30.03.2020 - Sebastian Lauer
In cooperation with scientists from the Universities of Paderborn and Wuppertal we have published the paper "T0RTT: Non-Interactive Immediate Forward-Secure Single-Pass Circuit Construction" at the 20th Privacy Enhancing Technologies Symposium.
Our paper deals with the question whether it is possible to speed up the circuit construction in Tor without sacrificing security properties such as forward security.
More infos can be found "here"
15.11.2019 - Martin Grothe
Mit Ihrem ACM CCS 2019 Paper 1 Trillion Dollar Refund – How To Spoof PDF Signatures konnten die NDS & Hackmanit Forscher um Dr.-Ing. Vladislav Mladenov, Dr.-Ing. Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe und Prof. Dr. Jörg Schwenk die Jury des CSAW Applied Research Contests überzeugen und gewannen am Freitag den 08.11.2019 den 1. Platz. Sie setzten sich dabei mit Ihrer Publikation gegen eine hochkarätige, europaweite Mitbewerberschaft durch, welche Ihre Arbeiten ebenfalls bei Top Tier Konferenzen veröffentlichten.
07.10.2019 - Juraj Somorovsky
In August 2019, we organized the second edition of the Workshop on Attacks in Cryptography (WAC2). This workshop was part of the famous CRYPTO conference in Santa Barbara and its aim was to bring together researchers working on cryptographic attacks. They provided a showcase of their work for the Crypto community. Among others, invited list of speakers contained Matthew Green, Mathy Vanhoef, and Nadia Heninger.
The workshop website with the slides is available here: https://crypto.iacr.org/2019/affevents/wac/page.html
Thanks to our sponsors (CASA and Hackmanit), we were also able to record videos: https://www.youtube.com/playlist?list=PLeeS-3Ml-rpo5tZgu7J2MhnrCJf0lSsqn
30.09.2019 - Christian Mainka
We have published two papers on the 26th ACM Conference on Computer and Communications Security in London.
Our first paper is 1 Trillion Dollar Refund -- How To Spoof PDF Signatures and deals with the insecurity of PDF Signatures.
Our second paper is Practical Decryption exFiltration: Breaking PDF Encryption and shows how to extract plaintext out of encrypted PDFs.
16.08.2019 - Jens Müller
In cooperation Münster University of Applied Sciences, we published two more “Johnny” papers on email security. “Johnny, you are fired!” (USENIX Security 2019, https://usenix.org/system/files/sec19-muller.pdf) shows practicals forgery attacks against various implementations of OpenPGP and S/MIME email signature verification in five different attack classes. “Re: What's up Johnny” (ACNS 2019, https://arxiv.org/pdf/1904.07550) depicts covert content attacks on OpenPGP and S/MIME encryption and signatures in the context of email. In both papers we do not target the underlying cryptographic primitives, but instead abuse legitimate features of email-related RFCs.