Why is it secure? Visualizing security protocols with counterfactuals

Supervisor(s)Univ.-Prof. Dr. Rainer Böhme


People often find it difficult to understand security mechanism because they do not see the reasons for certain design decisions. To understand them, one has to anticipate how protocols fail if certain elements are not in place or not correctly enforced.

The objective of this thesis is to develop, evaluate and document an interactive demonstrator for a selected security protocol, which tries to overcome this difficulty: Users should be able to interactively deactivate or skip parts of the protocol (of introduce failures). If they do so, the resulting attack vector should be illustrated. The target audience for the demonstrator are generally educated citizens, not (only) computer specialists.

This thesis can be assigned to a team of students who develop a common technical framework and visual language. Each student then implements and documents a different protocol (e.g., TLS and Signal).


  • Unger, N., Dechand, S., Bonneau, J., et al. SoK: Secure Messaging. In IEEE Symposium on Security and Privacy. 2012, pp. 232–249.
  • Driscoll, M. The Illustrated TLS 1.3 Connection: Every byte explained. 2019. https://tls13.ulfheim.net.
  • Plaisant, C. The Challenge of Information Visualization Evaluation. In Proceedings of the Working Conference on Advanced Visual Interfaces (AVI). 2004, pp. 109–116.
  • Yildiz, E. and Böhme, R. Effects of Information Security Risk Visualization on Managerial Decision Making. In Proceedings of the 2nd European Workshop on Usable Security (EuroUSEC). Internet Society, Paris, France, 2017. [PDF]