• About CASED
• News & Events
  • News
  • Invited Talks & lectures
  • Events
  • Distinguished Lectures
  • Guests researchers
  • Newsletter
• Research
• Transfer & Innovation
• Education
• Press
• Links

• Contact
• Sitemap
• Imprint
• RSS-Feeds
Newsletter
E-Mail Address

Distinguished Lectures

• Prof. Úlfar Erlingsson, PhD
  Google Research, USA
  "Cloud Computing and Software Security"
  February 2, 2012, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Abstract: Software-as-a-service can provide great benefits, such as ubiquitous, reliable access to data, but cloud computing also raises new challenges and opportunities for computer security. Large-scale Web services must address both traditional security concerns, such as user authentication and key management, as well as newer issues like those raised by the need to maintain users' privacy.

  At the same time, cloud computing has innate security advantages, such as its use of easily updated and malleable software, which enables instrumentation ranging from individual specialization to large-scale execution summarization. This talk will briefly outline some of these issues and potential research topics in cloud security, with examples from Google's past and current technology efforts used to give context.

  Bio:

  Úlfar Erlingsson leads efforts in security research at Google. Previously, he has been a researcher at Microsoft Research, an Associate Professor at Reykjavik University, Iceland, and led security technology at two startups: GreenBorder and deCODE Genetics. He holds a PhD in CS from Cornell University.

• Prof. Dr. Ueli Maurer
  ETH Zurich, Switzerland
  "Constructive Cryptography -- A New Paradigm for Security"
  January 12, 2012, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Abstract: Constructive cryptography is a new paradigm for defining the security of cryptographic schemes such as symmetric and public-key encryption, key-agreement protocols, and digital signature schemes, and for designing and proving the security of protocols making use of such schemes.

  Such a cryptographic scheme can be seen (and defined) as constructing a certain resource (e.g. a channel or key) with certain security properties from another (weaker) such resource. For example, a secure encryption scheme constructs a secure channel from an authenticated channel and a secret key.

  In this talk we give an introduction to constructive cryptography suitable for non-specialist audience and compare it with traditional approaches to cryptography.

• Prof. John Daugman, PhD
  University of Cambridge, UK
  "Recognising persons by their iris patterns"
  December 8, 2011, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Abstract: Iris recognition is a biometric technology for identifying persons reliably by wavelet-encoding and analysis of the random patterns that are visible within the iris of an eye from some distance. Because the iris is a protected internal organ whose random texture is epigenetic and stable over life, it serves as a unique (but exposed) living key, whose entropy in different databases is always close to 250 bits. Recognition decisions are made with confidence levels high enough to support extremely rapid exhaustive searches through national-sized databases.

  Today there are many public deployments of this technology around the world, mainly at border-crossings in lieu of passports, or in watch-lists, or entry control. Independent government tests (e.g. by NIST) confirm extreme resistance to False Matches, and search speeds in the millions per second per CPU. Weaknesses include difficult image capture and the possibility of spoofing. The principle that underlies the recognition algorithms is the failure of an efficient test of statistical independence having many degrees of freedom, based on phase sequencing each iris pattern with quadrature 2D Gabor wavelets.

  Different eyes (including those of twins, or the right and left of one person) always pass this test of statistical independence, while images from the same iris almost always fail this test of independence, thereby signifying identity. A typical "IrisCode" template contains 1024 bytes, but even raw iris images are highly compressible for this purpose, to as little as 2000 to 4000 bytes without degrading recognition accuracy. This near convergence between data length (compressed image size) and description length (the biometric template) is reminiscent of Kolmogorov's concept of minimal description length, and has enabled the international Standardisation of image-based iris data formats that are non-proprietary, very portable and lightweight. Data used in this talk comes mainly from 200 billion iris cross-comparisons between different eyes, from a database consisting of 632,500 iris images acquired in the United Arab Emirates in a networked national border-crossing security programme that every day performs about 12 billion iris comparisons using these algorithms.

  Several other countries have now launched national biometric ID programmes, such as the Indian UIDAI which plans to enroll the irises of all 1.3 billion citizens of India to secure wefare benefits cards. Current research efforts with this technology in many laboratories seek (1) to make it more tolerant of difficult conditions of image capture, such as "iris on the move" and at a distance; and (2) anti-spoofing countermeasures.

