Julia Hesse

Julia Hesse Research Staff Member at IBM Research - Zurich IBM Research Säumerstr. 4 8803 Rüschlikon Switzerland juliahesse2 (at) gmail.com Webpage @IBM
I'm interested in cryptography, algebra and everything in between and around these topics. Some buzzwords for my research are provably secure public key cryptography, privacy-preserving technologies, blockchains and password-based protocols. Before joining IBM Research, I was a Postdoc at TU Darmstadt and ENS Paris. During my PhD, I was extremely lucky to enjoy supervision by Dennis Hofheinz at Karlsruhe Institute of Technology (KIT) in Germany. I studied mathematics at KIT.
Preprints The IRTF is currently standardizing a lightweight PAKE protocol, and we analyze security of its many implementation variants using a new cool and concise modularization technique. Security Analysis of CPace with Michel Abdalla and Björn Haase (Full Version) Security analysis of protocols sharing state (via a blockchain, or a PKI) is tricky. Better look at our paper before proving security of your blockchain application! On the (Ir)Replaceability of Global Setups, or How (Not) to Use a Global Ledger with Christian Badertscher and Vassilis Zikas (Full Version) Encryption-as-a-Service must not reveal a user's password to the encryption server - let's distribute to enhance privacy! DPaSE: Distributed Password-Authenticated Symmetric Encryption with Poulami Das and Anja Lehmann (Full Version) Publications 2020 The Universal Composability Framework (Canetti, FOCS 2001) can't handle global setups? Yes it can! Universal Composition with Global Subroutines: Capturing Global Setup within plain UC TCC 2020, with Christian Badertscher, Ran Canetti, Björn Tackmann and Vassilis Zikas (Full Version) The beloved fuzzy PAKE goes asymmetric! This is a tricky task with room for improvement. Have a look, get challenged and try to improve upon our protocols! Fuzzy Asymmetric Password-Authenticated Key Exchange Asiacrypt 2020, with Andreas Erwig, Maximilian Orlt and Siavash Riahi (Full Version) It is time to revisit the security model for asymmetric PAKE. Separating Symmetric and Asymmetric Password-Authenticated Key Exchange SCN 2020 (Full Version) Log in with Google *and* Facebook *and* Instagram, and rest assured that none of them learn your password. PESTO: Proactively Secure Distributed Single Sign-On, how How to Trust a Hacked Server IEEE EuroS&P, with Carsten Baum, Tore Kasper Frederiksen, Anja Lehmann and Avishay Yanai (Full Version) 2019 Your blockchain is too slow? This paper introduces protocols and formal foundations for fairly routing off-chain transactions between multiple parties and intermediaries. Multi-Party Virtual State Channels Eurocrypt 2019, with Stefan Dziembowski, Lisa Eckey, Sebastian Faust and Kristina Hostáková (Full Version) Identity Management: State of the Art, Challenges and Perspectives Privacy and Identity Management 2019, with Tore Kasper Frederiksen, Anja Lehmann and Rafael Torres Moreno (SpringerLink) 2018 Diffie-Hellman key exchange has a suboptimal security reduction with quadratic loss in the number of users. This loss was proven optimal in 2002 (Coron, Eurocrypt). We introduce a simple non-interactive key exchange from Hash Proof System that circumvents this 15 year old bound with only linear loss. On Tightly Secure Non-Interactive Key Exchange Crypto 2018, with Dennis Hofheinz and Lisa Kohl (Full Version) Fuzzy PAKE is the first AKE that can handle both low entropy *and* noisy authentication data. Fuzzy Password-Authenticated Key Exchange Eurocrypt 2018, with Pierre-Alain Dupont, David Pointcheval, Leonid Reyzin and Sophia Yakoubov (Full Version) On the relation between two extremely powerful primitives in cryptography. Graded Encoding Schemes from Obfuscation PKC 2018, with Pooya Farshim, Dennis Hofheinz and Enrique Larraia (Full Version) 2016 Revoking enrolled cryptography is tedious, but sometimes necessary when the underlying groups (e.g., elliptic curves) become outdated and too insecure. Is it possible to increase the security (parameter) of a scheme after it is enrolled? Believe it or not - it is possible! Reconfigurable Cryptography: A flexible approach to long-term security TCC 2016-A, with Dennis Hofheinz and Andy Rupp (Full Version) 2014 Computations in composite-order groups are slow. We show how to emulate them with prime-order groups, including not only group operations but also complex structures such as pairings or even multilinear maps. Spoiler: this work makes Groth-Sahai proofs in composite-order groups twice as efficient as before. Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations CRYPTO 2014, with Gottfried Herold, Dennis Hofheinz, Carla Ràfols and Andy Rupp (Full Version) (Slides) Introducing a strong security notion for the Diffie-Hellman key exchange, including feasibility as well as impossibility results. Universally Composable Non-Interactive Key Exchange. SCN 2014, with Eduarda S.V. Freire and Dennis Hofheinz (Full Version)
Program Commitees Latincrypt, EuroS&P (2021), TCC, IMACC, CANS (2019), PKC, CANS (2018) Organized Events Future of PI: Challenges and Perspectives of Personal Identification, co-located with EuroS&P 2021, Vienna, Austria Identity Management: State of the Art, Challenges and Perspectives, at IFIP Summer School on Privacy and Identity Management, 2019, Brugg, Switzerland CrossFyre 2019, co-located with Eurocrypt 2019 at TU Darmstadt
Teaching (mostly in german) Lecture Beweisbare Sicherheit (2019, TU Darmstadt) Seminar Zero Knowledge (2018, TU Darmstadt) Seminar Secure Multi-Party Computation (2018, TU Darmstadt) Lecture assistant Algorithmen (2016, KIT) Lecture Ausgewählte Kapitel der Kryptographie (2014, KIT) Seminar Fortgeschrittene Verschlüsselungstechniken (2013, KIT) Seminar Digitale Signaturen (2013, KIT) Seminar Die Logik der Sicherheit (2012, KIT)