane Kuhn). Congratulations! 

Invited Talk: Wouter Lueks

Wouter Lueks (post-doctoral researcher at EPFL) will present "CrowdNotifier: Decentralized Privacy-Preserving Presence Tracing" on November 3rd at 12:30.

There is growing evidence that SARS-CoV-2 can be transmitted beyond close proximity contacts, in particular in closed and crowded environments with insufficient ventilation. To help mitigation efforts, contact tracers need a way to notify those who were present in such environments at the same time as infected individuals. Neither traditional human-based contact tracing powered by handwritten or electronic lists, nor Bluetooth-enabled proximity tracing can handle this problem efficiently. In this talk, I introduce CrowdNotifier, a protocol that can complement manual contact tracing by efficiently notifying visitors of venues and events with SARS-CoV-2-positive attendees. We prove that CrowdNotifier provides strong privacy and abuse-resistance, and show that it can scale to handle notification at a national scale.

Invited Talk at Inria

Thorsten Strufe gives a talk about ProMACs on September 28 at 10:30 am. For further information check the link below.

centre inria
Telekom-Prize for Amr Osman

Amr Osman and Jeannine Born (TU Dresden) won Telekom Challenge 2021, receiving the first prize of 150,000 euros for their idea on "automatic network isolation of IoT devices". Congratulations!


more information from TU Dresden (german article)
Interview MAZ

Thorsten Strufe has been interviewed by Märkische Allgemeine Zeitung (Newspaper).

Topic: "Why the EU's General Data Protection Regulation (DSGVO) unjustly enjoys a bad reputation".

You can find the article online (link below).

(german) article on
from our network: CeTI Summer School

From September 21 to 23, CeTI will be offering an exciting on- and offline program on the topic of "smart textiles and wearables". The offer ranges from lectures to workshops, for which you can register online. You can find the link below.

registration and programme of CeTI Summer School Interview

Thorsten Strufe was interviewed by

It is about innovations to the messenger service Whatsapp.

You can find the link to the interview below.


(german) interview with Spiegel Netzwelt
Diploma Award for Florian Thie

Florian Thie received the TU Dresden award for his thesis "Analysis of complex anonymization networks at the case study of Aqua".

He was supervised by Christiane Kuhn and Simon Hanisch, the first examiner was Thorsten Strufe.

Paper accepted at SRDS conference

The paper entitled "2PPS - Publish/Subscribe with Provable Privacy" by Sarah Abdelwahab Gaballah and Max Mühlhäuser (both TU Darmstadt), Christoph Coijanovic and Thorsten Strufe has been accepted for the SRDS 2021 conference (September 20.-23.).

The paper is about publish/subscribe systems (such as Twitter) that provide strong and provable privacy protections for both publishers of messages and subscribers.

more about the conference
"Elektronengehirne & Cyborgs" - Interview

As part of the KIT Open Day under the motto "7 Days - 7 Questions - 7 Formats", Thorsten Strufe was a discussion guest on the topic "Electron Brains & Cyborgs" - Artificial Intelligence revolutionizes the world. You can find the link to the video below.

recording of discussion (german)
Video of 'Bonner Tage der Demokratie'

The video of our opening panel at 'Bonner Tage der Demokratie' is online. Thanks for a very nice discussion (in German) with Lorena Jaume-Palasí, Katharina Mosene, Rebekka Weiß, Ulrich Kelber, and Jan Schallaböck - moderated very professional by Ute Lange - about giving up fundamental rights to use online services. - Prof. Strufe

video link
Job offer student assistant

We have an immediate opening for a HiWi position as a Research Assistant.

For more information, please see the attached document.

Talk at Uni Hamburg on May 31

Prof. Strufe will give a talk on "ProMACs: Leveraging the Streaming Paradigm to Improve Integrity without Transmission Cost" at a colloquium at the University of Hamburg on Monday, May 31, 21.

The event will take place via zoom, starting at 17:15.

registration (Informatik Uni Hamburg)
Paper accepted at 'USENIX Security 2021'

Our paper “Inexpensive Brainwave Authentication: New Techniques and Insights on User Acceptance” has been accepted for presentation at the 30th USENIX Security Symposium. In this research, we explore and evaluate different brain biometric techniques to authenticate users with consumer BCI tools and investigate user perceptions towards accepting such technologies. Our results show that it is feasible to recognize users based on brain responses to images. With regard to adoption, users call for simpler devices, faster authentication, and better privacy.

Strufe at 'Bonner Tage der Demokratie'

Thorsten Strufe is a discussion guest at the 'Bonner Tage der Demokratie' (engl. Bonn Days of Democracy).