• Cédric Fournet, PhD
  Microsoft Research, UK
  "Modular Code-Based Cryptographic Verification"
  November 24, 2011, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Joint work with Markulf Kohlweiss and Pierre-Yves Strub Type systems are effective tools for verifying the security of cryptographic programs. They provide automation, modularity and scalability, and have been applied to large security protocols. However, they traditionally rely on abstract assumptions on the underlying cryptographic primitives, expressed in symbolic models.

  Cryptographers usually reason on security assumptions using lower level, computational models that precisely account for the complexity and success probability of attacks. These models are more realistic, but they are harder to formalize and automate. We present the first modular automated program verification method based on standard cryptographic assumptions.

  We show how to verify ideal functionalities and protocols written in ML by typing them against new cryptographic interfaces using F7, a refinement type checker coupled with an SMT-solver. We develop a probabilistic core calculus for F7 and formalize its type safety in Coq. We build typed module and interfaces for MACs, signatures, and encryptions, and establish their authenticity and secrecy properties.

  We relate their ideal functionalities and concrete implementations, using game-based program transformations behind typed interfaces. We illustrate our method on a series of protocol implementations.

• Prof. Michael Reiter, Ph.D.
  Department of Computer Science, University of North Carolina at Chapel Hill, USA
  "Defending against Client Compromises in Client-Server Applications"
  June 30, 2011, TU Darmstadt | Piloty- Building S2/02 Room C110
  

  We present new methods for defending against client compromises in two client-server application scenarios. First, we consider online games, in which a client "compromise" reflects the unauthorized manipulation of the game client by the user himself, in order to cheat in the game.

  To address this threat, we develop a new cheat-detection method with which the server can validate that the messages received from the game client are consistent with the sanctioned client software.

  Second, we consider a user entering private information to a trusted web server, via a client computer that might be compromised by malware. To address this threat, we leverage trusted computing technology in a novel way to ferry the user's private inputs to the remote server while ensuring that malware cannot capture it.

• Prof. Elisa Bertino, Ph.D.
  CERIAS and Department of Computer Science Purdue University, West Lafayette, Indiana, USA
  "Protecting Information Systems from Insider Threats - Concepts and Issues"
  June 16, 2011, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Past research on information security has focused on protecting valuable resources from attacks by outsiders. However, statistics show that a large amount of security and privacy breaches are due to insider attacks. Protection from insider threats is challenging because insiders may have access to many sensitive resources and high-privileged system accounts.

  Suitable approaches need to combine several security techniques, like fine-grained access control, stronger authentication protocols, integrated digital identity management, intrusion detection, with techniques from areas like information integration, machine learning, and risk assessment. In this talk, after an introduction to the problem of insider threats, we will present recent work addressing the problem of anomaly detection and response policies for database management systems and then discuss open research issues.

• Prof. Dr. Rainer Blatt
  Innsbruck University, Innsbruck, Austria
  "The Quantum Way of Doing Computations"
  May 19, 2011, TU Darmstadt | Piloty- Building S2/02 Room C110
  
• Prof. David Naccache, Ph.D.
  École normale superiéure, Department of Computer Science, Paris, France
  "On Secret Leakage and Polymorphic Code Design"
  January 27, 2011
  
  In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location.

  As one can easily imagine, real-life devices are not ideal and information may leak through different physical channels. The topic has attracted considerable attention during the last decade.

  In this work we explore the use of polymorphic code as a way of resisting side channel attacks.

  The talk will report implementation results.

• Prof. Vitaly Shmatikov, Ph.D. (Stanford)
  The University of Texas at Austin, Austin, Texas, U.S.A.
  "The End of Anonymity, The Beginning of Privacy"
  January 13, 2011, TU Darmstadt | Piloty- Building S2/02, Room C110
  
  Abstract:

  The Internet economy relies on the collection and aggregation of personal data on an ever-increasing scale. Information about our tastes, purchases, searches, browsing history, social relationships, health history, genetics, and so forth is shared with advertisers, marketers, and researchers, who use it to predict individual behavior and provide personalized product offerings, recommendations, and even clinical treatments.

