I am currently a postdoc (Shuimu Tsinghua Scholar, 水木学者) at Institute for Advanced Study, Tsinghua University (IASTU) hosted by Prof. Xiaoyun Wang.


  • Address: Room 401, Science Building, Tsinghua University, Beijing 100084, China
  • E-mail: congtianshuo AT tsinghua DOT edu DOT cn

Research Interests

  • Trustworthy Machine Learning
  • Secure Multi-party Computation
  • Lightweight Cipher Design


Tsinghua University
2017.08 - 2023.06, Beijing, China
Ph.D. in Mathematics at Institute for Advanced Study
Advisor: Prof. Xiaoyun Wang (IACR Fellow)
CISPA Helmholtz Center for Information Security
2021.08 - 2023.01, Saarbrücken, Germany
Visiting Ph.D. student at CISPA
Advisor: Dr. Yang Zhang
Tsinghua University
2013.08 - 2017.06, Beijing, China
B.Eng. in Electronic Engineering
Advisor: Prof. Yong Ren

Honors & Awards

  • CACR Outstanding Doctoral Dissertation Award, 2023.11
  • Shuimu Tsinghua Scholar Progam (2023.07-2025.07)
  • 2nd prize, National Cryptographic Algorithm Design Competition, 2020.01


  • [2024.07] I'll serve on the PC for IEEE SaTML 2025, please consider to submit papers!
  • [2024.05] We release JailbreakEval, an integrated safety evaluator toolkit for assessing jailbreaks against large language models.
  • [2024.04] Invited to serve on the PC of PETS 2025.
  • [2024.03] Became an invited reviewer of ECCV 2024.
  • [2024.02] Invited to serve on the PC of ACSAC 2024.
  • [2024.01] Check out a curated reading list on safety, security, and privacy of large models!
  • [2023.12] Gave a talk titled "Attack AI models: From ResNet to GPT-4" at Xi'an Jiaotong University!
  • [2023.12] Became an invited reviewer of ACM TOPS.
  • [2023.12] Became an invited reviewer of IEEE TDSC.
  • [2023.11] We proposed FigStep, a quite simple yet effective jailbreaking algorithm against large vision-language models (VLMs)!
  • [2023.11] Became an invited reviewer of CVPR 2024.
  • [2023.11] Became an invited reviewer of ACM TKDD.
  • [2023.10] Served on the AEC of CCS 2023.
  • [2023.08] One technical report titled "Robustness Over Time: Understanding Adversarial Examples’ Effectiveness on Longitudinal Versions of Large Language Models" was released!
  • [2023.07] Gave a talk titled "Privacy and Security Analysis of Deep Learning" at Harbin Institute of Technology (Shenzhen)!
  • [2023.07] One paper titled “Test-time Poisoning Attacks Against Test-time Adaptation Models” got accepted in IEEE S&P (Oakland) 2024!
  • [2023.07] I joined Tsinghua IAS as a postdoc and was selected as "Shuimu Tsinghua Scholar"!
  • [2023.05] Successfully passed the Ph.D. defense!
  • [2022.04] One paper titled “SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders” got accepted in ACM CCS 2022!
  • [2021.08] Started my visiting Ph.D. program at CISPA Helmholtz Center for Information Security, Saarbrücken, Germany!