Dr. Raphael M.
Reischuk
information security researcher
and distinguished consultant
Raphael Reischuk is a member of several international program committees for information security, and vice president of the security commission of ICTswitzerland; he is member of the advisory board cyber security of the Swiss Academies of Engineering Sciences (SATW), a frequent and passionate speaker at international conferences and appears regularly on topics of network, web and cyber security. Raphael Reischuk is the author of numerous scientific publications in various fields of IT security and cryptography, for which he has received several (international) awards.
After studying computer science with a focus on information security, Raphael Reischuk received his PhD with distinction in web and cloud security at the Information Security and Cryptography Group at CISPA (the Center for IT-Security, Privacy, and Accountability) at Saarland University and Cornell University under the direction of Prof. Michael Backes and Prof. Johannes Gehrke. Before joining Zühlke Engineering AG, he worked as Senior Information Security Researcher at ETH Zürich (the Swiss Federal Institute of Technology), where he has done research and teaching on secure Internet architectures and co-developed SCION.
Expertise & Interests
-
Web Security
• incentivization for correct behavior in the TLS infrastructure and the web ecosystem [MR '17]
• secure-by-design application development and analysis through the SAFE Activation Framework for Extensibility [WWW '12, ACM CCS '13, ICWE '15]
-
Authentication Infrastructures
• for network architectures [SENT '15, TOPS '17, IEEE S&P '17]
• for the web ecosystem [WWW '12, ACM CCS '13, ICWE '15]
• for stateless IAM solutions with efficiently decidable authorization -
DDoS Defense
• wholistic protection against volumetric distributed denial-of-service attacks [ICNP '15, NDSS '16]
-
Cloud Security & the Internet of Things (IoT)
• verifiable delegation of computation and data
• in cloud-based environments [ACM CCS '13]
• with efficient verification for smart IoT devices [IEEE S&P '15]
-
Blockchain Technologies
• Ethereum-driven incentivization for preventing fraudulent certificates in the TLS ecosystem [SENT '15, IEEE S&P '17]
-
Future Internet Architectures
• the highly-available SCION Internet Architecture [ACM CCS '16, CACM '17, Spr '17]
-
Accountability
• detection and deterrence of non-compliant behavior across autonomous systems [ICNP '15, iNetSec '15, SENT '15]
-
Cryptographic Protocols
• protocol synthesis from declarative specifications [SecDay '10, TOSCA '11]
• automated verification for cryptographic protocols [TOSCA '11]
-
Constraint Programming
• state restoration for propagation solvers [BSc '08, CP '09]
• conflict-clause learning for satisfiability [BSc '08, CP '09]
Public Activities
2020
Program committee member of ICWE 2020
The 20th International Conference on Web Engineering
2019/06/09-12 | Helsinki, Finland
2019
Program committee member of IEEE CloudCom 2019
The 11th International IEEE Conference on Cloud Computing Technology and Science
2019/12/11-13 | Sydney, Australia
Rethinking Security: why we need to build a new generation of human-centric firewalls
Es führt kein Weg daran vorbei: Digitalisierung im Treuhandwesen
2019/12/12 | Invited talk at EXPERTsuisse
"Sicherheitslücke beim Berner Schulamt"
Interview on recent data breaches
2019/12/05 | Article in the Swiss newspaper Berner Zeitung
Schwachstelle Mensch: Wie Sie sich gegen Cyber-Angriffe schützen
Breakfast Talk incl Live Hacking
2019/12/04 | Breakfast talk
Video series on password security
part 1) intro to authentication; part 2) password handling; part 3) password managers and alternatives
2019/11/08 | Full video series (german)
How to generate and store hundreds of strong passwords in your brain
Die Passwort-Falle: Wenn der Mensch zum Risikofaktor wird
2019/11/06 | Blog post
Client data protection as an emerging value proposition of the Swiss financial center
Redesigning Financial Services
2019/10/30 | Invited talk
Ethics in Cybersecurity
Roundtable and Panel Discussion for Women in Business
2019/10/21 | Dolder Grand, Zurich
"Security is not a checklist"
2019/10/17 | Interview "Sicherheit ist keine Checkliste" for newspaper Handelszeitung
Disruption doesn't wait for you to be prepared
Invited talk at the Alumni Event of KMU/CFB-HSG
2019/10/04 | University of St. Gallen (HSG)
"Jeder Schritt nach vorn ist besser als die jetzige Situation"
Interview on the call for a Swiss testing lab to independently test cyber products
2019/09/26 | Published at Swisscom's media portal Bluewin
White Paper on Supply Chain Security
Analysis and measures to secure the digital supply chain. White paper (PDF), press release
2019/09/25 | ICTswitzerland, Berne
Network Transparency for Better Internet Security
2019/09/10 | IEEE/ACM Transactions on Networking
Disruption doesn't wait for you to be prepared
Invited talk at CEO-Talk 2019 & Industry 4.0 Seminar
2019/09/04 | EMPA Dübendorf, the Swiss Federal Laboratories for Materials Science and Technology
Learning from Cyber Criminals
Invited talk at the Cadenabbia Network
2019/08/21-23 | Cadenabbia, Italy
Program committee member of IEEE Cloud Summit 2019
The 3rd IEEE International Conference on Cloud and Fog Computing Technologies and Applications
2019/08/08-10 | Washington DC, USA
Cybersecurity - Warum Sicherheit mehr erfordert als Technologie
Cornerstones for a sustainable cyber security strategy
2019/07/10 | Chapter in the book RADAR #4 for think tank W.I.R.E.