On May 4, starting at 7 p.m., he will speak in the opening panel about fundamental rights in relation to social media.

New Book

"Tactile Internet" is on the shelves of your (online) bookstore since March 22! Thanks to our co-authors!

Save the date!

We are proud to announce the opening talk for our “Distinguished Lecture Series in Cybersecurity” on June 11th! Prof. Johannes Buchmann will speak about Sustainable Cybersecurity and Privacy. #KASTEL

Job Offer

We offer 2 PhD positions in the field of privacy and machine learning to start in May 2021. The positions are based at our lab in Karlsruhe and UPC (Barcelona). Funded by BMBF (Project Propolis, with EURECOM, SAP and Urban Institue) and FundlaCaixa.

Article on k-anonymity

Prof. Strufe commented on Google's move away from conventional marketing to data collection via FLoC.

You can find the article on linked below.

Furthermore, Deutschlandfunk also talked to Prof. Strufe about this topic.

german article on
Talk at University of Zurich

Prof. Dr. Thorsten Strufe will give a talk titled ProMACs: Leveraging the Streaming Paradigm to Improve Integrity without Transmission Cost at the Ifl Colloquium at the University of Zurich on May 27th this year.

The program of the colloquium can be found here.

Paper accepted at IEEE S&P 2020

Our article "Browsing Unicity: On the Limits of Anonymizing Web Tracking Data" (Clemens Deusser, Steffen Passmann and Thorsten Strufe) has been accepted for presentation at the IEEE S&P ("Oakland")! In the paper we examine the "anonymizing methods" commonly used by industry and show that they are largely ineffective even when applied to an extent that essentially destroys all utility of web tracking data. Using the example of a data set of a large European audience measurement provider, we show that the claim that "coarsening" leads to de-identified data sets is nonsense, since even in extreme cases anonymity is not achieved. Clemens Deusser will present the article at the IEEE S&P in May 2020, congratulations Clemens and Steffen!

Paper accepted at IEEE S&P 2020

Our article "Breaking and (Partially) Fixing Provably Secure Onion Routing" (Christiane Kuhn, Martin Beck and Thorsten Strufe) has been accepted for presentation at IEEE S&P ("Oakland")! In the paper we identify a vulnerability in a lightweight anonymization system ("HORNET") which was previously considered to be proven secure. We then find a vulnerability in the underlying packet format SPHINX, which is also used for other anonymization services. Finally, we find that the evidence framework of Camenish and Lysyanskaya used in both cases is flawed and fix the found bugs to share. Christiane Kuhn presents the article at the IEEE S&P in May 2020. Congrats, Christiane and Martin!

Invited Talk at TU Graz

Thorsten Strufe is giving an invited lecture at TU Graz on the topic "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" on December, 18th.

Invited talk at Uni Kiel

Thorsten Strufe is giving an invited lecture at the University of Kiel on the topic "On Privacy Notions in Anonymous Communications" on December 13.

Invited talk at UC Irvine

Thorsten Strufe is giving an invited lecture, entitled "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" at UC Irvine, on Dec. 9th.


Invited talk at the final ENCASE Workshop on Cybersafety

Thorsten Strufe is holding an invited talk at the final ENCASE Workshop “Cybersafety: Threats and Intelligent Parental Advice Tools for Protection in Social Networks”, entitled "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" on October 18th.

Paper presented at ACM CCS

Patricia Cabarcos is presenting our paper "'I don’t see why I would ever want to use it': Analyzing the Usability of Popular Smartphone Password Managers" at ACM CCS in London, on Sept. 14th!

Inaugural lecture

On February 3, Thorsten Strufe will give his inaugural lecture, entitled "Privacy and freedom or surveillance and censorship in web and mobile apps? (Thorsten Strufe -- from Hamburg to Karlsruhe, with small detours)" in the context of the semester colloquium of the Faculty of Informatics at KIT.
Everybody is cordially envited! :-)
Update: The slides of the lecture can be found here.

Keynote Speech

Thorsten Strufe is giving the keynote on "Security, the Elusive Goal of Privacy, and the Surprising Difficulties around Corona Tracing" at this year's ARES conference!

ARES on twitter

Our research at work -- the system we designed and published in 2017 is now going live, at the German ABC! Congrats to Steffen Passmann, who was the driving force behind our collaboration, too!


article digital inside
Invited Talk at Uni Jena

Thorsten Strufe is giving an invited lecture on the tactile Internet at the New Year's Reception at the University of Jena on January 8.