  I will survey privacy issues caused by massive aggregation of personal information. After demonstrating that the existing methods for "anonymizing" the data fail to provide meaningful privacy protection, I will describe new approaches to privacy-preserving computation.

  This includes Airavat, a new system for large-scale data analysis which integrates mandatory access control and differential privacy.

  Bio:

  Vitaly Shmatikov is an associate professor at the University of Texas at Austin. His research focuses on security, privacy, and formal verification methods for secure systems and protocols. Vitaly was the recipient of the 2008 PET Award for Outstanding Research in Privacy Enhancing Technologies.

• Prof. Dr. Audun Jøsang
  UNIK University Graduate Center, University of Oslo, Oslo, Norway
  "User-Centric Identity Management"
  November 4, 2010, TU Darmstadt | Piloty- Building S2/02 Room C110
  
  Abstract:

  The term “user-Centric identity management” is commonly used for any identity management solution that can improve the user experience compared to e.g. the traditional silo identity model.

  Identity federation can be described as user-centric in this sense because it can support SSO (single-sign-on), but identity federation can also be described as cloud identity management because the technology that supports identity federation is actually located on the network side.

  Another interpretation of user-centric identity management is when the technology for user-side identity management is local on the user side. Interestingly such models provide new possibilities for improved usability, strengthened security and privacy protection.

  This talk gives an overview of identity management models and provides an analysis of their strengths and vulnerabilities. Of particular interest are local user-centric models which have received relatively little attention from the industry and research community.

• Prof. Dr. Jean-Pierre Hubaux
  Computer Communications and Applications Laboratory 1, Ecole Polytechnique Federale de Lausanne, Lausanne, Switzerland
  "Location Privacy and Neighbor Discovery - Attacks, Countermeasures and Game-Theoretic Modeling"
  July 1, 2010, TU Darmstadt | Piloty- Building S2/02-C110
  
  After a brief overview of the security and privacy challenges raised by wireless networks, we will introduce a few fundamental notions of game theory. We will provide an overview of the way these notions have been used by several research groups to model rational behavior in security-related settings.

  We will then present in detail two examples we recently addressed, one related to revocation in ephemeral (e.g., vehicular) networks and the other to pseudonym change in mix zones. Finally, we will present some of our recent results on secure neighbor discovery and distance bounding.

  Note: some background information can be found in a recent book by L. Buttyan and JP Hubaux: "Security and Cooperation in Wireless Networks", Cambridge University Press, 2008. The pdf of the book is available at http://secowinet.epfl.ch

  Kurzbiografie

  Jean-Pierre Hubaux joined the faculty of EPFL in 1990. His research activity is focused on wireless networks, with a special interest in security and cooperation issues. In 1991, he designed the first curriculum in Communication Systems at EPFL. He was promoted to full professor in 1996. In 1999, he defined some of the main ideas of the National Competence Center in Research named "Mobile Information and Communication Systems" (NCCR/MICS); this center (still very active) was initially nicknamed "the Terminodes Project".

  In this framework, he has notably defined, in close collaboration with his students, novel schemes for the security and cooperation in wireless networks; in particular, he has devised new techniques for key management, secure positioning, and incentives for cooperation in such networks. In 2003, he identified the security of vehicular networks as one of the main research challenges for real-world mobile ad hoc networks. Some of his current research activities revolve around privacy issues in mobile networks and are partially funded by Nokia.

  He is co-founder and chairman of the steering committee of WiSec (the ACM Conference for Wireless Network Security). He has served on the program committees of numerous conferences and workshops, including SIGCOMM, INFOCOM, MobiCom, MobiHoc, SenSys, WiSe, and VANET. He is one of the seven commissioners of the Federal Communications Commission (ComCom), the "Swiss FCC". He held visiting positions at the IBM T.J. Watson Research Center and at UC Berkeley. He has been on the advisory board of Deutsche Telekom Laboratories (T-Labs) since their creation in 2004. He is an IEEE Fellow.

• Prof. Joshua Guttman, Ph.D.
  Worcester Polytechnic Institute, Worcester, Massachusetts, USA
  "Designing Correct Cryptoprotocols"
  June 17, 2010, TU Darmstadt | Piloty- Building S2/02-C110
  
  Cryptographic protocols are a central technique for coordinating
  different principals in distributed systems that may contain malicious participants.  In addition to basic uses such as key agreement, they may also be used to implement application specific secure transactions. 
  
