Dr. Andreas Peter (Assistant Professor)



Assist.-Prof. Dr. Andreas Peter


Zilverling 4063


+31 53 489 2918


Area: Security & Privacy Engineering

Research Interests

  • Privacy-Enhancing Technologies
  • Cryptographic Protocol Design and Analysis
  • Security and Privacy in Building Automation Systems
  • Network Intrusion Detection Systems

Current Activities

Recent Publications

The complete list of publications can be found at:
EEMCS EPrints Service
  • uMine: a Blockchain based on Human Miners with H. Kopp, F. Kargl, and C. Bösch
    20th International Conference on Information and Communications Security (ICICS 2018), October 2018, Lille, France
    [to appear]
  • DECANTeR: DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting with R. Bortolameotti, T. van Ede, M. Caselli, M. H. Everts, P. Hartel, R. Hofstede, and W. Jonker
    33rd Annual Computer Security Applications Conference (ACSAC 2017), December 2017, Orlando, USA
  • Multi-client Predicate-only Encryption for Conjunctive Equality Tests with T. van de Kamp, M. H. Everts, and W. Jonker
    16th International Conference on Cryptography and Network Security (CANS 2017), November 2017, Hong Kong, China
    [to appear]
  • Automatic Deployment of Specification-based Intrusion Detection in the BACnet Protocol with H. Esquivel-Vargas and M. Caselli
    3rd ACM Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC 2017), November 2017, Dallas, USA
  • Using Oblivious RAM in Genomic Studies with N. Karvelas and S. Katzenbeisser
    12th International Workshop on Data Privacy Management (DPM 2017), September 2017, Oslo, Norway
  • Private Sharing of IOCs and Sightings with T. van de Kamp, M. H. Everts, and W. Jonker
    3rd ACM Workshop on Information Sharing and Collaborative Security (WISCS 2016), October 2016, Vienna, Austria
  • Reliably Determining Data Leakage in the Presence of Strong Attackers with R. Bortolameotti, M. H. Everts, W. Jonker, and P. Hartel
    32nd Annual Computer Security Applications Conference (ACSAC 2016), December 2016, Los Angeles, CA, USA
  • Publicly Verifiable Private Aggregation of Time-Series Data with B. G. Bakondi, M. H. Everts, P. Hartel, and W. Jonker
    10th International Conference on Availability, Reliability and Security (ARES 2015), August 2015, Toulouse, France
    [IEEE Xplore]
  • Indicators of Malicious SSL Connections with R. Bortolameotti, M. H. Everts, and D. Bolzoni
    9th International Conference on Network and System Security (NSS 2015), November 2015, New York, NY, USA
  • Secure Cluster-Based In-Network Information Aggregation for Vehicular Networks with S. Dietzel and F. Kargl
    81st IEEE Vehicular Technology Conference (VTC Spring 2015), May 2015, Glasgow, United Kingdom
    [IEEE Xplore]

PhD Students

  • Joris Cramwinckel (Mar 2018 - ongoing) [external: University of Amsterdam]
    Topic: Blockchain Applications for Pensions (with Marc Francke)
  • Thijs van Ede (Feb 2018 - ongoing)
    Topic: Adaptive Application Fingerprinting for Intrusion Detection
  • Philipp Jakubeit (Nov 2017 - ongoing)
    Topic: Decentralized Identity Management (with Jaco van de Pol)
  • Herson Esquivel-Vargas (Nov 2016 - ongoing)
    Topic: Security & Privacy in Building Automation Systems
  • Valeriu Stanciu (Jan 2016 - ongoing) [external: University Politehnica of Bucharest, Romania]
    Topic: Privacy-Preserving WiFi-Tracking for Crowd Management (with Maarten van Steen)
  • Tim van de Kamp (Feb 2015 - ongoing)
    Topic: Critical Infrastructure Protection through Cryptographic Incident Management
  • Riccardo Bortolameotti (Oct 2014 - ongoing)
    Topic: Determining and Reducing the Impact of Data Breaches
    Awards: Best Poster Award at 1st Cyber Security Workshop in the Netherlands (2015)
  • Bence Gabor Bakondi (Mar 2014 - ongoing)
    Topic: Trusted Healthcare Services (with Willem Jonker)
    Awards: Best Poster and Best Presentation Award at ICT.Open 2016
  • Christoph Bösch (finished on January 21, 2015)
    Topic: Practically Efficient Searchable Encryption and Applications (with Willem Jonker and Pieter Hartel)
  • Arjan Jeckmans (finished on February 5, 2014)
    Topic: Cryptographically-Enhanced Privacy for Recommender Systems (with Pieter Hartel)

