Events & News

ZISC organizes a number events. The annual ZISC Workshop brings together leading experts to present and discuss their latest research results on a chosen information security and privacy topics. The weekly ZISC Lunch Seminar presentations illustrate the research done at the affiliated research groups and invite exciting speakers from other research institutes and companies.

Latest News

Levkin Prize Awarded to ZISC affiliated Researchers

Researchers from ETH Zurich’s Department of Computer Science (D-INFK) have been awarded the prestigious Levchin Prize for Real-World Cryptography at this year’s Real World Cryptography Conference. The prize recognizes outstanding contributions that have significantly advanced the practical deployment of cryptographic systems.

Professor David Basin and lecturer Ralf Sasse received the award together with Professors Cas Cremers and Jannik Dreier for their work on Tamarin, a leading tool for the formal verification of cryptographic protocols. Cremers and Dreier are former members of ETH Zurich, now serving as Professor at CISPA and Associate Professor at the University of Lorraine, respectively.

The Levchin Prize, established in 2016 through a donation by entrepreneur and computer scientist Max Levchin, is awarded annually to honor innovations that have had a lasting impact on real-world cryptography. Two prizes are presented each year at the Real World Cryptography Conference.

Tamarin originated from research initiated around 2009 within David Basin’s Information Security Group at ETH Zurich. Over time, it evolved into a widely used open-source system for the symbolic analysis of security protocols. The tool enables researchers and practitioners to both identify potential vulnerabilities and construct formal proofs of security.

In addition to the award recipients, early contributions by doctoral researchers Simon Meier and Benedikt Schmidt played a key role in shaping the initial development of Tamarin.

Today, Tamarin is used to analyze and verify real-world protocols and standards, including 5G, TLS, EMV, and iMessage PQ3. Its impact on improving the security of widely deployed systems underscores the significance of the team’s achievement.

The Levchin Prize highlights not only the technical excellence behind Tamarin, but also its tangible contribution to strengthening the security of modern digital infrastructure.

Password Managers, Analysed

The Applied Crypto group’s research on password managers is now public at:

https://webro.ke/passwordmanagers

The paper, to appear at USENIX Security ’26, sees Matteo Scarlata, Giovanni Torrisi (former MSc student in AC, now doctoral student at USI Lugano), Matilda Backendal (former doctoral student in AC, now Professor at USI Lugano) and Kenny Paterson take a “Crypto in The Wild” look at Bitwarden, LastPass, Dashlane and 1Password.

Surprisingly, despite their popularity and the importance of the data they protect, password managers were not analysed in depth before.
When considering a malicious server threat model (the de rigueur approach for E2EE protocols), we found “a cornucopia of practical attacks” against the products we analysed.

The findings received wide press coverage: here we are on the ETH main page, on Ars TechnicaRisky Biz and Medium

ZKB renews its ZISC partnership

Zürcher Kantonalbank (ZKB) is extending its ZISC partnership for another 10 years, reaffirming its long-term commitment to strengthening research and education in information security, data protection and artificial intelligence at ETH Zurich.

Security and reliability, the handling of sensitive data and protection against unauthorized access are core competencies of Zürcher Kantonalbank. “The security of digital financial services and the responsible use of artificial intelligence are key prerequisites for a relationship of trust with our customers. Our renewed partnership with ETH Zurich is a clear commitment to shaping the future responsibly,” explains Dr Jörg Müller-Ganz, President of the Bank Council of Zürcher Kantonalbank. “Thanks to ZKB’s long-term support, we have been able to strengthen research and education at ZISC and expand collaboration with industry. We are very pleased that the partnership is being continued,” emphasizes Srdjan Capkun, Chair of ZISC.

The long-term commitment of ZKB enables us to further develop key technologies that are central to security, trust and innovation in adigitalized society. We are very grateful for this support,” says ETH President Joël Mesot.

 

ZISC Report 2025 is live!

The ZISC center has published its annual report for 2025.

The information security landscape is undergoing a significant disruption. The reason behind this is the rapid emergence of new technologies like AI on the one hand, but also the prospect of quantum technologies. On a geopolitical level, the wars in Ukraine and the Middle East have affected the security landscape of Europe irreversibly.

Besides these emerging threats, organizations continue to struggle with traditional information security problems  such as ransomware, phishing campaigns, large data leaks and the increasing complexity of IT systems.

During this year, ZISC continued to work on its core mission which is work on significant and fundamental information security and privacy problems together with is industry partners. Particular topics of focus this year included the research on Defeating prompt injections by Designsovereign, stress testing and improving the Internet Routing System and content-defined chunking among others.

You can read our full report here.

The ZISC center thanks its partners and collaborators and is looking forward to 2026!

Prof. Adrian Perrig receives Outstanding Research Award

Professor Adrian Perrig, who leads the Network Security Group at the Department of Computer Science at ETH Zurich, has been awarded the prestigious ESORICS 2025 Outstanding Research Award.

The award recognises Perrig’s long-standing contributions to building secure network systems and his pioneering work on the SCION Internet architecture. SCION (Scalability, Control, and Isolation On Next-Generation Networks) is a next-generation Internet architecture designed to provide highly secure, reliable and high-performance connectivity. It addresses fundamental Internet security and availability challenges, including protection against routing attacks, network failures and DDoS (distributed denial-of-service) attacks.

Under Adrian Perrig’s leadership, the Network Security Group has been driving SCION from research to practical deployment, enabling real-world adoption through collaborations with industry partners and the co-founding of Anapaya Systems.

The ESORICS Outstanding Research Award is particularly significant because it is not handed out lightly: nominees are proposed by the ESORICS Steering Committee, and the final decision is made by a vote among its members. This selectivity underscores how meaningful the distinction is, as it rewards long-term, technically innovative contributions with lasting impact in the area of computer security. ESORICS (the European Symposium on Research in Computer Security) is one of Europe’s leading security conferences, bringing together top academics and practitioners. Receiving this award places Perrig alongside other researchers whose work has helped advance the field of security. It is a meaningful recognition of his contributions and of his ongoing efforts to support the development of secure and resilient network systems.