Events & News

In order to promote research and innovation in cyber-defence, our partners EPFL and Cyber-Defence (CYD) Campus are now opening calls for different fellowship opportunities aimed at Master, Doctoral and Postdoctoral researchers as well as future entrepreneurs:

– Doctoral Fellowships (up to 4 years plus 1-year potential extension): deadline on 19 August 2026 (17:00 CEST).

– Distinguished Postdoctoral Fellowships (up to two years): deadline on 19 August 2026 (17:00 CEST).

– Master Thesis Fellowships (6 months): open rolling call.

– Proof of concept Fellowship (12 months): open rolling call.

An online applicant workshop will be held on 7 July 2026 (11:00-11:45 CEST). Please register here.

The CYD Fellowships are supported by armasuisse Science and Technology. For more information contact the EPFL Research Office (research@epfl.ch) or visit the CYD Fellowships website.

A recent publication by the SPY Lab ask how good large language models are at re-identifying anonymous online users. This is a collaboration between Daniel Paleka, Joshua Swanson, Michael Aerni and Florian Tramèr from ETH Zurich’s Department of Computer Science (D-INFK), together with Simon Lermen (MATS) and Nicholas Carlini (Anthropic).

Although deanonymization is a decades-old idea, pseudonymous accounts on Reddit, Hacker News and similar forums have stayed largely safe — such attacks traditionally needed structured data or hours of manual investigation.

The main insight of the paper is that LLMs change the economics of deanonymization. It is previously known that LLMs can extract identity-relevant features from online comments. Our pipeline extends this to search for candidate matches across platforms, and reasons over them to confirm a match. LLM-based methods massively outperform classical ones, linking accounts to real people for less than $5 each. The takeaway: the more you post, the easier you are to unmask.

The findings received wide press coverage: the ETH D-INFK spotlight, plus Bloomberg, The Guardian, The Verge, El País, CyberScoop and Bruce Schneier internationally, and 20 Minuten, Tages-Anzeiger and Le Temps in Switzerland.

Researchers from ETH Zurich’s Department of Computer Science (D-INFK) have been awarded the prestigious Levchin Prize for Real-World Cryptography at this year’s Real World Cryptography Conference. The prize recognizes outstanding contributions that have significantly advanced the practical deployment of cryptographic systems.

Professor David Basin and lecturer Ralf Sasse received the award together with Professors Cas Cremers and Jannik Dreier for their work on Tamarin, a leading tool for the formal verification of cryptographic protocols. Cremers and Dreier are former members of ETH Zurich, now serving as Professor at CISPA and Associate Professor at the University of Lorraine, respectively.

The Levchin Prize, established in 2016 through a donation by entrepreneur and computer scientist Max Levchin, is awarded annually to honor innovations that have had a lasting impact on real-world cryptography. Two prizes are presented each year at the Real World Cryptography Conference.

Tamarin originated from research initiated around 2009 within David Basin’s Information Security Group at ETH Zurich. Over time, it evolved into a widely used open-source system for the symbolic analysis of security protocols. The tool enables researchers and practitioners to both identify potential vulnerabilities and construct formal proofs of security.

In addition to the award recipients, early contributions by doctoral researchers Simon Meier and Benedikt Schmidt played a key role in shaping the initial development of Tamarin.

Today, Tamarin is used to analyze and verify real-world protocols and standards, including 5G, TLS, EMV, and iMessage PQ3. Its impact on improving the security of widely deployed systems underscores the significance of the team’s achievement.

The Levchin Prize highlights not only the technical excellence behind Tamarin, but also its tangible contribution to strengthening the security of modern digital infrastructure.

The Applied Crypto group’s research on password managers is now public at:

https://webro.ke/passwordmanagers

The paper, to appear at USENIX Security ’26, sees Matteo Scarlata, Giovanni Torrisi (former MSc student in AC, now doctoral student at USI Lugano), Matilda Backendal (former doctoral student in AC, now Professor at USI Lugano) and Kenny Paterson take a “Crypto in The Wild” look at Bitwarden, LastPass, Dashlane and 1Password.

Surprisingly, despite their popularity and the importance of the data they protect, password managers were not analysed in depth before.
When considering a malicious server threat model (the de rigueur approach for E2EE protocols), we found “a cornucopia of practical attacks” against the products we analysed.

The findings received wide press coverage: here we are on the ETH main page, on Ars Technica, Risky Biz and Medium

Zürcher Kantonalbank (ZKB) is extending its ZISC partnership for another 10 years, reaffirming its long-term commitment to strengthening research and education in information security, data protection and artificial intelligence at ETH Zurich.

Security and reliability, the handling of sensitive data and protection against unauthorized access are core competencies of Zürcher Kantonalbank. “The security of digital financial services and the responsible use of artificial intelligence are key prerequisites for a relationship of trust with our customers. Our renewed partnership with ETH Zurich is a clear commitment to shaping the future responsibly,” explains Dr Jörg Müller-Ganz, President of the Bank Council of Zürcher Kantonalbank. “Thanks to ZKB’s long-term support, we have been able to strengthen research and education at ZISC and expand collaboration with industry. We are very pleased that the partnership is being continued,” emphasizes Srdjan Capkun, Chair of ZISC.

“The long-term commitment of ZKB enables us to further develop key technologies that are central to security, trust and innovation in adigitalized society. We are very grateful for this support,” says ETH President Joël Mesot.