We are keen to deliver the world-leading cybersecurity and AI R&D. It is pleased to witness that the CRYPTAI lab has contributed excellence, over recent years, in teaching BSc/MSc courses and PhD supervision/graduation (e.g., 4+ BSc group projects, 20+ MSc projects, at least 4 PhDs, 1 graduated, 2 on the way of graduation), securing promising research funding (e.g., over 2 million accumulated funding), publishing top-tier conferences and journals (e.g., USENIX Security, NDSS, IEEE TDSC), promoting cybersecurity community as chairs via renowned conferences (e.g., ACM ASPLOS/EuroSys, IEEE EuroSP, ESORICS, IEEE CSF), being TPC and associate editors for international cybersecurity conferences (e.g., USENIX Security, ACM CCS) and journals (e.g., IEEE TDSC, IEEE TAI), putting forward use cases/pilots to various European countries via projects (e.g., TANGO, ASSURED). Our lab's and the cybersecurity group's performance is phenomenal in the four excellences. I am very proud of closely working with my team members (all the PhDs and post-docs) and the group members (e.g., Alex, Lilika and my section head George).  

The CRYPTAI lab (applied cryptography & AI) was found in 2021, within the cybersecurity group, and its vision is to pave the way to applied cryptography, information security and machine learning tools to achieve real-world intelligent security and privacy. The lab, led by Dr. Liang, focuses on the R&D on: (1) data protection mechanisms, in particular practical data protection and sharing for encrypted outsourced data solutions, searchable encryption, updatable encryption, lattice-based encryption/signature (post-quantum cryptography); (2) privacy-preserving machine/federated learning: attacks and countermeasures; and (3) application-driven blockchain (e.g., smart contract, oracles) development. 

The lab is mainly supported by the funding from the TU Delft, H2020, Horizon Europe and other external grants. And it has published excellent research works in the security and AI related A* conferences (e.g., USENIX Security, NDSS, Asiacrypt, CVPR) and top-tier international security journals (e.g., IEEE TIFS, IEEE TDSC, IEEE TII, IEEE TC, IEEE IC), but also delivered real-world social and industrial impacts to public sectors (e.g., finance, education, hospital) via the implementation of various use cases, e.g., smart cities, IoT systems, digital supply chain. 

The lab is designed to provide supportive, positive and diverse research atmosphere, help young academics grow, become decent researchers and advance their careers. We are able to provide research excellence, e.g., training to publish top-tier journals and A* conferences, proposal writing skills, chances of academic visit, courses on university teaching qualification and scientific writing (thanks to the university), teaching assistant activities, other academic trainings. All members of the lab so far have abilities to independently publish excellent research works, prepare funding proposal, handle multiple external projects, and cover teaching assistant activities.   

We are currently working with self-motivated and talented MSc, PhD and post-docs. If you are interested in joining the team, please feel free to send us your CV.   

• CRYPTAI is invited to deliver a keynote for ProvSec 2025. 

• CRYPTAI presented a keynote for ACNS 2025 @SiMLA. 

• CRYPTAI presented a keynote for ACNS 2024 @SCI. 

• CRYPTAI supported the host of EuroSys + ASPLOS 2025 in Rotterdam. 

• CRYPTAI supported the organization of IEEE CSF 2024 in Enschede. 

• CRYPTAI participated into Data Sharing Festival (The Hague) related to PETs in data sharing in The Hague.  

• CRYPTAI presented a keynote for ProvSec 2023. 

• CRYPTAI gave a keynote for Scisec 2023. 

• CRYPTAI delivered two talks in ONE Conference 2022 which is a prime of European cybersecurity even with 2000+ attendees.  

• ASSURED scientific workshop to present advanced DSSE technique and spoke to renowned security researchers. 

• CRYPTAI supported the organization of IEEE Euro S&P 2023 in Delft, ESORICS 2023 in The Hague, SecureComm2022 in Kansas. 

• Cyberproof your manufacturing organisation. Get a headstart in securing your organisation from cyberthreats with hands-on advice share in a recent EIT Manufacturing whitepaper and webinar. More details can be seen: https://www.eitmanufacturing.eu/news-events/news/cyberproof-your-manufacturing-organisation/. 

