Featured image of post About


Hi, I’m Franziskus, a security & cryptography engineer and researcher based in Berlin. I’m the co-founder of Cryspen, a company that builds custom high assurance cryptography.

Previously I was leading the security engineering efforts at Wire. And before that I was working on Mozilla’s cryptography library NSS and Firefox. I’m interested in everything around applied cryptography, in particular authentication and key exchange protocols, formally verifiable specifications and implementations of cryptographic primitives, and privacy preserving data collection and computation. I’m also the initiator and co-organiser of the Berlin Crypto Meetup.

If you want to get in touch, send me a message to mail@ this domain or a DM on Twitter, or schedule a call.


A short overview of my professional life. A more formal CV can be found here as pdf.

Co-founderCryspen, Since October 2021

EngineerOpenMLS, Since October 2021

Security Engineering LeadWire, June 2020 - August 2021

Head of Cryptography EngineeringFraunhofer AISEC, January 2020 until May 2020

Senior Cryptography/Security EngineerMozilla, October 2015 - January 2020

Security Engineering InternMozilla, May 2015 - July 2015

Web Administrator for FMS Group — University of Surrey, May 2014 - September 2015

Server Administrator for Group Server — University of Surrey, March 2013 - September 2015

Teaching Assistance — University of Surrey, January 2013 - September 2015

Software Developer — Flexsecure GmbH, November 2009 - October 2012


PhD in Computer Science (Cryptographic Protocols)University of Surrey, January 2013 – February 2016

Working on password-based authentication in the PRIMAKE project. The Private Multi-Party Authentication and Key Exchange (PRIMAKE) project aims at the design and analysis of efficient provably private cryptographic protocols that will form a basis for a range of privacy-preserving applications. PRIMAKE protocols will give users full control over their own data, protect their anonymity, and eliminate user profiling. PRIMAKE protocols will have formal proofs of security and privacy, obtained using modern cryptographic techniques.

M.Sc. in Computer Sciences (distinction)Technische Universität Darmstadt, October 2010 – October 2012

M.Sc. in IT-Security (distinction)Technische Universität Darmstadt, October 2010 – October 2012

B.Sc. in Computer Sciences (honours)Technische Universität Darmstadt, October 2007 – October 2010


Guest Lectures

  • 2019/2020: Key Exchange & Trust - Establish keys with(out) public key infrastructures @ FU Berlin
  • 2019: WebPKI in Practice - Practical aspects and it’s implementation at Mozilla @ TU Darmstadt
  • 2019: Secure Content Transfer on the Internet @ TU Berlin

Talks (Selected)

  • Asynchronous Remote Key Generation: An Analysis of Yubico’s Proposal for W3C WebAuthn — RWC (Slides, Video), January 2021, Online (Presented by Emil Lundberg)
  • hacspec - towards verifiable crypto standards — SSR, November 2018, Darmstadt
  • HACL* in Mozilla Firefox — RWC, January 2018, Zürich
  • Universally Composable Two-Server PAKE — ISC, September 2016, Honolulu
  • Oblivious PAKE – Efficient Handling of Password Trials — ISC, September 2016, Honolulu
  • Zero-Knowledge Password Policy Checks and Verifier-Based PAKE — ESORICS, September 2014, Wroclaw
  • Distributed Smooth Projective Hashing and its Application to 2Server PAKE — CryptoForma, May 2014, York and ACNS, June 2014, Lausanne
  • Oblivious PAKE: Efficient Handling of Password Trials — CryptoForma, April 2013, Microsoft Research, Cambridge
Built with Hugo
Theme Stack designed by Jimmy