Program committee member of ICWE 2019
The 19th International Conference on Web Engineering
2019/06/11-14 | Daejeon, South Korea
IoT vs IT Security: new approaches to automation solutions
Public talk at Automation & Electronics 2019
2019/06/05-06 | Zurich
Book chapter in "Machines, Code, People"
Chapter for the insights and know-how book written by a number of Zühlke employees (see below)
2019/06/05 | Book chapter on the elegance, robustness, and efficiency of stateless communication
Herausforderungen im technologischen Wandel
Disruption durch Digitalisierung
2019/05/23 | Article in KMU-Magazin about disruptive forces in the digital transformation
Most Attractive Careers Switzerland 2019
Why is information security a human-centered discipline?
2019/05/22 | Interview for most attractive employers
Die Disruption kommt unverhofft — Wie Sie mit Innovation unerschrocken entgegen wirken
Inspiration Keynote
2019/04/10 | DigitNetwork | Zurich
Der gläserne Mensch — mit genetischem Wissen zum sozialen Risiko?
Panel Discussion at Trendtage Luzern (program, PDF)
2019/03/27-28 | Luzern
No e-health without strong information security
How to cope with the growing threat of cybercrime and insider threats in the healthcare market?
2019/03/27 | Invited talk | Novartis, Basel
The world's largest public-key infrastructure has a trust problem. Here's the fix.
Tech talk above the city of Berne, meetup
2019/03/20 | Berne
Cyber Risiken im Open Banking: Wie können Angreifer abgewehrt werden?
Invited talk at Beyond Banking, Finanz und Wirtschaft (program, PDF)
2019/03/14 | Dolder Grand, Zurich
Book chapter in "Digitale Transformation gestalten"
Chapter for the digitization book by Oliver Gassmann and Philipp Sutter on how to successfully manage digital transformation (see below)
2019/03/11 | Book chapter on the security of the economically most important encryption ecosystem
Was Cyberkriminelle besser machen als wir
Warum es sich lohnt, von Cyberkriminellen zu lernen
2019/02/21 | Article in the Swiss newspaper Neue Zürcher Zeitung (NZZ)
Diese Gefahren kann die Schweiz nicht ignorieren
2019/01/25 | Interview about the risks of e-voting at Swisscom's media portal Bluewin.
Die Disruption kommt unverhofft — Wie Sie mit Innovation unerschrocken entgegen wirken
Inspiration Keynote
2019/01/16 | Microsoft Pop-up House, Paradeplatz, Zurich
2018
Program committee member of IEEE CloudCom 2018
The 10th International IEEE Conference on Cloud Computing Technology and Science
2018/12/10 | Nicosia, Cyprus
Member of the committee for security at digital innovation in Switzerland (digital.swiss)
2018/11/23 | Zurich
Crime scene: Future
2018/11/22 | ETH Zurich, Lange Nacht der Karriere | Zurich
Data Security for Digital Society
2018/11/20 | ETH Zurich, Alumni Focus Event | Zurich
No e-health without strong information security
How to cope with the growing threat of cybercrime and insider threats in the healthcare market?
2018/10/16+17 | Talk at the annual event of the Medtech & Pharma Platform | Basel
Warum (fast) alle heutigen Internetprotokolle ein Redesign benötigen
2018/10/08 | Technical Deep Dive into SCION | Brown Bag Lunch @ oneconsult
SCION: an Internet architecture to survive the 21st century
2018/09/22 | Public talk at BSides ZH | Zurich
Publication of supervised Master thesis (ETH Zurich) on social engineering
2018/08/13 | Zurich
SCION: A next-generation secure Internet architecture for the 21st century
2018/06/25 | Invited talk at the general assembly of Swiss Cyber Experts | Zurich
IKP — Turning a PKI around with blockchain
2018/06/11 | Invited talk at About & Beyond PKI | Bern
A next-generation secure Internet architecture for the 21st century
2018/05/18 | Invited talk at the Big Techday 11 | Munich
Member of the Swiss Cyber Security Commission of ICTswitzerland
2018/03/26 | Berne
A secure Internet for the 21st century
2018/03/22 | Keynote at the Safety & Security Conference (SASEC) | full program | Munich
Innovation in the age of cybercrime
How to protect innovation in the digital age?
