Julia Hesse

Research Staff Member at IBM Research - Zurich

IBM Research
Säumerstr. 4
CH-8803 Rüschlikon

juliahesse2 (at) gmail.com
Webpage @IBM
I'm interested in cryptography, algebra and everything in between and around these topics. Some buzzwords for my research are provably secure public key cryptography, privacy-preserving technologies, blockchains and password-based protocols. Before joining IBM Research, I was a Postdoc at TU Darmstadt and ENS Paris. During my PhD, I was extremely lucky to enjoy supervision by both Jörn Müller-Quade and Dennis Hofheinz at Karlsruhe Institute of Technology (KIT) in Germany. I studied mathematics at KIT.

This website is static and written in plain html.


  • Encryption-as-a-Service must not reveal a user's password to the encryption server - let's distribute to enhance privacy!
    DPaSE: Distributed Password-Authenticated Symmetric Encryption
    with Poulami Das and Anja Lehmann
    (Full Version)



  • Security analysis of protocols sharing state (via a blockchain, or a PKI) is tricky. Better look at our paper before proving security of your blockchain application!
    On the (Ir)Replaceability of Global Setups, or How (Not) to Use a Global Ledger
    TCC 2021, with Christian Badertscher and Vassilis Zikas
    (Full Version)
  • NIKEs with optimal security reductions have remained elusive so far. This paper gives the first one, with trade-offs in key sizes.
    Towards Tight Adaptive Security of Non-Interactive Key Exchange
    TCC 2021, with Dennis Hofheinz, Lisa Kohl and Roman Langrehr
    (Full Version)
  • The IRTF is currently standardizing a lightweight PAKE protocol, and we analyze security of its many implementation variants using a new cool and concise modularization technique.
    Security Analysis of CPace
    Asiacrypt 2021, with Michel Abdalla and Björn Haase
    (Full Version)
  • We can use fuzzy PAKE to securely connect personal electronics automatically, by turning sensor readings into cryptographic keys!
    FastZIP: Faster and More Secure Zero-Interaction Pairing
    ACM MobiSys 2021, with Mikhail Fomichev, Lars Almon, Timm Lippert, Jun Han and Matthias Hollick
    (Full Version)


  • The Universal Composability Framework (Canetti, FOCS 2001) can't handle global setups? Yes it can!
    Universal Composition with Global Subroutines: Capturing Global Setup within plain UC
    TCC 2020, with Christian Badertscher, Ran Canetti, Björn Tackmann and Vassilis Zikas
    (Full Version)
  • The beloved fuzzy PAKE goes asymmetric! This is a tricky task with room for improvement. Have a look, get challenged and try to improve upon our protocols!
    Fuzzy Asymmetric Password-Authenticated Key Exchange
    Asiacrypt 2020, with Andreas Erwig, Maximilian Orlt and Siavash Riahi
    (Full Version)
  • It is time to revisit the security model for asymmetric PAKE.
    Separating Symmetric and Asymmetric Password-Authenticated Key Exchange
    SCN 2020
    (Full Version)
  • Log in with Google and Facebook and Instagram, and rest assured that none of them learn your password.
    PESTO: Proactively Secure Distributed Single Sign-On, how How to Trust a Hacked Server
    IEEE EuroS&P, with Carsten Baum, Tore Kasper Frederiksen, Anja Lehmann and Avishay Yanai
    (Full Version)


  • Your blockchain is too slow? This paper introduces protocols and formal foundations for fairly routing off-chain transactions between multiple parties and intermediaries.
    Multi-Party Virtual State Channels
    Eurocrypt 2019, with Stefan Dziembowski, Lisa Eckey, Sebastian Faust and Kristina Hostáková
    (Full Version)
  • Identity Management: State of the Art, Challenges and Perspectives
    Privacy and Identity Management 2019, with Tore Kasper Frederiksen, Anja Lehmann and Rafael Torres Moreno


  • Diffie-Hellman key exchange has a suboptimal security reduction with quadratic loss in the number of users. This loss was proven optimal in 2002 (Coron, Eurocrypt). We introduce a simple non-interactive key exchange from Hash Proof System that circumvents this 15 year old bound with only linear loss.
    On Tightly Secure Non-Interactive Key Exchange
    Crypto 2018, with Dennis Hofheinz and Lisa Kohl
    (Full Version)
  • Fuzzy PAKE is the first AKE that can handle both low entropy and noisy authentication data.
    Fuzzy Password-Authenticated Key Exchange
    Eurocrypt 2018, with Pierre-Alain Dupont, David Pointcheval, Leonid Reyzin and Sophia Yakoubov
    (Full Version)
  • On the relation between two extremely powerful primitives in cryptography.
    Graded Encoding Schemes from Obfuscation
    PKC 2018, with Pooya Farshim, Dennis Hofheinz and Enrique Larraia
    (Full Version)


  • Revoking enrolled cryptography is tedious, but sometimes necessary when the underlying groups (e.g., elliptic curves) become outdated and too insecure. Is it possible to increase the security (parameter) of a scheme after it is enrolled? Believe it or not - it is possible!
    Reconfigurable Cryptography: A flexible approach to long-term security
    TCC 2016-A, with Dennis Hofheinz and Andy Rupp
    (Full Version)


  • Computations in composite-order groups are slow. We show how to emulate them with prime-order groups, including not only group operations but also complex structures such as pairings or even multilinear maps. Spoiler: this work makes Groth-Sahai proofs in composite-order groups twice as efficient as before.
    Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations
    CRYPTO 2014, with Gottfried Herold, Dennis Hofheinz, Carla Ràfols and Andy Rupp
    (Full Version) (Slides)
  • Introducing a strong security notion for the Diffie-Hellman key exchange, including feasibility as well as impossibility results.
    Universally Composable Non-Interactive Key Exchange. SCN 2014, with Eduarda S.V. Freire and Dennis Hofheinz
    (Full Version)

Program Commitees

SCN, CCS, EuroS&P, PETS (2022), Latincrypt, EuroS&P (2021), TCC, IMACC, CANS (2019), PKC, CANS (2018)

Organized Events

Teaching (mostly in german)