• we are honoured  to be invited  as panel member to the cybersecurity webinar for EIT Manufacturing: https://www.eitmanufacturing.eu/news-media/events/cybersecurity-manufacturing-webinar/.  

We are seeking highly motivated Post-Doctoral, Research Fellows and PhDs to join the team. The ideal candidates should have strong backgrounds in AI, cryptography, information security, and blockchain technology.

Please note that the university may have a background censor for PhD and Post-Doc applicants. 

• For Those Interested in Post-doc, Junior/Senior RA Positions: 

Responsibilities:

• Conduct implementation on cutting-edge applied crypto technologies and applications. 

• Develop innovative solutions and proof-of-concepts. 

• Design post-quantum secure systems.

• Collaborate with other team members to ensure successful delivery.

Requirements:

• PhD in Computer Science, Electrical Engineering, or related field. 

• Sufficient knowledge of cryptography technology. 

• Strong analytical and problem-solving skills. 

• Excellent communication and teamwork skills. 

Length:

At least a 2-year contract. 

Language:

English.

• For Those Interested in PhD positions: 

Responsibilities:

• Conduct research on cutting-edge cryptography, or AI technologies. 

• Develop innovative solutions for real-world applications. 

• Collaborate with national and international academic partners.

• Deliver research works to top-tier conferences and journals.

Requirements:

• MSc in Computer Science, Math, or related field. 

• Strong knowledge of AI, or cryptography. 

• Some experience with programming languages. 

• Strong analytical and problem-solving skills. 

• Great communication and teamwork. 

Length: 

a 4-year contract. 

Language:

English (a strong requirement for English level, e.g., IELTS >=7.0, or TOEFL>=100)

• How to Apply for the above positions

Please send your CV, PhD/MSc transcripts, PhD/MSc certificate, English test certificate and a publication list to kaitai.liang@tudelft.nl. We welcome applications from individuals of related backgrounds. 

Note as a post-doc or a PhD @ TU Delft you can be provided by the followings:

(1) International academic and industrial collaborations, e.g., working with other top ranking universities, renown companies. 

(2) Opportunities of participating into various domestic and international cybersecurity projects. 

(3) Being trained to deliver world-leading research works and publish them to top-tier venues.   

(4) Flexible and supportive working surroundings. 

(5) Competitive salary and benefits package, relocation supports, 30% tax ruling, retirement saving plan, vacation and holiday bonus, and free academic related trainings.  

• For Those Interested in MSc cybersecurity projects

We have conducted supervisions on various MSc projects related to cybersecurity topics, including secure and trusted blockchain, attacks on secure systems, privacy-preserving machine learning, attacks on AI, post-quantum cryptography. Those projects are pure research driven, R&D, software development or real-world applications oriented. If you are interested in exploring certain cutting-edge research topics, or prefer to investigate practical industrial-level software development, please feel free to contact us. 

Since 2020, the followings are the main funding sources supporting the CRYPTAI Lab. 

ORQESTRA (Orchestrating the Operational Deployment of Quantum Resistant Services for Next-Generation Secure Defence Systems and Communications) aims to provide practical, formally verified and efficient implementations of Post-Quantum Crypto (PQC) algorithms and abstractions addressing the current need towards bridging the gap between the foundational primitives and hard mathematical problems of PQC to the operational deployment of cryptosystems that can provide certifiable quantum-level security. The added value of the ORQESTRA’s offerings will be validated in 8 real-world defence-oriented use cases and 2 Proof-of-Concept evaluation testbeds, inducing Free-Space QKD/PQC, with high security, trust, timing and performance requirements, focusing on protecting Land, Maritime and Aerial critical infrastructures and communications. 

Horizon Europe TENSOR: provide Police Authorities a platform that facilitates the biometric evidence extraction, sharing, and storage in cross border environments, allowing them to share best practices in an automated, robust, secure, privacy-preserving and scalable manner. The full potential of biometrics technologies will be exploited, as well as their fusion with less distinctive features in case of partial evidence gathered. Use cases and pilots can be found here. 