2018/03/08 | Public talk at the Zühlke Innovation Talks 2018 | full program | Zurich
Why infosec and usability must no longer be opponents
2018/01/18+19 | Public talk at the World Web Forum 2018 | Zurich
2017
Program committee member of IEEE CloudCom 2017
The 9th International IEEE Conference on Cloud Computing Technology and Science
2017/12/11 | Hong Kong
Ist mein Handy noch sicher?
2017/11/28 | Interview in an article in the Swiss newspaper Blick am Abend
Challenges and opportunities for industries moving to the cloud
2017/11/28 | Invited talk about cloud security at the TestStand User Group Meeting 2017 | Zurich
If it's not fake, then there is an easy fix
2017/11/13 | Blog post on the alleged hack of Face ID on iPhone X (German)
Invited talk at Parking Seminar 2017
2017/10/31 | Parkomatic AG, Umweltarena Spreitenbach, Switzerland
Keynote talk at Industry Focus Day Medtech
2017/10/25 | Switzerland Global Enterprise, Zurich, Switzerland
Public talk at Swiss Cyber Storm 2017
2017/10/18 | KKL, Lucerne, Switzerland
So verwundbar ist die Schweiz bei Cyberangriffen
2017/09/07 | Interview in an article in the Swiss newspaper Blick
IT-Spezialisten — nichts dazugelernt
2017/06/30 | Article in the Swiss newspaper Neue Zürcher Zeitung (NZZ) about the Petya malware
Die vernetzte Welt des 21. Jahrhunderts — Angriffe und Risiken, Innovation und Chancen
2017/06/28 | Keynote talk at DigitSummit 2017, Zurich
Wie das Internet of Things geltende IT-Regeln auf den Kopf stellt
2017/06/20 | Article in KMU-Magazin about the digital transformation and the security of IoT
Wanna Cry about the state of IT security?
2017/06/06 | Panel discussion at TechTuesday, Zurich
The SCION internet architecture
2017/05/24 | Peer-reviewed article in the journal Communications of the ACM
How ransomware could be stopped. Forever. Globally.
2017/05/16 | Simple thoughts on how to stop ransomware
How to stay secure even if you WannaCry
2017/05/15 | Blog post on the WannaCry ransomware
Why is authenticity becoming more important than confidentiality?
2017/04/05 | Blog post on the growing importance of authentication
Internet Security — Who is holding the trump cards?
2017/02/07 | Keynote talk at TechTuesday Zurich on the design and deployment challenges of a secure Internet for the 21st century
CNIL-Inria Award for Privacy Protection 2016
2017/01/25 |
Awarded for our research paper "ADSNARK",
published at the IEEE
Security & Privacy Conference 2015 and as part of the dissertation. More information is available
here,
here,
or here.
2016
Program committee member of IEEE CloudCom 2016
The 8th International IEEE Conference on Cloud Computing Technology and Science
2016/12/12 | Luxembourg
Wie bewege ich mich sicher im Internet?
2016/12/09 | Public talk and workshop at Zurich Dark Night, Karl der Grosse, Zurich.
Zeit für ein neues, sicheres Internet
2016/11/27 | Public keynote at Treffpunkt Science City, ETH Zurich.
A Next-Generation Secure Internet Architecture for the 21st Century
2016/11/24 | Keynote talk at Geopolitics-Aware Internet Strategies, Rome.
Program committee member of ACM CCS 2016 (posters, demos)
2016/10/24 | Vienna, Austria
Program committee member of SCN 2016
2016/08/31 | Amalfi, Italy
SIBRA: Scalable Internet Bandwidth Reservation Architecture
2016/06/14 | Invited talk at the SWITCH Network and Security Conference, Lucerne.
Program committee member of IEEE EuroSP 2016
2016/03/21 | Saarbrücken, Germany
SIBRA: Scalable Internet Bandwidth Reservation Architecture
2016/02/22 | Conference talk at the Internet Society Network and Distributed System Security Symposium 2016 (NDSS), San Diego, USA.
