Title Background Dr. Raphael M. Reischuk information security researcher
and distinguished consultant

Raphael Reischuk is a member of several international program committees for information security, and vice president of the cyber security committee of digitalswitzerland; he is member of the advisory board cyber security of the Swiss Academies of Engineering Sciences (SATW), a founding member of the Swiss National Testing Institute for Cyber Security (NTC), and a frequent and passionate speaker at international conferences and appears regularly on topics of network, web and cyber security. Raphael Reischuk is the author of numerous scientific publications in various fields of IT security and cryptography, for which he has received several (international) awards.

After studying computer science with a focus on information security, Raphael Reischuk received his PhD with distinction in web and cloud security at the Information Security and Cryptography Group at CISPA (the Center for IT-Security, Privacy, and Accountability) at Saarland University and Cornell University under the direction of Prof. Michael Backes and Prof. Johannes Gehrke. Before joining Zühlke Engineering AG, he worked as Senior Information Security Researcher at ETH Zürich (the Swiss Federal Institute of Technology), where he has done research and teaching on secure Internet architectures and co-developed SCION.

Logo Zühlke Logo ETH Zürich Logo Cispa Security Logo Universität Saarland

Logo Digitalswitzerland Logo SATW Logo digit_network Logo acm Logo ISSS


Expertise & Interests

  • Web Security

    • incentivization for correct behavior in the TLS infrastructure and the web ecosystem [MR '17]

    • secure-by-design application development and analysis through the SAFE Activation Framework for Extensibility [WWW '12, ACM CCS '13, ICWE '15]

  • Authentication Infrastructures

    • for network architectures [SENT '15, TOPS '17, IEEE S&P '17]
    • for the web ecosystem [WWW '12, ACM CCS '13, ICWE '15]
    • for stateless IAM solutions with efficiently decidable authorization

  • DDoS Defense

    • wholistic protection against volumetric distributed denial-of-service attacks [ICNP '15, NDSS '16]

  • Cloud Security & the Internet of Things (IoT)

    verifiable delegation of computation and data
    • in cloud-based environments [ACM CCS '13]
    • with efficient verification for smart IoT devices [IEEE S&P '15]

  • Blockchain Technologies

    • Ethereum-driven incentivization for preventing fraudulent certificates in the TLS ecosystem [SENT '15, IEEE S&P '17]

  • Future Internet Architectures

    • the highly-available SCION Internet Architecture [ACM CCS '16, CACM '17, Spr '17]

  • Accountability

    • detection and deterrence of non-compliant behavior across autonomous systems [ICNP '15, iNetSec '15, SENT '15]

  • Cryptographic Protocols

    • protocol synthesis from declarative specifications [SecDay '10, TOSCA '11]

    • automated verification for cryptographic protocols [TOSCA '11]

  • Constraint Programming

    • state restoration for propagation solvers [BSc '08, CP '09]

    • conflict-clause learning for satisfiability [BSc '08, CP '09]

Speech Bubble

Public Activities


Information Security in Healthcare

Welcome note and opening of the Information Security in Healthcare conference

2021/09/21 | Cham

Resilience Strategies for the Healthcare Sector

Break out session with think tank W.I.R.E.

2021/09/16 | Conference Trendtage Gesundheit Luzern | Lucerne

Program Committee Member of ICWE 2021

The 21st International Conference on Web Engineering

2021/05/18-21 | Biarritz, France

Interview on the risks of ransomware attacks

2021/05/15 | Interview for blue News

Interview on what security means for users and developers

Why is security such a hot topic today and how to improve the security of your products and businesses?

2021/05/03 | Interview for the DevTalk podcast by Kerry Lothrop

Cybersecurity — Why the hype?

2021/03/16 | Keynote at Bridge2Digital's event on Security & Compliance

Swiss OT-IT Cyber Security Forum

Cloud Edge Industrial IoT (IIoT): which additional security measures are needed?

2021/03/04 | Moderator and sponsor at the 2nd Swiss OT-IT Cyber Security Forum

Enhancing the Digital Security of Products

Contribution to two OECD reports on understanding and enhancing the digital security of products

2021/02/09 | Digital Security Working Group, OECD, Paris

Cybersecurity — Warum der Höhenflug?