Horizon Europe TANGO: establish a stronger cross-sector data sharing, in a citizen-centric, secure and trustworthy manner, by developing innovative solutions while addressing environmental degradation and climate change challenges. The overall outcome is a novel platform exhibiting the following capabilities: user-friendly, secure, trustworthy, compliant, fair, transparent, accountable and environmentally sustainable data management, having at its core technology components for distributed, privacy preserving and environmentally sustainable data collection, processing, analysis, sharing and storage. This platform will promote trustworthy and digitally enabled interactions across society, for people as well as for businesses. Data protection stories for our pilots. 

Horizon Europe REWIRE: provide a holistic security management framework that can safeguard IoT environments during the whole spectrum of their lifecycle, i.e., from the Design to the Runtime phases, capitalizing on trust-aware defense mechanisms that exploit emerging technologies based on Formal verification, Theorem Proofs, Open Standard Instruction Set Architectures, Trusted Computing, Blockchain and Artificial Intelligence. Smart Cities for Empowering Public Safety. 

Horizon Europe MLSysOps: design, implement and evaluate a complete AI-controlled framework for autonomic end-to-end system management across the full cloud-edge continuum. MLSysOps will employ a hierarchical agent-based AI architecture to interface with the underlying resource management and application deployment/orchestration mechanisms of the continuum. Energy efficiency and utilization of green energy, performance, low latency, efficient, and trusted tier-less storage, cross-layer orchestration including resource-constrained devices, resilience to imperfections of physical networks, trust, and security, are key elements of MLSysOps addressed using ML models. Smart with AI and Security. 

H2020 IRIS: design and implement data encryption and secure data recovery techniques on consortium blockchain. Data protection implementation on smart city's transportation and smart grid. 

H2020 ASSURED: secure data management and sharing via the combination of cryptographic tools and blockchain technique. This project has been successfully completed.

Here are selected publications since 2020. Some references related to publication quality on Google Scholar top publication venue, core conference/journal ranking and CSRankings: Cybersecurity.   

• LADDER: Multi-Objective Backdoor Attack via Evolutionary Algorithm, NDSS (A* conference) 2025. 

• MUDGUARD: Taming Malicious Majorities in Federated Learning using Privacy-preserving Byzantine-robust Clustering, SIGMETRICS (A* conference) 2025.  

• Athena: Accelerating KeySwitch and Bootstrapping for Fully Homomorphic Encryption on CUDA GPU ESORICS (A conference) 2025. 

• Low-Frequency Black-Box Backdoor Attack via Evolutionary Algorithm, WACV (A conference) 2025. 

• d-DSE: Distinct Dynamic Searchable Encryption Resisting Volume Leakage in Encrypted Databases, USENIX Security (A* conference) 2024. 

• Query Recovery from Easy to Hard: Jigsaw Attack against SSE, USENIX Security (A* conference) 2024. 

• Similar Data is Powerful: Enhancing Inference Attacks on SSE with Volume Leakages, ESORICS (A conference) 2024. 

• File-Injection Attacks on Searchable Encryption, Based on Binomial Structures, ESORICS (A conference) 2024. 

• Inject Less, Recover More: Unlocking the Potential of Document Recovery in Injection Attacks Against SSE, CSF (A conference) 2024. 

• PrivDNN: A Secure Multi-Party Computation Framework for Deep Learning using Partial DNN Encryption, PETS (A conference) 2024. 

• High Recovery with Fewer Injections: Practical Binary Volumetric Injection Attacks against Dynamic Searchable Encryption, USENIX Security (A* conference)  2023.

• The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption, NDSS (A* conference) 2023. 

• CCA-1 Secure Updatable Encryption with Adaptive Security, Asiacrypt (A conference) 2023. 

• FLVoogd: Robust And Privacy Preserving Federated Learning, ACML 2022. 

• More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks, ACSAC (A conference) 2022. 

• MVOC: A Lighter Multi-Client Verifiable Outsourced Computation with Hybrid Homomorphic Encryption, ESORICS (A conference) 2022. 

• Explore More, Reveal More - VAL: Volume and Access Pattern Leakage-abuse Attack with Leaked Documents, ESORICS (A conference) 2022.

• No-directional and Backward-leak Uni-directional Updatable Encryption are Equivalent, ESORICS (A conference) 2022. 

