As part of the FI CODE Annual Conference 2025, Prof. Mark Manulis gave a presentation on “Secure Cloud through Cryptography: Research Approaches to Encryption and Authentication” to an audience of experts from the German Armed Forces, academia, politics and industry. He emphasized that the increasing relocation of sensitive data to cloud environments places new demands on security and user-friendliness. Cryptographic processes are essential for protecting this data. Prof. Manulis presented current research results in the field of asymmetric encryption with a focus on long-term security, in particular key rotation and updateable encryption to ensure forward security. In addition, advanced concepts such as attribute-based encryption and techniques for searching and processing data in an encrypted state were explained. In the second part of his presentation, Prof. Manulis addressed the topic of authentication and presented approaches based on the decentralized WebAuthn standard. These methods not only enable secure and password-free authentication, but also strengthen user privacy. The concepts presented are based on current work by the “Privacy and Applied Cryptography (PACY)” research group and demonstrate practical solutions for how cryptographic innovations can sustainably improve security in cloud infrastructures. Prof. Manulis was also involved as a jury member in the “Cyber/IT 2025 Innovation Conference”, where IT innovations relevant to the Federal Ministry of Defense (BMVg) were identified and evaluated. With his technical expertise, he contributed to the selection of forward-looking technologies that could be used in security-critical areas.

The final day of the 23rd International Conference on Applied Cryptography and Network Security (ACNS 2025) in Munich marked the conclusion of an engaging and dynamic event that brought together around 230 participants from across the globe. The conference featured a diverse range of presentations and workshops, reflecting the latest advancements and research from various research areas. PACY Lab was proud to contribute to the scientific program with the presentation of the paper "Distributed Asynchronous Remote Key Generation" authored by Mark Manulis and Hugo Nartz, who gave the talk. In addition to our scientific contribution, PACY Lab had a notable organizational role in the success of the event. Prof. Manulis served as a Workshop Chair and played a key role in attracting and coordinating nine workshops held alongside the main conference program — the highest number of workshops ever organized in the history of ACNS. Scientific proceedings with papers from all ACNS 2025 workshops will be published later this year by Springer.

A new R&D project named PiQASO (Post-Quantum Cryptography As-a-Service for Common Transmission Systems and Infrastructures) has been launched under the EU’s Digital Europe Action programme.  Operating on a 3-year timeline from January 2025 through December 2027, PiQASO aims to design, optimize, and deploy a robust suite of quantum-resistant cryptographic services. Its objective is to develop an as-a-service solution that includes key encapsulation mechanisms, digital signatures, secure key exchange, identity management, and more. The project  brings together two academic institutions and 23 industrial partners from 12 EU countries, marking a significant collaborative effort across the continent.  PACY lab is leading UniBw M activities in the project and contributing to the specification of PQC services and abstractions enabling quantum-safe encryption, signing, authentication, authorization for PiQASO's PQC-as-a-Service architecture. Specifically, we are working on the design of post-quantum secure public key encryption and associated key management approaches, leveraging NIST standards, to support longterm data encryption-at-rest operations.

A series of high-profile scientific events in the field of cryptography took place last week in Sofia, drawing experts, researchers, and industry leaders from around the globe. Among the attendees were Prof. Mark Manulis and Jerome Nguyen from PACY Lab, who participated in two major gatherings: the annual conference on Fully Homomorphic Encryption (FHE 2025) and the Real World Cryptography Symposium (RWC 2025). FHE 2025 brought together leading academics and practitioners to discuss the latest advances in fully homomorphic encryption—a breakthrough technology that allows computation on encrypted data without needing to decrypt it first. The conference featured sessions on practical implementations, performance improvements, and real-world use cases of FHE in cloud computing, finance, and healthcare. Meanwhile, RWC 2025 focused on bridging the gap between academic cryptography and its practical applications. Key topics included secure messaging, post-quantum cryptography, zero-knowledge proofs, and cryptographic protocols used in industry-scale systems. The presence of PACY Lab representatives highlighted their continued contribution to cutting-edge research and their engagement with the broader cryptographic community. Both events offered invaluable opportunities for knowledge exchange, networking, and collaborative exploration of the challenges and possibilities at the forefront of secure digital communication.

