Welcome at the Chair of Privacy and Security

The scientific staff is standing in front of a valley

We work on all aspects of technical data protection and network and IT security. We are primarily interested in privacy, i.e. the protection of individuals against the misuse of their data.

Over the past decades, digital technologies have developed rapidly. The advent of digital transformation and the interconnectivity of all areas of life opens up a wealth of new possibilities. Autonomous networked vehicles, cloud computing, industry 4.0, virtual reality with haptic feedback, online banking or social networks are just a few keywords that are changing the way and quality of life. However, this development also brings with it a number of challenges that people often do not immediately grasp, but which may well conflict with their interests. Our research group is engaged in the development and analysis of security concepts that protect from all types of potential attackers on such systems. We are also interested in the development of technologies that promote data protection in order to protect privacy in the digital world. Finally, we develop protocols and algorithms to secure the underlying infrastructures for communication and computation.

We are part of the KASTEL Security Research Labs, as well as the excellence cluster CeTI, the Centre for Tactile Internet with Human-in-the-Loop.

News

Prof. Strufe in Poitiers

On June 11th, 2025, Prof. Strufe has given a talk in Poitiers about the role of behavioral biometrics in privacy:

From gait and gaze to WiFi signals and XR avatars—our bodies reveal far more than we think. He shared empirical results showing how easy it is to re-identify individuals in so-called anonymized datasets, even when advanced techniques like federated learning or differential privacy are applied.

The slides are available on request.

Visit by Marit Hansen

On July 21st, 2025, Marit Hansen (Data Protection Officer of the State Schleswig-Holstein) will come to visit and give a talk. More details will follow.

We're looking forward to her visit and interesting discussions!

Visit by Ana-Maria Cretu

From June 30th, 2025 to July 2nd, 2025, Ana-Maria Cretu of EPFL will visit our group in Karlsruhe. She will give a talk on the 30th of June, more details will follow.

We are looking forward to her stay and interesting discussions!

Ana-Maria Cretu's website
Paper at PETS 2025

Our paper Aimless Onions: Mixing without Topology Information (Daniel Schadt, Christoph Coijanovic, Thorsten Strufe) has been accepted at PETS 2025.

In this paper we examine how we can build mix networks in a way that doesn't require clients to know the network topology. This is important in order to scale such networks for huge amounts of users. To do so, we design a new format that allows clients to create packets without explicit knowledge of server names or keys, and we compare our format to currently used formats.

Congratulations!

Paper at CCS 2025

Our paper Sabot: Efficient and Strongly Anonymous Bootstrapping of Communication Channels (Christoph Coijanovic, Laura Hetz, Kenneth G. Paterson, Thorsten Strufe) has been accepted at ACM CCS 2025!

The paper was a collaboration with the Applied Cryptography Group of ETH Zürich and answers the question how anonymous communication channels can be bootstrapped in a secure and private manner. In doing so, we design a protocol based on Private Information Retrieval which allows communication partners to find and notify each other. Our protocol ensures that the servers do not learn which and how many requests are sent by the users.

Congratulations!

Link to the preprint
Talk by Prof. Strufe at the Summerschool on Privacy

Prof. Strufe will give a talk at the Interdisciplinary Summerschool on Privacy. The talk is titled Navigating Privacy in the Age of Outsourcing and Observation:

Privacy, especially in the evolving environment of opaque sub-contracting, outsourcing, and passive observations, is becoming an increasingly difficult goal to achieve. Informational self determination, the foundation of privacy, implies that an individual knows which information about themselves is shared when, with whom, and to which extent. With changes in applications, system architectures, and ever more immersive hardware this gets increasingly difficult and unwieldy. In my lecture I will briefly introduce common system architectures, and subsequently introduce the basics of privacy from a technological perspective. We will touch on different disclosure risks and have a primer on privacy enhancing technologies from 30.000ft.

The summerschool is co-organised by Prof. Strufe and sponsored by KASTEL.

More about the summerschool
Cinthya at WCNC

mmWave radar sensors, used for example in autonomous vehicles, are often claimed to be privacy-preserving. Cinthya Tamayo investigated to which extent this claim is actually true in her Master's thesis as part of an ERASMUS stay with us. We find that many personal attributes such as age or sex can be reliably inferred using radars. The paper Inferring Personal Attributes with a Mmwave Radar (Cinthya Celina Tamayo Gonzalez, Simone Soderi, Julian Todt, Thorsten Strufe, Mauro Conti) which builds on the thesis has been presented at WCNC 2025.

Congratulations!

Link to the paper
Our chair at the day of the open door

On May 17, 2025, the KIT will have its day of the open door together with the Campus day. Our chair will also put up exhibits for display: We will have demonstrators from our Smart-City research, as well as brainwave-based authentication demonstrators. We are looking forward to curios visitors and will be happy to talk about our research in PETs and the importance of privacy in society!

Further information

 

Embedding

symbolic picture of a smart city Logo CeTI

Logo of KASTEL