2021/02/3-4 | Keynote at the Sophos Evolve Cybersecurity Summit


Video: Drei Tips für erhöhte Cyberresilienz

2020/12/22 | Video

Wir brauchen eine unabhängige Prüfstelle

2020/11/30 | Article at computerworld.ch, PDF

Wissen ermöglicht erst ein IT-Risiko-Manage­ment

Interview on the CVE vulnerability system

2020/11/10 | Article at inside-it.ch

Charter of Trust @ Geneva Online Roadshow: Digital Supply Chain and Transparency

The Charter of Trust's suggestions for strengthening cybersecurity measures

2020/10/20 | Online Panel, Report

Wie ein Institut IT-Security prüfen kann

2020/09/29 | Article for inside-it.ch

Swiss OT-IT Cyber Security Forum

2020/09/24 | Berne

Zug will Millionen in eine Cyber-Empa investieren

2020/08/14 | Interview in an article in Swiss newspaper NZZ

Die Sicherheit vernetzter Geräte prüfen

2020/08/10 | Article for SATW

National Test Institute for Cyber Security in Switzerland

2020/07/20 | Article in Swiss newspaper NZZ

Program committee member of ICWE 2020

The 20th International Conference on Web Engineering

2020/06/09-12 | Helsinki, Finland

Security analysis of the SwissCovid App

2020/06/08 | FAQ, Blog post, SRF Tagesschau

Future Store: Erlebnis oder Überwachung?

Webinar on the conflict between customer experience and data protection in future shopping


Mitten im Digitalen Krieg

Interview with Radio 3FACH

2020/03/10 | iTunes Podcast, Radio 3Fach, Lucerne

Enhancing the Digital Security of Products

OECD Expert Group Workshop on Enhancing the Digital Security of Products

2020/02/19-20 | Working Party on Security and Privacy in the Digital Economy (SPDE), OECD, Paris

Stärkung der menschlichen Firewall

Article about measuring and increasing the strength of the human firewall

2020/02/10 | Article at netzwoche.ch


Program committee member of IEEE CloudCom 2019

The 11th International IEEE Conference on Cloud Computing Technology and Science

2019/12/11-13 | Sydney, Australia

Rethinking Security: why we need to build a new generation of human-centric firewalls

Es führt kein Weg daran vorbei: Digitalisierung im Treuhandwesen

2019/12/12 | Invited talk at EXPERTsuisse

"Sicherheitslücke beim Berner Schulamt"

Interview on recent data breaches

2019/12/05 | Article in the Swiss newspaper Berner Zeitung

Schwachstelle Mensch: Wie Sie sich gegen Cyber-Angriffe schützen

Breakfast Talk incl Live Hacking

2019/12/04 | Breakfast talk

Video series on password security

part 1) intro to authentication; part 2) password handling; part 3) password managers and alternatives

2019/11/08 | Full video series (german)

How to generate and store hundreds of strong passwords in your brain

Die Passwort-Falle: Wenn der Mensch zum Risikofaktor wird

2019/11/06 | Blog post

Client data protection as an emerging value proposition of the Swiss financial center

Redesigning Financial Services

2019/10/30 | Invited talk

Ethics in Cybersecurity

Roundtable and Panel Discussion for Women in Business

2019/10/21 | Dolder Grand, Zurich

"Security is not a checklist"

2019/10/17 | Interview "Sicherheit ist keine Checkliste" for newspaper Handelszeitung

Disruption doesn't wait for you to be prepared

Invited talk at the Alumni Event of KMU/CFB-HSG

2019/10/04 | University of St. Gallen (HSG)

"Jeder Schritt nach vorn ist besser als die jetzige Situation"

Interview on the call for a Swiss testing lab to independently test cyber products

2019/09/26 | Published at Swisscom's media portal Bluewin

White Paper on Supply Chain Security

Analysis and measures to secure the digital supply chain. White paper (PDF), press release

2019/09/25 | ICTswitzerland, Berne

Network Transparency for Better Internet Security

Scientific Publication, PDF

2019/09/10 | IEEE/ACM Transactions on Networking

Disruption doesn't wait for you to be prepared

Invited talk at CEO-Talk 2019 & Industry 4.0 Seminar

2019/09/04 | EMPA Dübendorf, the Swiss Federal Laboratories for Materials Science and Technology

Learning from Cyber Criminals

Invited talk at the Cadenabbia Network

2019/08/21-23 | Cadenabbia, Italy

Program committee member of IEEE Cloud Summit 2019

The 3rd IEEE International Conference on Cloud and Fog Computing Technologies and Applications

2019/08/08-10 | Washington DC, USA

Cybersecurity - Warum Sicherheit mehr erfordert als Technologie

Cornerstones for a sustainable cyber security strategy

2019/07/10 | Chapter in the book RADAR #4 for think tank W.I.R.E.

Never Pay!

Don't reward the attackers

2019/06/19 | Article with arguments why not to pay ransom

Program committee member of ICWE 2019

The 19th International Conference on Web Engineering

2019/06/11-14 | Daejeon, South Korea

IoT vs IT Security: new approaches to automation solutions

Public talk at Automation & Electronics 2019

2019/06/05-06 | Zurich

Book chapter in "Machines, Code, People"

Chapter for the insights and know-how book written by a number of Zühlke employees (see below)

2019/06/05 | Book chapter on the elegance, robustness, and efficiency of stateless communication

Herausforderungen im technologischen Wandel

Disruption durch Digitalisierung

2019/05/23 | Article in KMU-Magazin about disruptive forces in the digital transformation

Most Attractive Careers Switzerland 2019

Why is information security a human-centered discipline?