Prof. Manulis recently participated in the prestigious Dagstuhl Seminar titled "Guardians of the Galaxy: Protecting Space Systems from Cyber Threats," held from March 2 to March 7, 2025. Attendance at Dagstuhl Seminars is by invitation only, bringing together leading experts from academia and industry to address critical challenges. ​ The seminar focused on pressing cybersecurity issues within the space sector, aiming to discuss current R&D challenges in the protection of space infrastructure and satellite communications against a growing number of cyber-attacks. Key topics included enhancing the resilience of space vehicles, securing ground segment operations critical for mission control, safeguarding communication links against eavesdropping and interference, and transitioning to post-quantum cryptography.

Nick Frymann, an external PhD student of Prof. Manulis, has defended his PhD viva at the University of Surrey in the United Kingdom. Nick's PhD thesis titled "Asynchronous Remote Key Generation and its Applications in W3C WebAuthn and FIDO" proposed several technical contributions to the WebAuthn standard, aiming to address scenarios where users lose authentication tokens or need to delegate access to their web accounts without compromising privacy and security. Dr. Frymann serves as a Lecturer at the University of Surrey, where Prof. Manulis has a Visiting Professor appointment.

At the 5th workshop "SKECH@BiCi: Secure Key Exchange and Channel Protocols" Prof. Manulis gave an invited talk on "Asynchronous Remote Key Generation (ARKG) and its Applications" on June 5th in Bertinoro, Italy. ARKG is a new variant of a key encapsulation mechanism (KEM) that allows a sender to encapsulate a cryptographic key pair (sk, pk) for the intended recipient in such a way that only the recipient can later compute the private key sk. The pair (sk, pk) can be used as its own freshly generated key pair in public key cryptosystems. Since its introduction in 2020, ARKG has proven to be a versatile building block that enables a range of different privacy-protecting applications in the field of authentication and blockchains. The biennial SKECH workshop brings together renowned researchers working on cryptographic protocols for secure messaging and key management to discuss the latest research developments. Participation in a SKECH workshop is only possible with a prior personal invitation.

The annual EUROCRYPT conference, which was held in Zurich in May 2024, is one of the most important scientific conferences in the field of cryptography and PACY Lab was there. Jerome Nguyen (pictured) presented the results of the new research work from his joint publication with Prof. Manulis. The work entitled “Fully Homomorphic Encryption beyond IND-CCA1 Security: Integrity through Verifiability” sets new security standards for fully homomorphic encryption (FHE) and strengthens all previously known security requirements for such schemes. The paper also presents design approaches on how to achieve these stronger security properties for known FHE constructions.

A strong start of the year for the PACY Lab with two papers accepted to flagship conferences on the topic of confidential computing over encrypted data: "Fully Homomorphic Encryption beyond IND-CCA1 Security: Integrity through Verifiability" accepted at EUROCRYPT 2024 introduces so-far strongest FHE security guarantees and general techniques achieving integrity and verifiability for (outsourced) FHE computations. It is also the first publication of Jérôme Nguyen. "FEASE: Fast and Expressive Asymmetric Searchable Encryption" appearing at USENIX Security 2024 is a result of collaboration with researchers from Surrey Centre for Cyber Security and our contribution to the EU H2020 project SECANT. The paper features the so-far fastest construction and implementation of a public key encryption scheme supporting private search queries over encrypted indexed data.

SECITC (International Conference on Security for Information Technology and Communications) is an annual international conference held in Romania that deals with all theoretical and practical aspects of information technology and communications security. Prof. Manulis was invited to participate in SECITC 2023 in Bukharest from November 23rd to 24th as a PC Chair. The conference program included 14 peer-reviewed papers and 3 invited talks given by Prof. Bart Preneel from KU Leuven, Prof. Ahmad-Reza Sadeghi from TU Darmstadt, and Prof. Ivan Visconti from the University of Salerno. The publication of conference proceedings in an LNCS volume by Springer is expected for 2024.