2015
Program committee member of IEEE CloudCom 2015
2015/11/30 | Vancouver, Canada
Program committee member of ICWE 2015
2015/06/23 | Rotterdam, The Netherlands
Program committee member of NDSS SENT 2015
2015/02/08 | San Diego, CA, USA
Awards & Distinctions
2016 CNIL-Inria Award for Privacy Protection
granted by the National Commission on Informatics and Liberty in France (Commission Nationale de l’Informatique et des Libertés). See here and here.
Distinction »summa cum laude«
for the dissertation on IT-security at CISPA, Saarland University.
Books
-
Machines, Code, People — 50 things Zühlke engineers are passionate about
A collaborative book on best practices, cultural philosophies, great ideas, and practically proven concepts in engineering for and with people. Raphael Reischuk contributed a chapter on the elegance, efficiency, robustness, and security of stateless communication in the industrial internet of things. The book is available on Amazon and OrellFüssli since June 2019.
-
Digitale Transformation gestalten: Geschäftsmodelle Erfolgsfaktoren Checklisten
Conceptual-strategic contributions and case studies show how the digital transformation can be successfully designed and implemented. Raphael Reischuk contributed a chapter on the security considerations of the economically most important encryption ecosystem. The book is available on Amazon and OrellFüssli since March 2019.
-
SCION — A Secure Internet Architecture — 2017
The first comprehensive book on the Future Internet Architecture SCION. Raphael Reischuk is a lead author of the book and a co-inventor of SCION. The book was published by Springer-Verlag in November 2017.
-
Programmierung — Eine Einführung in die Informatik — 2011
This book is an introduction to computer science based on functional programming. It is mostly written for undergraduate CS students. Raphael Reischuk assisted Gert Smolka in writing the first and second edition of the book.
Scientific Publications
-
Network Transparency for Better Internet Security
-
IKP: Turning a PKI Around with Decentralized Automated Incentives
S&P'17: 38th IEEE Symposium on Security and Privacy (Oakland), 2017. -
-
Authentication Challenges in a Global Environment
ACM Transactions on Privacy and Security (TOPS), 2017. -
SIBRA: Scalable Internet Bandwidth Reservation Architecture
NDSS'16: Network and Distributed System Security Symposium, 2016. -
DEMO: Easy Deployment of a Secure Internet Architecture for the 21st Century
CCS'16: 23rd ACM Conference on Computer and Communications Security, 2016. -
-
-
Forwarding Accountability: A Challenging Necessity of the Future Data Plane
iNetSec'15: IFIP WG 11.4 Workshop on Open Research Problems in Network Security, 2015. -
Balancing Isolation and Sharing of Data in Third-Party Extensible App Ecosystems
ICWE'15: 15th International Conference on Web Engineering, 2015. -
FAIR: Forwarding Accountability for Internet Reputability
ICNP'15: IEEE International Conference on Network Protocols, 2015. -
ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data
S&P'15: 36th IEEE Symposium on Security and Privacy (Oakland), 2015. -
-
-
-
Verifiable Delegation of Computation on Outsourced Data
CCS'13: 20th ACM Conference on Computer and Communications Security, 2013. -
DEMO: Secure and Customizable Web Development in the SAFE Activation Framework
CCS'13: 20th ACM Conference on Computer and Communications Security, 2013. -
SAFE Extensibility for Data-Driven Web Applications
WWW'12: 21st International World Wide Web Conference, 2012. -
G2C: Cryptographic Protocols from Goal-Driven Specifications
TOSCA'11: Theory of Security and Applications (now POST), held as part of ETAPS 2011, the Joint European Conferences on Theory and Practice of Software, 2011. -
Cryptographic Protocols From Declarative Specifications
SecDay'10: Grande Region Security and Reliability Day, 2010. -
Maintaining State in Propagation Solvers
CP'09: 15th International Conference on Principles and Practice of Constraint Programming, 2009. -
Automated Checking of Observational Equivalence for an Extended Spi Calculus
Students' project, 2009. -
Teaching
- Network Security (fall 16)
- Operating Systems and Networks (spring 16)
- Operating Systems and Networks (spring 15)
- Programming for Engineers (summer 11)
- Current Research in Information Security (summer 11)
- The Magic of Cryptography (summer 11)
- Cryptography (summer 10, teaching award)
- Formal Methods and Cryptography (winter 09/10)
- Current Research in Information Security (summer 09)
- The Magic of Cryptography (summer 09)
- Advanced Cryptography (summer 08)
- Programming 1 (winter 07/08, supervision)
- Programming 1 (winter 06/07)
- Mathematical intensive course for beginners (winter 07/08)
- Mathematical intensive course for beginners (winter 06/07)