2019/05/22 | Interview for most attractive employers

Die Disruption kommt unverhofft — Wie Sie mit Innovation unerschrocken entgegen wirken

Inspiration Keynote

2019/04/10 | DigitNetwork | Zurich

Der gläserne Mensch — mit genetischem Wissen zum sozialen Risiko?

Panel Discussion at Trendtage Luzern (program, PDF)

2019/03/27-28 | Luzern

No e-health without strong information security

How to cope with the growing threat of cybercrime and insider threats in the healthcare market?

2019/03/27 | Invited talk | Novartis, Basel

The world's largest public-key infrastructure has a trust problem. Here's the fix.

Tech talk above the city of Berne, meetup

2019/03/20 | Berne

Cyber Risiken im Open Banking: Wie können Angreifer abgewehrt werden?

Invited talk at Beyond Banking, Finanz und Wirtschaft (program, PDF)

2019/03/14 | Dolder Grand, Zurich

Book chapter in "Digitale Transformation gestalten"

Chapter for the digitization book by Oliver Gassmann and Philipp Sutter on how to successfully manage digital transformation (see below)

2019/03/11 | Book chapter on the security of the economically most important encryption ecosystem

Was Cyberkriminelle besser machen als wir

Warum es sich lohnt, von Cyberkriminellen zu lernen

2019/02/21 | Article in the Swiss newspaper Neue Zürcher Zeitung (NZZ)

Diese Gefahren kann die Schweiz nicht ignorieren

2019/01/25 | Interview about the risks of e-voting at Swisscom's media portal Bluewin.

Die Disruption kommt unverhofft — Wie Sie mit Innovation unerschrocken entgegen wirken

Inspiration Keynote

2019/01/16 | Microsoft Pop-up House, Paradeplatz, Zurich


Program committee member of IEEE CloudCom 2018

The 10th International IEEE Conference on Cloud Computing Technology and Science

2018/12/10 | Nicosia, Cyprus

Crime scene: Future

2018/11/22 | ETH Zurich, Lange Nacht der Karriere | Zurich

Data Security for Digital Society

2018/11/20 | ETH Zurich, Alumni Focus Event | Zurich

No e-health without strong information security

How to cope with the growing threat of cybercrime and insider threats in the healthcare market?

2018/10/16+17 | Talk at the annual event of the Medtech & Pharma Platform | Basel

Warum (fast) alle heutigen Internetprotokolle ein Redesign benötigen

2018/10/08 | Technical Deep Dive into SCION | Brown Bag Lunch @ oneconsult

SCION: an Internet architecture to survive the 21st century

2018/09/22 | Public talk at BSides ZH | Zurich

Publication of supervised Master thesis (ETH Zurich) on social engineering

2018/08/13 | Zurich

SCION: A next-generation secure Internet architecture for the 21st century

2018/06/25 | Invited talk at the general assembly of Swiss Cyber Experts | Zurich

IKP  —  Turning a PKI around with blockchain

2018/06/11 | Invited talk at About & Beyond PKI | Berne

8 reasons why we should learn from cyber criminals

2018/05/31 | Article on LinkedIn and Medium

A next-generation secure Internet architecture for the 21st century

2018/05/18 | Invited talk at the Big Techday 11 | Munich

Member of the Swiss Cyber Security Commission of ICTswitzerland

2018/03/26 | Berne

A secure Internet for the 21st century

2018/03/22 | Keynote at the Safety & Security Conference (SASEC) | full program | Munich

Innovation in the age of cybercrime

How to protect innovation in the digital age?

2018/03/08 | Public talk at the Zühlke Innovation Talks 2018 | full program | Zurich

Why infosec and usability must no longer be opponents

2018/01/18+19 | Public talk at the World Web Forum 2018 | Zurich


Program committee member of IEEE CloudCom 2017

The 9th International IEEE Conference on Cloud Computing Technology and Science

2017/12/11 | Hong Kong

Ist mein Handy noch sicher?

