Welcome at the Chair of Privacy and Security
We work on all aspects of technical data protection and network and IT security. We are primarily interested in privacy, i.e. the protection of individuals against the misuse of their data.
Over the past decades, digital technologies have developed rapidly. The advent of digital transformation and the interconnectivity of all areas of life opens up a wealth of new possibilities. Autonomous networked vehicles, cloud computing, industry 4.0, virtual reality with haptic feedback, online banking or social networks are just a few keywords that are changing the way and quality of life. However, this development also brings with it a number of challenges that people often do not immediately grasp, but which may well conflict with their interests. Our research group is engaged in the development and analysis of security concepts that protect from all types of potential attackers on such systems. We are also interested in the development of technologies that promote data protection in order to protect privacy in the digital world. Finally, we develop protocols and algorithms to secure the underlying infrastructures for communication and computation.
We are part of the KASTEL Security Research Labs, as well as the excellence cluster CeTI, the Centre for Tactile Internet with Human-in-the-Loop.
On June 11th, 2025, Prof. Strufe has given a talk in Poitiers about the role of behavioral biometrics in privacy:
From gait and gaze to WiFi signals and XR avatars—our bodies reveal far more than we think. He shared empirical results showing how easy it is to re-identify individuals in so-called anonymized
datasets, even when advanced techniques like federated learning or differential privacy are applied.
The slides are available on request.
On July 21st, 2025, Marit Hansen (Data Protection Officer of the State Schleswig-Holstein) will come to visit and give a talk. More details will follow.
We're looking forward to her visit and interesting discussions!
From June 30th, 2025 to July 2nd, 2025, Ana-Maria Cretu of EPFL will visit our group in Karlsruhe. She will give a talk on the 30th of June, more details will follow.
We are looking forward to her stay and interesting discussions!
Ana-Maria Cretu's websiteOur paper Aimless Onions: Mixing without Topology Information
(Daniel Schadt, Christoph Coijanovic, Thorsten Strufe) has been accepted at PETS 2025.
In this paper we examine how we can build mix networks in a way that doesn't require clients to know the network topology. This is important in order to scale such networks for huge amounts of users. To do so, we design a new format that allows clients to create packets without explicit knowledge of server names or keys, and we compare our format to currently used formats.
Congratulations!
Our paper Sabot: Efficient and Strongly Anonymous Bootstrapping of Communication Channels
(Christoph Coijanovic, Laura Hetz, Kenneth G. Paterson, Thorsten Strufe) has been accepted at ACM CCS 2025!
The paper was a collaboration with the Applied Cryptography Group of ETH Zürich and answers the question how anonymous communication channels can be bootstrapped in a secure and private manner. In doing so, we design a protocol based on Private Information Retrieval which allows communication partners to find and notify each other. Our protocol ensures that the servers do not learn which and how many requests are sent by the users.
Congratulations!
Link to the preprintProf. Strufe will give a talk at the Interdisciplinary Summerschool on Privacy. The talk is titled Navigating Privacy in the Age of Outsourcing and Observation
:
Privacy, especially in the evolving environment of opaque sub-contracting, outsourcing, and passive observations, is becoming an increasingly difficult goal to achieve. Informational self determination, the foundation of privacy, implies that an individual knows which information about themselves is shared when, with whom, and to which extent. With changes in applications, system architectures, and ever more immersive hardware this gets increasingly difficult and unwieldy. In my lecture I will briefly introduce common system architectures, and subsequently introduce the basics of privacy from a technological perspective. We will touch on different disclosure risks and have a primer on privacy enhancing technologies from 30.000ft.
The summerschool is co-organised by Prof. Strufe and sponsored by KASTEL.
More about the summerschoolmmWave radar sensors, used for example in autonomous vehicles, are often claimed to be privacy-preserving. Cinthya Tamayo investigated to which extent this claim is actually true in her Master's thesis as part of an ERASMUS stay with us. We find that many personal attributes such as age or sex can be reliably inferred using radars. The paper Inferring Personal Attributes with a Mmwave Radar
(Cinthya Celina Tamayo Gonzalez, Simone Soderi, Julian Todt, Thorsten Strufe, Mauro Conti) which builds on the thesis has been presented at WCNC 2025.
Congratulations!
Link to the paperOn May 17, 2025, the KIT will have its day of the open door together with the Campus day. Our chair will also put up exhibits for display: We will have demonstrators from our Smart-City research, as well as brainwave-based authentication demonstrators. We are looking forward to curios visitors and will be happy to talk about our research in PETs and the importance of privacy in society!
Further information