Last week Prof. Manulis, Hugo Nartz and Matteo Salvino attended the 21st International Conference on Applied Cryptography and Network Security (ACNS) in Kyoto, Japan. The conference programme featured two papers co-authored by PACY. The first paper titled "Revocable Hierarchical Attribute-based Signatures from Lattices" was presented by Hugo Nartz (on picture). This paper is our joint work with Daniel Gardham and Nick Frymann from the Surrey Centre for Cyber Security in the UK. The second paper titled "On the Complete Non-Malleability of the Fujisaki-Okamoto Transform" was presented by Matteo Salvino and is his joint work with Daniele Friolo and Daniele Venturi from La Sapienza, University of Rome in Italy.

Last week Jerome Nguyen, Hugo Nartz and Matteo Salvino attended international PhD summer school on Real-world Crypto and Privacy 2023, which was held in Croatia and organised jointly by the researchers from Radboud University, ETH Zurich, and University of Zagreb. The school featured many interesting lectures on different aspects of cryptography and privacy, along with an exciting social programme and networking opportunities. We would like to thank the organisers for the provided generous support towards the participation of our PhD students in this event.

Prof. Manulis commented on jamming attacks and the need for cryptographic standards to protect constellations of LEO satellites for IEEE Spectrum's article "Satellite Signal Jamming Reaches New Lows". In 2020 Prof. Manulis co-authored an open-access paper titled "Cyber security in New Space" (International Journal of Information Security, Springer) which discussed these and other security challenges for the evolving New Space ecosystem.

Three papers co-authored by PACY lab members were accepted recently at this year's ACNS and EuroS&P conferences. The following two papers will appear in the 21st International Conference on Applied Cryptography and Network Security (ACNS 2023): "Generalised Asynchronous Remote Key Generation for Pairing-based Cryptosystems" co-authored by Prof. Manulis and Hugo Nartz with researchers from the Surrey Centre for Cyber Security extends our earlier research on ARKG to the first contructions using pairing-based cryptography. "On the Complete Non-Malleability of the Fujisaki-Okamoto Transform" co-authored by Matteo Salvino with researchers from Sapienza University of Rome explores the property of non-malleability in key encapsulation mechanisms that are based on the so-called FO transformation. The third paper titled "Asynchronous Remote Key Generation for Post-Quantum Cryptosystems from Lattices" and co-authored by Prof. Manulis with researchers from the Surrey Centre for Cyber Security will appear in the programme of the 8th IEEE European Symposium on Security and Privacy (EuroS&P 2023). This paper proposes first ARKG constructions using lattice-based cryptography which are compatible with cryptosystems that are being standardised by NIST, incl. Kyber  and Dilithium.

This week our paper "Unlinkable Delegation of WebAuthn Credentials" was presented at the 27th European Symposium on Research in Computer Security (ESORICS 2022) in Copenhagen, Denmark. The talk was delivered by Nick Frymann, an external PhD student of Prof. Manulis at the University of Surrey, UK. This paper builds on our earlier work on Asynchronous Remote Key Generation (ARKG), a new primitive for generation of cryptographic key pairs, developed in 2020 in collaboration with Yubico. We showed how ARKG can be used to enable delegation of credentials for WebAuthn protected accounts by account owners to their proxies in a way that is controllable and preserves the original security and privacy properties of the WebAuthn standard. WebAuthn is a new standard for web authentication that is expected to replace passwords and other insecure authentication methods by adopting digital signatures and security keys.

This week Prof. Manulis attended the 20th International Conference on Applied Cryptography and Network Security (ACNS) in Rome, Italy. The conference programme featured his joint work on "Revocable Hierarchical Attribute-based Signatures from Lattices" with Daniel Gardham from the Surrey Centre for Cyber Security in the UK, who gave the presentation. Hierarchical attribute-based signatures can be used to realise privacy-preserving public key infrastractures and this paper is the first to realise the required functionality using lattices that enable post-quantum security.

PACY lab has three open positions for PhD students or post-docs to work on exciting research challenges. Please check our Vacancies page for more information.

Prof. Dr. Mark Manulis joined as Full Professor the Research Institute CODE and the Department of Computer Science at the Universität der Bundeswehr München on March 1, 2022 and gave an interview where he talks about his appointment and future plans.