• DEKS: a Secure Cloud-based Searchable Service can Make Attackers Pay, ESORICS (A conference) 2022.

• DEFEAT: Deep Hidden Feature Backdoor Attacks by Imperceptible Perturbation and Latent Representation Constraints, IEEE CVPR (A* conference) 2022. 

• Incrementally Updateable Honey Password Vaults, USENIX Security (A* conference) 2021.

• PrivBox: Privacy-Preserving Deep Packet Inspection with Dual Double-masking Obfuscated Rule Generation, IEEE Transactions on Dependable and Secure Computing (top seven computer security and cryptography publication).

• FABRIC: Fast and Secure Unbounded Cross-System Encrypted Data Sharing in Cloud Computing, IEEE Transactions on Dependable and Secure Computing (top seven computer security and cryptography publication).

• Dual Access Control for Cloud-Based Data Storage and Sharing, IEEE Transactions on Dependable and Secure Computing (top two computer security and cryptography publication). 

• Sidechains With Optimally Succinct Proof, IEEE Transactions on Dependable and Secure Computing (top two computer security and cryptography publication). 

• ROSE: Robust Searchable Encryption With Forward and Backward Security, IEEE Transactions on Information Forensics and Security (top two computer security and cryptography publication). 

• HPAKE: Honey Password-authenticated Key Exchange for Fast and Safer Online Authentication, IEEE Transactions on Information Forensics and Security (top two computer security and cryptography publication). 

• Practical Threshold Multi-Factor Authentication, IEEE Transactions on Information Forensics and Security (top two computer security and cryptography publication).  

• Keyword Search Shareable Encryption for Fast and Secure Data Replication, IEEE Transactions on Information Forensics and Security (top two computer security and cryptography publication). 

• Passive Attacks Against Searchable Encryption, IEEE Transactions on Information Forensics and Security (top two computer security and cryptography publication). 

• Practical algorithm substitution attack on extractable signatures, Designs, Codes and Cryptography. 

•  Generic construction of threshold ring signatures and lattice-based instantiations, Designs, Codes and Cryptography. 

• PIVODL:Privacy-preserving vertical federated learning over distributed labels, IEEE Transactions on Artificial Intelligence. 

Post-doc:

If you are interested in doing R&D projects in our lab since 2020, please feel free to contact us. Some concrete topics are as follows:

• Decentralized trusted blockchain oracles by TEE.

• Attacks and countermeasures on federated learning. 

• Privacy-preserving and robust federated learning. 

• Secure IoT blockchain network via cryptographic software and hardware.

• Attacks and countermeasures on searchable encryption/encrypted database.

Some completed/ongoing MSc projects: 

A. Popovici: A new backdoor for machine learning models. 

T. Langhout: Attacks on dynamic searchable symmetric encryption - and the thesis was published in ESORICS 2024.

S. Moergestel: Improving backdoor defenses in federated learning for non-IID datasets. 

L. Franschman: Lattice based zero-knowledge proofs for post-quantum security. 

R. Stenhuis: Feature extraction to detect adversarial examples. 

A. Kalisa: Poisoning attack on federated learning. 

M. Khattat: Improving the scalability of FROST on mobile devices. 

Y. Haveman: TPM in satellite  communication. 

M. Zhang: Unlocking the Potential of Document Recovery in Injection Attacks against SSE - and the thesis was published in IEEE CSF 2024.  

B. Schaick: Introducing Privacy-Enhancing Technologies to Consortium Blockchains.  

S. Lambregts: attacks on searchable encryption - and the thesis was published in ESORICS 2022. 

Y. Tian: privacy-preserving federated learning  - and part of the thesis was published in ACML 2022. 

H. Ilbaş: attacks on searchable encryption

J. Thomas : forward and backward secure searchable encryption (with Dr. Florian Hanh)

Bachelor projects: smart contract, NIST post-quantum investigation and privacy-preserving federated learning. 

K. Tjiam, C. Paulsen, R. Stefanov, C. Slager, S. Orth

M. Soos, R. Minea, A. Titu, H. Culea

L. Dekhuijzen, A. Feldman, G. Mazzola, M. C. Enache

F. Joosen, C. Park, M. Alrefaai, A. Kahawati, J. Sanchez