Christelle Gloor
I am a PHD student in Adrian Perrig's Network Security Group at D-INFK. I am also part of the Centre for Cyber Trust, a research collaboration between various research groups at ETH Zürich and the Usable Security And Privacy Group at the university of Bonn.
Research Interest
I am fascinated by the intersection between security systems–specifically public key cryptosystems–and psychology. Usability is achieved by finding frameworks that are relevant and intuitive to the end-user, while suitable to express the technical primitives.My interest arises from not just a passion for teaching, but from a sense of fulfillment that comes with the search for the most effective ways to express ideas which connect with different individuals. Since educating every user as I would pupils in my classroom is not feasible, a reevaluation of said framework must be taken such that simple actions result in tangible benefits for non-experts.
Lastly, while there should generally be a “plug-and-play” default, it is sometimes appropriate to provide finer deviating options for specialized use-cases. In these instances, clarity becomes the fundamental goal of design, allowing sound reasoning about the benefits and downsides by both security experts and end-users.
Focus of Study
I am currently focussing on identity binding in the end-to-end messaging space. Encrypted messaging has reached the mainstream today, largely based on the Signal protocol. It is important to note however that while the “just works” user experience has been widely adopted, it disregards the possibility of malicious impersonation - sacrificing security for usability.While using a messaging app based on the Signal protocol (e.g., Whatsapp, Signal) each message is opportunistically end-to-end encrypted; however, without verifying the security number (tied to the identities of both users), no guarantee is given w.r.t whom a user is communicating with for any given conversation thread. While knowledgeable users have known this and taken precaution, the typical user is unaware. Even if the threat was more widely known, it is unclear if most users would go through the hassle of verifying security numbers out of band (or know what this means), as it has, so far, mostly just worked. To generally establish validation, the process must be simplified and made more usable.
Accompanying projects
I am also working on two parallel projects with the research assistants, Andrea Byku and Adrian Cucoș.Man-in-the-Middle Attack Framework
In order to show that active interception attacks on the Signal ecosystem are feasible with limited resources, we are implementing a modular offensive framework aimed at researchers.The attacker viewpoint gives us valuable insights into different parts of the instantiation of the protocol which the theoretical model does not capture. While the current focus is on Signal, the design phylosophy plans for the framework to be extendible to other platforms.
Secure Group Messaging Taxonomy
During previous theses supervisions we examined the multidevice synchronisation and group messaging system of Signal and were surprised that we could not find a theoretical framework that would assist us in thinking about these systems more clearly.This sparked a more theoretically inclined project, where we set out to build a taxonomy for group messaging, with the goal of describing as many common instantiations, such as, forums, social media, end-to-end encrypted group chats, and more exotic examples, like the Ukranian Bachu app for crowdsourced intelligence gathering.
We set out to find a simple, yet expressive model which enables sound reasoning w.r.t, authentication and privacy guarantees.
Currently ongoing student projects:
Evaluation of Secure multi-party computation for in-band telemetry:
Mark Schenk is building and evaluating a small prototype based on Prio evaluating the workability and utility of aggregate measurements in a future field study of the Trusted Introduction prototype.A Custom Signal Server Instance:
Daniel Baciu is examining and documenting the feasibility and process of setting up a custom instance of the Signal messaging server for experimentation. Though the code artifacts are open source, they are only provided for auditing purposes rather than for reproduction.Analysis of LibSignal as a dependency:
Antoine Moix is working on mapping out the ecosystem of applications that use the core libsignal library or derivations thereof as a dependency. We ultimately hope to find and identify impromer uses of the library (e.g., deprecated derivations thereof), as well as interesting additional targets for out offensive framework.
Supervision
We unfortunately do not have any more project slots for WS2024.I am generally looking for motivated students that share an interest for human factors work, related to the end-to-end messaging space. But we also supervise more technically oriented projects.
Of course, you are also welcome to bring your own ideas to the table, as long as they are related to network security and have a human factors component.
Research with human participants has some extra requirements that you must be aware of and may influence how long it takes to set up a project.
If you're a student looking for a thesis topic, please don't hesitate to get in touch with me and we can chat about your interests and the possibilities for a project.
General Project Advice
Here are some of my colleague Joel Wanner's excellent tips on how to survive writing a thesis.And here are some more general tips by Brian Kernighan on finding a suitable CS supervisor and project, and working independently towards its completion.
Teaching
- Informatik I, D-ITET: Backoffice TA (2024)
- Communication Networks: TA (2023)
- Information Security Lab, Netsec Module: Head TA (2022-present)
- Information Security Lab, Netsec Module: TA (2020-2021)
- Informatik I, D-BAUG: TA (2021)
- Informatik II, D-ITET: TA (2015-2018 and 2020)
- Informatik I, D-ITET: TA (2015-2018)