Master Students

  • David Stritzl (ongoing): Analysis and Improvement of the MA3TCH Algorithm
  • Fedor Beets (ongoing): Privay-Preserving Smart Contracts for Rental Services on the Blockchain
  • Mario Vuolo (ongoing): Flow-Based Detection of Data Breaches
  • Anirudh Ekambaranathan (ongoing): Lattice-Based Functional Encryption
  • Thijs van Ede (graduated Dec 15, 2017): Detecting Adaptive Data Exfiltration in HTTP Traffic
  • Alex Shyvakov (graduated Aug 24, 2017): Developing a Security Framework for Robots
  • Ikram Ullah (graduated Nov 28, 2016): Detecting Lateral Movement Attacks through SMB using BRO
  • Pallavi Jagannatha (graduated Nov 28, 2016): Automatic Intensive Data Mining around Security Incidents
  • Dennis Schroer (graduated Nov 23, 2016): End-to-End Encryption using Attribute Based Encryption in Healthcare
  • Yannis Koukoulis (graduated Sep 30, 2016): Dual Location Laser Fault Injection
  • Herson Esquivel-Vargas (graduated Sep 26, 2016): Automatic Deployment of Specification-based Intrusion Detection in the BACnet Protocol
  • Joep Peeters (graduated Aug 26, 2016): Fast and Accurate Likelihood Ratio Based Biometric Comparison in the Encrypted Domain
  • Uraz Odyurt (graduated Aug 25, 2016): Bring Your Own Authentication/Authenticator Security in Physical Access Control Systems
  • Van Huynh Le (graduated Aug 23, 2016): Analyzing White-Box Designs for Differential Computation Analysis Resistance
  • Simon de Vries (graduated Aug 11, 2016): Achieving 128-Bit Security Against Quantum Attacks in OpenVPN
    KHMW Internet Scriptieprijs 2016, ENIAC Best Master Thesis Award 2015/2016
  • Moritz Müller (graduated Aug 14, 2015): SIDEKICK: Suspicious Domain Classification in the .nl Zone
    KHMW Internet Scriptieprijs 2015
  • Ines Carvajal Gallardo (graduated Jul 31, 2015): Privacy-Preserving DNA-Based Social Recommender
  • Getachew Mulualem (graduated Mar 3, 2015): Compression and Encryption for Satellite Images
  • Rick van Galen (graduated Nov 28, 2014): Design and Feasibility of Peer-to-Peer Mobile Payment Systems
  • Cristian Staicu (graduated Aug 28, 2014): Lightweight Public-Key Cryptography
  • Felix Günther (graduated Mar 19, 2013): Privacy-Preserving Participatory Sensing with Data Aggregation

Current Projects

CRIPTIM - CRitical Infrastructure Protection Through cryptographic Incident Management


Critical Infrastructure Protection (CIP) mechanisms are commonly based on complex models of interdependencies between the many operators in our critical infrastructure. Particularly due to the rapid emergence of new cyber-threats, the sharing of incident information is indispensable for the functioning of such mechanisms. However, the high sensitivity of this information prevents operators from sharing it.

