Stefan Kölbl

Stefan Kölbl

Staff Engineer, Tech Lead Manager

Google

Professional Summary

I am a Staff Engineer and Tech Lead Manager at Google, where I work in the Security Engineering team. My focus is on post-quantum cryptography and enabling developers at Google and across the internet to use cryptography safely and correctly.

I have a PhD in cryptography and an extensive background in the design and analysis of symmetric-key algorithms, post-quantum cryptography, and lightweight cryptography. I have contributed to several cryptographic standardization efforts, including the SKINNY cipher, which is part of the ISO/IEC 29192-2 standard. I also contributed to the SPHINCS+ signature scheme, which was standardized by NIST as FIPS 205. I currently represent Switzerland in the ISO/IEC JTC 1/SC 27/WG 2 committee for cryptography and security mechanisms.

Before joining Google, I was a Senior Technology Manager at Cybercrypt and a postdoctoral researcher at the Technical University of Denmark, working on the H2020 PQCRYPTO project.

Education

PhD in Cryptology

Technical University of Denmark

MSc in Computer Science

Graz University of Technology

BSc in Computer Science

Graz University of Technology

Interests

Post-quantum Cryptography Cryptographic Hash Functions and Block Ciphers Secure and Efficient Implementations Tools for Cryptanalysis
Featured Publications
How to Abuse and Fix Authenticated Encryption Without Key Commitment featured image
Authenticated Encryption

How to Abuse and Fix Authenticated Encryption Without Key Commitment

Authenticated encryption (AE) is used in a wide variety of applications, potentially in settings for which it was not originally designed. Recent research tries to understand what …

ange-albertini
Read more
The SPHINCS+ Signature Framework featured image
Hash-Based Signatures

The SPHINCS+ Signature Framework

We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, …

daniel-j.-bernstein
Read more
Finding Integral Distinguishers with Ease featured image
Block Ciphers

Finding Integral Distinguishers with Ease

The division property method is a technique to determine integral distinguishers on block ciphers. While the complexity of finding these distinguishers is higher, it has recently …

zahra-eskandari
Read more
Gimli: a cross-platform permutation featured image
Permutations

Gimli: a cross-platform permutation

This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, …

daniel-j.-bernstein
Read more
The SKINNY Family of Block Ciphers and its Low-Latency Variant MANTIS featured image
Block Ciphers

The SKINNY Family of Block Ciphers and its Low-Latency Variant MANTIS

We present a new tweakable block cipher family SKINNY, whose goal is to compete with NSA recent design SIMON in terms of hardware/software performances, while proving in addition …

christof-beierle
Read more
See all
Recent Publications
Ange Albertini, Thai Duong, Shay Gueron, Stefan Kölbl, Atul Luykx, Sophie Schmieg (2022). How to Abuse and Fix Authenticated Encryption Without Key Commitment. In Usenix 2022.
PDF Slides Code
Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, Peter Schwabe (2019). The SPHINCS+ Signature Framework. In ACM CCS 2019.
PDF
Gianira N. Alfarano, Christof Beierle, Takanori Isobe, Stefan Kölbl, Gregor Leander (2018). ShiftRows Alternatives for AES-like Ciphers and Optimal Cell Permutations for Midori and Skinny. In TOSC 2018.
PDF Code
Ralph Ankele, Stefan Kölbl (2018). Mind the Gap - A Closer Look at the Security of Block Ciphers against Differential Cryptanalysis. In SAC 2018.
PDF Code
Zahra Eskandari, Andreas Brasen Kidmose, Stefan Kölbl, Tyge Tiessen (2018). Finding Integral Distinguishers with Ease. In SAC 2018.
PDF Code
See all
Talks
Stefan Kölbl (2024). A note on SPHINCS+ parameter sets.
Slides
Stefan Kölbl (2023). Post-quantum Cryptography at Google.
Slides
Stefan Kölbl (2023). Crypto Agility and Post-Quantum Cryptography @ Google.
Video
Stefan Kölbl (2022). How to Abuse and Fix Authenticated Encryption Without Key Commitment.
Slides Video
Stefan Kölbl (2019). ShiftRows Alternatives for AES-like Ciphers and Optimal Cell Permutations for Midori and Skinny.
See all
Projects
SPHINCS+ / SLH-DSA featured image
Post-Quantum

SPHINCS+ / SLH-DSA

SPHINCS+ is a stateless hash-based signature scheme standardized as FIPS 205.

Read more
Skinny featured image
Lightweight Cryptography

Skinny

A lightweight tweakable block cipher standardized in ISO 18033-7.

Read more
CryptoSMT featured image
Cryptanalysis

CryptoSMT

A tool for automating differential cryptanalysis for cryptographic primitives.

Read more
Gimli featured image
Lightweight

Gimli

A cryptographic permutation designed for high performance. Gimli is part of the NIST Lightweight Project and is part of LibHydrogen.

Read more
Haraka featured image
Post-Quantum

Haraka

A short-input hash function optimized for high performance on platforms supporting [AES-NI](https://en.wikipedia.org/wiki/AES_instruction_set). Used in …

Read more
See all