Rosario Giustolisi

Associate Professor
Department of Computer Science
IT University of Copenhagen
Office: 4C03


  • Feb 2021 I have an opening position for a postdoc working on Security/Cryptography.
  • Aug 2020 I will be co-track chair at SEC@SAC21. Consider to submit your best papers.
  • Mar 2018 The book Modelling and Verification of Secure Exams is available at Springer.

I am an associate professor at the IT University of Copenhagen. My research interests include many aspects of computer security, including

  • Automated analysis of cryptographic protocols in the symbolic model
  • Accountability notions in security protocols
  • Sociotechnical security aspects of real world systems

Before joining the security group at ITU, I was a postdoc at SICS RISE and a member of the security lab in Lund, Sweden. I received my PhD from the University of Luxembourg where I mainly worked in the design and analysis of secure exam protocols. I wrote a book based on my PhD thesis.

Publications [authors are normally listed in alphabetical order]



Conference and Workshop with proceedings



  • Sole PI, Villum Experiment “Enabling User-Accountable Mechanisms in Decision Systems”, 2020.
  • Best Paper Award at 22nd Nordic Conference (NordSec) Tartu, Estonia, November 8–10, 2017.
  • Sole PI, ICT TNG Postdoc Project "Secure 5G Networks for Transportation Services” , 2016.
  • Best CSC PhD thesis award, 2016.
  • Acknowledgments from Apple on the Security Advisory for an issue affecting OSX and iOS.
  • Best Paper Award at 11th International Conference on Security and Cryptography (SECRYPT), Vienna, Austria, August 28–30, 2014.

Professional Service

Conference Committees

Invited reviews
  • Journal referee: Elsevier's Computers & Security (2016-2020); Journal of Logical and Algebraic Methods in Programming ( 2019); IEEE Transactions on Learning Technologies (2016); Springer's Formal Aspect of Computing (2016); IEEE Security & Privacy (2016); Springer's International Journal of Information Security (2014); IEEE Transactions on Parallel and Distributed Systems (2013).
  • Conference sub-reviewer: ESORICS (2013-2017); NordSec (2018, 2017); ISCC (2016); SAC (2012-2015); MFCS (2014).
I conceived the Øresund Security Day , a workshop that aims at increasing collaboration among research groups that focus on security in the Øresund area (i.e., Copenhagen + South of Sweden). The second edition of the event was held in Lund, Sweden. The third edition was held in Lyngby, Denmark

I organise the cybersecurity breakfast talk series at ITU. Feel free to drop me an email if you are (or plan to be) in Copenhagen and would like to give a talk.


I proudly (co-)advised the following Bachelor and Master theses

  • Osman Hassan, BSc thesis: “Cybersecurity analysis of ride sharing app", 2020.
  • Ida Thrane and Marcus Grattan, BSc thesis: “Enhancing a Privacy Enforcing Paradigm with Semantic Similarity", 2020.
  • Anders Reedtz Sparrevoh and Lukas Hundt Pedersen, BSc thesis: “A Security analysis of the NemID app", 2020.
  • Mathias Hoyrup Nielsen and Mark Bredegaard Kragerup, BSc thesis: “The Weblint Tool - an ESLint-based static code analysis webservice", 2020.
  • Kasper Moeller Nielsen and Ivan Garbacz, MSc thesis: “Modelling human actors in security ceremonies”, 2019.
  • Thomas Tyge Andersen, BSc thesis: “Formal Verification of the Certificate Transparency Standard”, 2019 (co-supervision with Alessandro Bruni).
  • Sean Wachs and Rasmus Dilling Moeller, BSc thesis: “Verification of privacy in Bingo Voting”, 2019 (co-supervision with Alessandro Bruni).
  • Dennis Riget Hansen, BSc thesis: “Introduction to IOTA and Flash Channels”, 2018.
  • Markus Ahlstrom and Simon Holmberg, MSc thesis: “Prototype Implementation of 5G Security Enablers” 2016 (co-supervision with Christian Gehrmann).
  • Paul Meder, BSc thesis: “Implementation of an Anonymous Electronic Exam with Dispute Resolution”, 2015 (co-supervision with Gabriele Lenzini).


I am always interested in supervising new thesis projects. Below are some topic ideas.

  • Design and verification of accountability systems (e.g. Google's Certificate Transparency, Ethereum's proof-of-stake, voting systems, etc.)
  • Security analysis of socio-technical systems for fun and profit (e.g transport tickets, car sharing, bike rental app, vending machines, etc.)
  • Design and development of a secure application for secure exams.