Research and Development
Research and development at the Chair for Network and Data Security concentrates on cryptographic protocols, Internet security and XML security. Our goal is to propose new solutions based on a thorough knowledge of techniques and standards in these areas.
Cryptographic protocols form the basis of many security solutions, from well-known Internet standards like SSL to little-known broadcast encryption techniques für blue ray disks. We try to prove the security of these protocols in a model that is as close as possible to reality. An especially challengig area is group based cryptography, becasue here we have to model concurrency, participation in different groups, and malicious group members.
Browser Based Protocols
Browser based protocols (secure cookies, Pharming, SSL client certificates and CRLs, Human-Server-Interaction, AJAX), e-mail (XMaiL, header protection for OpenPGP and S/MIME) and group communication (key agreement for IP multicast) are key Internet research areas.In der Internetsicherheit liegen die Forschungsschwerpunkte in den Bereichen Browser-basierte Protokolle (Secure Cookies, Pharming, SSL Client Certificates, SSL CRLs, Human-Server-Interaction, AJAX, beweisbare Sicherheit), E-Mail (XMail, Header Protection with OpenPGP/SMime) und Gruppenkommunikation (beweisbar sichere Gruppenschlüsselvereinbarung für IP Multicast).
XML Data Format
XML as the futire ubiquitous data format offers many new possibilities, but also security risks:
- XML signature can sign many (even overlapping) parts of a document, but the signature wrapping attacks described in 2005 show that more research is needed.
- XML Encryption enables platform independent encryption of data, and is much more felxible than PKCS#7.
- WS-Trust has the potential to unify incompatible islands of trust (OpenPGP, X.509, Kerberos, Username/Password).
- For all important standards, open source libraries are available.