Meldungen des Lehrstuhls NDS

PDF In­se­cu­ri­ty at NDSS 2021

04.03.2021 - Vladislav Mladenov

Recently, we have pu­blis­hed two pa­pers on the "NDSS Symposium 2021".

Our first paper is "Pro­ces­sing Dan­ge­rous Paths - On Se­cu­ri­ty and Pri­va­cy of the Por­ta­ble Do­cu­ment For­mat" and deals with the security issues in PDF files. In the paper, we answer the question "What could go wrong if you open a PDF file?".

Our se­cond paper "Shadow At­tacks: Hiding and Re­pla­cing Con­tent in Si­gned PDFs" presents novel attacks on PDF signatures. The attacks allow the manipulation of digitally signed PDF documents without causing any warning by opening the file.

More in­for­ma­ti­on can be found on "pdf-in­se­cu­ri­ty.​org", in our blog­posts ("Blogpost: PDF Dangerous Paths", "Blogpost: PDF Shadow Attacks"), and videos ("Youtube: PDF Dangerous Paths", "Youtube: PDF Shadow Attacks").

Raccoon Attack: A new attack on TLS

02.10.2020 - Robert Merget

In Kooperation mit der Universität Paderborn, der Tel Aviv University und dem BSI haben NDS Wissenschaftler eine neue Schwachstelle im TLS Standard entdeckt. Bei der Schwachstelle, welche die Forscher "Raccoon" getauft haben, handelt es sich um eine Timing Schwachstellen in der Spezifikation von TLS. Mittels neuer Techniken können unter gewissen Umständen TLS-DH(E) Verbindungen entschlüsselt werden.

Complete article

source

T0RTT at PETS 2020

30.03.2020 - Sebastian Lauer

In cooperation with scientists from the Universities of Paderborn and Wuppertal we have published the paper "T0RTT: Non-Interactive Immediate Forward-Secure Single-Pass Circuit Construction" at the 20th Privacy Enhancing Technologies Symposium.

Our paper deals with the question whether it is possible to speed up the circuit construction in Tor without sacrificing security properties such as forward security.

More infos can be found "here"

NDS Wissenschaftler gewinnen europäischen Forschungspreis

15.11.2019 - Martin Grothe

Mit Ihrem ACM CCS 2019 Paper 1 Trillion Dollar Refund – How To Spoof PDF Signatures konnten die NDS & Hackmanit Forscher um Dr.-Ing. Vladislav Mladenov, Dr.-Ing. Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe und Prof. Dr. Jörg Schwenk die Jury des CSAW Applied Research Contests überzeugen und gewannen am Freitag den 08.11.2019 den 1. Platz. Sie setzten sich dabei mit Ihrer Publikation gegen eine hochkarätige, europaweite Mitbewerberschaft durch, welche Ihre Arbeiten ebenfalls bei Top Tier Konferenzen veröffentlichten.

Workshop on Attacks in Cryptography

07.10.2019 - Juraj Somorovsky

In August 2019, we organized the second edition of the Workshop on Attacks in Cryptography (WAC2). This workshop was part of the famous CRYPTO conference in Santa Barbara and its aim was to bring together researchers working on cryptographic attacks. They provided a showcase of their work for the Crypto community. Among others, invited list of speakers contained Matthew Green, Mathy Vanhoef, and Nadia Heninger.

The workshop website with the slides is available here: https://crypto.iacr.org/2019/affevents/wac/page.html

Thanks to our sponsors (CASA and Hackmanit), we were also able to record videos: https://www.youtube.com/playlist?list=PLeeS-3Ml-rpo5tZgu7J2MhnrCJf0lSsqn

to news archive