CRIPTIM introduces the new paradigm of "cryptographic incident management" for CIP that ensures data confidentiality with cryptographic guarantees, thereby reducing the operators' fears of information leakage. The underlying idea is to monitor and analyze incident data in the encrypted domain, while an alarm is set off only when a certain failure or alarm state is detected. The subsequent alarm resolution is facilitated through novel access control mechanisms for the selective disclosure of alarm-related information. CRIPTIM realizes this paradigm by developing novel custom-tailored cryptographic techniques in Secure Multiparty Computation, Homomorphic- and Functional Encryption, as well as Oblivious RAM. The intended technology will, for the first time, allow external parties, like intelligence agencies, to feed threat-related topsecret information into the monitoring system which may be the missing piece for the early detection of potentially major disasters. CRIPTIM sets the foundations for this innovative approach to CIP and contributes to an effective and confidential incident management that leads to a more secure and reliable critical infrastructure.



In the last few years, data breaches are constantly on the front pages of major newspapers. Cyber criminals, hacktivists or state-sponsored groups are compromising the networks of companies in order to steal their assets, which span from customer data, intellectual properties, or secret documents. These attacks do not only affect the companies' businesses but also their customers and potentially their lives. For instance, a customer can be victim of identity fraud once his data has been leaked to criminals. Governments and lawmakers recognize the problem and recently approved the first legal obligations for companies regarding these incidents. Nonetheless, companies lack of many technical solutions to deal with these attacks.

#BREACHED focuses on filling the technological gap that companies face when dealing with data breaches. The goal of this project is to create innovative technical solutions that deal with different aspects of such threats. The technologies proposed in this project will allow companies to better protect themselves even in case the attacker is very powerful. The aspects touched by the project span from the prevention of a data breach to the evaluation of its consequences and severity.

BASS - Building Automation Systems Security and Privacy


Building Automation Systems (BASs) are one of the applications of the “Internet of Things” (IoT). Millions of people work and live in smart buildings around the world. BASs have steadily grown because of two reasons: (1) the convenience of process automation (e.g. energy management, access control, etc.); and (2) the comfort provided to the users (e.g. preferred temperature, lightning, etc.). Sensors and actuators are disseminated throughout the buildings to enable the implementation of BASs. Building inhabitants may not be aware of the presence of such devices even though they closely interact with them every day.

The communication between BAS devices used to have its own protocol stack, from the physical to the application layers. Modern BASs, however, use the communications infrastructure that is usually already in place (Local Area Networks). Moreover, this approach enables remote management and monitoring. Unfortunately, it also enables cyberattacks from remote locations. People's safety and privacy could be compromised with BASs that are connected to computer networks. To overcome these problems, the BASS project studies the security and privacy issues in modern building automation systems and develops dedicated protection mechanisms, such as tailored privacy-enhancing technologies and network-based intrusion detection systems.

THeCS - Trusted HealthCare Services


Now that e-Health (electronic health services over the internet) is becoming available there is considerable concern about privacy and security of all that data that we share or submit. The lack of trust was the reason for the Dutch Senate not to pass the bill for the proposed nationwide Electronic Patient Records system even though many millions were spent building the system. But it is not only with nationwide systems; in every communication regarding our health we want our data to be secure.

The THeCS project addresses security, privacy and trust as the key issues in adoption of novel e-Health services, which have great potential to improve healthcare and decrease cost. However, trust privacy and security are seen as roadblocks for wider adoption of these services. In this project we develop mechanisms to solve these privacy and security issues.

Short CV

  • 2008: Master of Advanced Study in mathematics (M.A.St.), University of Cambridge (GBR)
  • 2009: Diploma in mathematics (cum laude; minor subject: computer science), Carl-von-Ossietzky Universität Oldenburg (DEU)
  • 2009 - 2013: Research assistant at the Computer Science Department, Technische Universität Darmstadt (DEU)
  • 2013: Ph.D. in computer science (cum laude), Technische Universität Darmstadt (DEU)
  • 2013 - 2014: Post-doc in the Distributed and Embedded Security group, University of Twente (NLD)
  • 05/2018 - 08/2018: Visiting Professor in the Cryptography, Security, and Privacy group, University of Waterloo (CAN)
  • since 2014: Assistant Professor (tenure track) in the Services, Cybersecurity and Safety group, UTwente (NLD)