Research Areas

In cellular security topic we investigate vulnerabilities in LTE and emerging 5G systems—developing advanced techniques for passive tracking of mobile devices and stealthy attacks such as IMSI extraction and adaptive signal overshadowing. Our research, exemplified by projects like LTrack and AdaptOver, aims to expose security flaws in mobile communications and pave the way for more robust network defenses.
Decentralized systems can reduce trust requirements and reliance on third parties, thereby enabling greater user autonomy. As part of our research, we explore different applications of decentralized systems, such as blockchains and self-sovereign identity (SSI) systems, and related topics like electronic identities (e-ID) and Central Bank Digital Currencies (CBDCs). Our goal is to develop innovative techniques, build systems that provide new functionalities and to analyze and enhance the security, privacy, and usability properties of existing systems.
Secure ranging is a technique used to measure the distance between devices while ensuring the integrity and authenticity of the measurements. It is crucial in applications such as secure positioning, access control, and contactless payments, where precise and tamper-resistant distance estimation is essential. In our group, we focus on analyzing the security of both existing and emerging ranging schemes (e.g. UWB, WiFi) at the physical layer, as well as exploring their practical applications.
Trusted Computing is a security approach that uses special hardware features to make sure computers run software as expected and protect sensitive data. One key technology in this field is Trusted Execution Environments (TEEs), which create isolated execution environments inside a processor where sensitive operations can be executed safely, even if the rest of the system is compromised. We are interested in all aspects of Trusted Computing: from discovering new attacks on modern processors, analyzing side-channels of security-critical software, to designing better TEEs.
Our research explores how users interact with security mechanisms and how these systems can be designed to be both effective and understood. We study topics such as phishing prevention, authentication and multi-factor authentication (MFA) techniques, security of user interfaces, and secure decision-making in digital environments, through user studies, large-scale measurements, and by designing and evaluating new security mechanisms.