Security and Privacy

This field focuses on foundational and practical aspects of security, trust, privacy, and accountability in computer systems. Topics of study include formal analysis of security properties; anonymity networks; privacy and trust issues in mobile apps, social networks, and Web advertising; and accountability in distributed systems, to name just a few.

Groups and Researchers in this Field


Principles of Security and Privacy

Gilles Barthe's research interests lie in the areas of programming languages and program verification, software and system security, cryptography, formal methods and logic. His goal is to develop foundations and tools for reasoning about security and privacy properties of algorithms and implementations. His recent work focuses on building relational verification methods for probabilistic programs and on their applications in cryptography and privacy. He is also interested in provably secure countermeasures against side-channel attacks. Read more

Gilles Barthe

MPI-SP, Scientific Director
Personal Website

Responsible Computing

Asia Biega is a tenure-track faculty member at the MPI for Security and Privacy. Through interdisciplinary collaborations, she designs ethically, socially, and legally responsible information and social computing systems and studies how they interact with and influence their users. Before joining Microsoft Research, she completed her PhD summa cum laude at the Max Planck Institute for Informatics and Saarland University. Her doctoral work focused on the issues of privacy and fairness in search systems. She has published her work in leading information retrieval, Web, and data mining venues. Beyond academia, her perspectives and methodological approaches are informed by an industrial experience, including work on privacy infrastructure at Google and consulting for Microsoft product teams on issues related to FATE (Fairness, Accountability, Transparency, and Ethics) and privacy. Read more

Asia Biega

MPI-SP, Faculty
Personal Website

Software Security

Marcel Böhme is a tenure-track faculty at MPI-SP and head of the Software Security research group. His current research interest is the automatic discovery of software bugs and security flaws at the very large scale. One part of his group develops the foundations of automatic software testing (an approach to finding bugs by auto-generating executions) to elucidate fundamental limitations of existing techniques, and to explore the assurances that software testing provides when no bugs are found. The other part of his group develops practical vulnerability discovery tools that are publicly available and widely used in software security practice. Read more

Marcel Boehme

MPI-SP, Faculty
Personal Website

Distributed Systems

Peter Druschel is the founding director of the Max Planck Institute for Software Systems, where he leads the Distributed Systems research group. He is also an adjunct professor at Saarland University, Associate Director of the Center for IT-Security, Privacy, and Accountability, and a Principal Investigator in the Cluster of Excellence on Multimodal Computing and Interaction. He has received an NSF CAREER Award, an Alfred P. Sloan Fellowship, and the Mark Weiser Award. His research interests are in understanding, designing, and building computer systems. In the past, he has worked on operating systems, network services, peer-to-peer systems, and accountable distributed systems. Currently, he is interested in practical techniques to make distributed and mobile systems secure, accountable, and privacy-preserving. Read more

Peter Druschel

MPI-SWS, Faculty
Personal Website

Foundations of Computer Security

Deepak Garg’s interests include computer security and privacy, formal logic, and programming languages. He is head of the Foundations of Computer Security group, associated with both the Security & Privacy and the Programming Languages & Verification research areas at the Max Planck Institute for Software Systems. The group’s current projects investigate tracking and controlling flows of sensitive information through Web browsers, using type systems to statically estimate the asymptotic complexity of incremental runs of programs, creating mechanisms to enforce data protection policies across multiple system infrastructure layers, extending separation logics to reason about security protocols, and developing foundations and algorithms for temporal logic-based privacy audits of legal compliance, among others. Read more

Deepak Garg

MPI-SWS, Faculty
Personal Website

Social Computing

Krishna Gummadi heads the Social Computing research group at the Max Planck Institute for Software Systems. He is broadly interested in understanding and building networked and distributed computer systems. Currently, the group's research focuses on social computing systems: an emerging class of societal-scale human-computer systems that facilitate interactions and knowledge exchange between individuals, organizations, and governments in our society. A few examples include social networking sites like Facebook, blogging and microblogging sites like LiveJournal and Twitter, and content sharing sites like YouTube, among many others. Through user studies, examining data, and building systems, the group aims to understand, predict, and control the behavior of their constituent human users and computer systems. Read more

Krishna Gummadi

MPI-SWS, Faculty
Personal Website

Formally Verified Security

Cătălin Hrițcu is a tenured faculty member at the Max Planck Institute for Security and Privacy (MPI-SP). He is particularly interested in security foundations (secure compilation, compartmentalization, memory safety, security protocols, information flow), programming languages (program verification, proof assistants, dependent types, formal semantics, mechanized metatheory, property-based testing), and the design and verification of secure systems (reference monitors, secure compilation chains, tagged architectures). He was awarded an ERC Starting Grant on formally secure compilation and is also actively involved in the design of the F* verification system. Read more

Cătălin Hrițcu

MPI-SP, Faculty
Personal Website

Cryptographic Systems

Giulio Malavolta is a tenure-track faculty at the Max Planck Institute for Security and Privacy (MPI-SP). He is primarily interested in theoretical and applied aspects of cryptography and his work often intersects with other disciplines such as quantum computing, concurrent systems, cryptocurrencies, and game theory. His recent work focuses on establishing new feasibility results for cryptographic schemes with advanced functionalities. Read more

Giulio Malavolta

MPI-SP, Faculty
Personal Website

Embedded Security

Christof Paar is a scientific director at the Max Planck Institute for Security and Privacy in Bochum, Germany, and affiliated professor at the University of Massachusetts Amherst. His research lies in the area of embedded security. His group is currently working on hardware Trojans, technical and cognitive aspects of (hardware) reverse engineering, physical layer security and the security of cyber-physical systems. He is one of the spokespersons of the Excellence Cluster CASA – Cyber Security in the Age of Large-Scale Adversaries. Prior to joining MPI, Christof was with the Ruhr University Bochum (2001-2019) and WPI in Massachusetts (1995-2001). He spent the academic years 2008/09 and 2014 – 2016 as a research professor at UMass Amherst. He received a Ph.D. in engineering from the Institute for Experimental Mathematics at the University of Essen in 1994. Read more