  We will present a sequence of example protocols, showing how more complex protocols may be built out of simpler units.  An analysis method, called the strand space theory, offers proofs that protocols meet their security goals.  Strand spaces have now been implemented in a software tool called a Cryptographic Protocol Shapes Analyzer (CPSA).  CPSA also provides counterexamples when a protocol does not meet its security goals.
  
  The strand space proofs are highly informative.  In particular, they suggest protocol transformations -- in which more complex protocols are constructed from simpler ones -- that are guaranteed to preserve the security goals of the parts. 

• Prof. Anja Feldmann, Ph.D. (CMU)
  Deutsche Telekom Laboratories, Technische Universität Berlin, Berlin, Germany, An-Institut Deutsche
  "Characteristics of Residential Broadband Internet Traffic"
  December 17, 2009
  
  Abstract: While residential broadband Internet access is popular in many parts of the world, only a few studies have examined the characteristics of such traffic. In this paper we describe observations from monitoring the network activity of residential DSL customers. Note, that understanding Internet usage is the first step towards separating abuse from benign usage. Our analysis reveals a number of surprises in terms of the mental models we developed from the measurement literature. For example, we find that HTTP---not peer-to-peer---traffic dominates by a significant margin; that more often than not the home user's immediate ISP connectivity contributes more to the round-trip times the user experiences than the WAN portion of the path; and that the DSL lines are frequently not the bottleneck in bulk-transfer performance. Moreover, we examine usage of Online Social Networks. While Online Social Networks (OSNs) have already attracted more than half a billion users our understanding of which OSN features attract and keep the attention of users is poor. we study how users actually interact with OSNs by extracting clickstreams from passively monitored network traffic. Our characterization of user interactions within the OSN for four different OSNs (Facebook, LinkedIn, Hi5, and StudiVZ) focuses on feature popularity, session characteristics, and the dynamics within OSN sessions. Bio: Anja Feldmann is a full professor at Deutsche Telekom Laboratories a unit of Deutsche Telekom and an An-Institut of the Technische Universitaet Berlin, Germany. From 2000 to 2006 she headed the network architectures group first at Saarland University and then at TU Muenchen. Before that (1995 to 1999) she was a member of the Networking and Distributed Systems Center at AT&TLabs -- Research in Florham Park, New Jersey. She has published more than 50 papers and has served on more than 40 program committees, including as Co-Chair of Sigcomm 2003 and as Co-PC-Chair of IMC'09 and Sigcomm 2006. She is a member of the scientific boards of Inria and the Swiss center on mobile information and communication systems and a member of the technical advisory board of Endace. She received a M.S. degree in Computer Science from the University of Paderborn, Paderborn, Germany, in 1990 and M.S. and Ph.D. degrees in Computer Science from Carnegie Mellon University in Pittsburgh, USA, in 1991 and 1995, respectively.

• Prof. Dr. Ronald Cramer
  Professor, Mathematical Institute, Leiden University, Leiden, Netherlands, Head of the Cryptology and Information Security Research Group, CWI, Amsterdam, Netherlands
  "On a Class of Special Codes Arising in Secure Multi-Party Computation and its Relation to Towers of Algebraic Function Fields"
  December 10, 2009
  
  Abstract:

  Since the early 1980s towers of algebraic functions fields have played a major role in the theory of error correcting codes. Recently, it has been discovered that towers also have an important bearing on secure multi-party computation. In this talk I will elaborate on this connection.

  Further Informationen
  
• Prof. Andrew C. Myers, Ph.D. (MIT)
  "A higher-level abstraction for building decentralized distributed systems"
  October 29, 2009
  
• Prof. Somesh Jha, Ph. D.
  "Retrofitting Legacy Code for Security"
  July 2, 2009
  
• Prof. Dr. Renato Renner
  "Security against Quantum Mechanical Adversaries"
  June 4, 2009
  
• Prof. Dr. Bart Preneel
  "Cryptographic Hash Functions Revisited: The NIST SHA-3 Competition"
  May 14, 2009