2017/11/28 | Interview in an article in the Swiss newspaper Blick am Abend

Challenges and opportunities for industries moving to the cloud

2017/11/28 | Invited talk about cloud security at the TestStand User Group Meeting 2017 | Zurich

If it's not fake, then there is an easy fix

2017/11/13 | Blog post on the alleged hack of Face ID on iPhone X (German)

Invited talk at Parking Seminar 2017

2017/10/31 | Parkomatic AG, Umweltarena Spreitenbach, Switzerland

Keynote talk at Industry Focus Day Medtech

2017/10/25 | Switzerland Global Enterprise, Zurich, Switzerland

Public talk at Swiss Cyber Storm 2017

2017/10/18 | KKL, Lucerne, Switzerland

So verwundbar ist die Schweiz bei Cyberangriffen

2017/09/07 | Interview in an article in the Swiss newspaper Blick

IT-Spezialisten — nichts dazugelernt

2017/06/30 | Article in the Swiss newspaper Neue Zürcher Zeitung (NZZ) about the Petya malware

Die vernetzte Welt des 21. Jahrhunderts — Angriffe und Risiken, Innovation und Chancen

2017/06/28 | Keynote talk at DigitSummit 2017, Zurich

Wie das Internet of Things geltende IT-Regeln auf den Kopf stellt

2017/06/20 | Article in KMU-Magazin about the digital transformation and the security of IoT

Wanna Cry about the state of IT security?

2017/06/06 | Panel discussion at TechTuesday, Zurich

The SCION internet architecture

2017/05/24 | Peer-reviewed article in the journal Communications of the ACM

How ransomware could be stopped. Forever. Globally.

2017/05/16 | Simple thoughts on how to stop ransomware

How to stay secure even if you WannaCry

2017/05/15 | Blog post on the WannaCry ransomware

Why is authenticity becoming more important than confidentiality?

2017/04/05 | Blog post on the growing importance of authentication

Internet Security — Who is holding the trump cards?

2017/02/07 | Keynote talk at TechTuesday Zurich on the design and deployment challenges of a secure Internet for the 21st century

CNIL-Inria Award for Privacy Protection 2016

2017/01/25 | Awarded for our research paper "ADSNARK", published at the IEEE Security & Privacy Conference 2015 and as part of the dissertation. More information is available here, here, or here.


Program committee member of IEEE CloudCom 2016

The 8th International IEEE Conference on Cloud Computing Technology and Science

2016/12/12 | Luxembourg

Wie bewege ich mich sicher im Internet?

2016/12/09 | Public talk and workshop at Zurich Dark Night, Karl der Grosse, Zurich.

Zeit für ein neues, sicheres Internet

2016/11/27 | Public keynote at Treffpunkt Science City, ETH Zurich.

A Next-Generation Secure Internet Architecture for the 21st Century

2016/11/24 | Keynote talk at Geopolitics-Aware Internet Strategies, Rome.

Program committee member of ACM CCS 2016 (posters, demos)

2016/10/24 | Vienna, Austria

Program committee member of SCN 2016

2016/08/31 | Amalfi, Italy

SIBRA: Scalable Internet Bandwidth Reservation Architecture

2016/06/14 | Invited talk at the SWITCH Network and Security Conference, Lucerne.

Program committee member of IEEE EuroSP 2016

2016/03/21 | Saarbrücken, Germany

SIBRA: Scalable Internet Bandwidth Reservation Architecture

2016/02/22 | Conference talk at the Internet Society Network and Distributed System Security Symposium 2016 (NDSS), San Diego, USA.


Program committee member of IEEE CloudCom 2015

2015/11/30 | Vancouver, Canada

Program committee member of ICWE 2015

2015/06/23 | Rotterdam, The Netherlands

Program committee member of NDSS SENT 2015

2015/02/08 | San Diego, CA, USA


Awards & Distinctions

CNIL Logo Inria Logo

2016 CNIL-Inria Award for Privacy Protection

granted by the National Commission on Informatics and Liberty in France (Commission Nationale de l’Informatique et des Libertés). See here and here.


Distinction »summa cum laude«

for the dissertation on IT-security at CISPA, Saarland University.

Universität Saarland Logo

FdSI Bachelor Prize

for outstanding achievements during the undergraduate studies. See here.



  • Machines, Code, People — 50 things Zühlke engineers are passionate about

    A collaborative book on best practices, cultural philosophies, great ideas, and practically proven concepts in engineering for and with people. Raphael Reischuk contributed a chapter on the elegance, efficiency, robustness, and security of stateless communication in the industrial internet of things. The book is available on Amazon and OrellFüssli since June 2019.

  • Digitale Transformation gestalten: Geschäftsmodelle Erfolgsfaktoren Checklisten

    Conceptual-strategic contributions and case studies show how the digital transformation can be successfully designed and implemented. Raphael Reischuk contributed a chapter on the security considerations of the economically most important encryption ecosystem. The book is available on Amazon and OrellFüssli since March 2019.

  • SCION — A Secure Internet Architecture — 2017

    The first comprehensive book on the Future Internet Architecture SCION. Raphael Reischuk is a lead author of the book and a co-inventor of SCION. The book was published by Springer-Verlag in November 2017.

  • Programmierung — Eine Einführung in die Informatik — 2011

    This book is an introduction to computer science based on functional programming. It is mostly written for undergraduate CS students. Raphael Reischuk assisted Gert Smolka in writing the first and second edition of the book.


Scientific Publications



Last change: 2020-10-25