Since 04/ | W3 Professor (full professor), Chair of Practical Computer Science IV: Dependable Systems Engineering, University of Mannheim, Germany |
11/ | W2 Professor (5-year position) for Cryptography at the University of Mannheim, Germany |
02/ | W2 Visiting Professor (Vertretungsprofessor) for Cryptography at the University of Mannheim, Germany |
04/ | Assistant Professor (Juniorprofessor) for Cryptography at the University of Mannheim, Germany |
02/ | Acting Chair (Lehrstuhlvertretung) at Universität Mannheim, Germany. |
09/ | Acting chair (Lehrstuhlvertretung) for IT-Security at Technical University Darmstadt, Germany |
10/ | Assistant Professor (Juniorprofessor) for Cryptographic Mechanisms and Security Models at Ruhr-University Bochum, Germany |
07/ | Post-Doc in the System Security Group (Prof. Sadeghi) at Ruhr- University Bochum, Germany |
04/ | Research staff member in the Network Laboratories of NEC Europe Ltd., Germany |
04/ | PhD student in the Theoretical Computer Science Group (Prof. Krause) at the University of Mannheim, Germany. Qualification: „summa cum laude“ (best possible mark) |
10/ | Student of mathematics with subsidiary subject computer science at the University of Karlsruhe (TH), Germany. Qualification: „sehr gut“ (very good) |
Granted Patents
Pending Patent Applications
Entwicklung realistischer Angriffsszenarien bei der Zusammenführung personenbezogener Daten und Algorithmen zur Verhinderung solcher Angriffe
(funded by the Deutsche Forschungsgemeinschaft (DFG), 2015–2017)
The project is in collaboration with the group of Prof. Schnell at University Duisberg-Essen. In this interdisciplinary project between the two universities, methods for privacy-preserving linkage of sensitive personal data, such as patient data, are investigated and improved.
PAL SaaS – Building Triangular Trust for Secure Cloud Auditing
(funded by Baden-Württemberg Stiftung, 2015–2017)
The goal of this project is to develop and integrate cryptographic building blocks for security cloud audits. This means that on the one hand, mechanisms are constructed which allow for verifying the security of an offered cloud service. On the other hand, it will be likewise investigated if and how this auditing process may result into new security risks, e.g., loss of privacy of the user, and how this can be prevented. To this end, the focus will be on ensuring privacy, availability, and liability (PAL).
Entwicklung und Anwendung eines fundierten Rahmenwerkes für Sicherheit in Sensornetzen (Developing and Applying a Sound Security Framework for Sensor Networks)
(funded by the Deutsche Forschungsgemeinschaft (DFG), 2015–2017)
Cyber Physical Systems (CPS) are characterized by the tight interaction of their computational elements, software, and physical components. They represent a change of paradigm in modern computer science. One of the most important examples for CPS are wireless sensor networks that measure and process environmental data. Sensor networks are widely employed, amongst others, in security critical applications such as early warning systems or medical telemonitoring. Despite the enormous relevance of this topic, till today a comprehensive, universal framework for a sound analysis of security features is missing. Instead the majority of existing work only provides rudimentary and informal security analysis. In particular, the state of the art does neither allow to compare nor to securely combine several schemes.
The aim of this project is to close this gap. First, an appropriate security framework is developed. Afterwards, provably secure solutions for the most important security goals are derived within the developed framework. Due to the particular properties of sensor networks, this project requires interdisciplinary collaboration of experts from the fields of sensor networks and cryptography. In consequence, this application aims for a cooperative project between two working groups.
Cooperation Project
(funded by Huawei Technologies Düsseldorf GmbH, 01.2016 – 08.2016)
The goal of this project is to gather an overview on a certain cryptographic technique and to test some of these for practical applications.
Security Analysis for an AES based Transponder Protocol
(funded by NXP Semiconductors Germany GmbH, 01.2016 – 05.2016)
The security of a proprietary protocol was analyzed.
Lightweight Cryptography
(funded by COMET Competence Centers for Excellent Technologies (Austria), 10.2015 – 09.2016)
The goal of this project is to work in the field of Lightweight Cryptography in order to systematize and to advance the knowledge of the security and of the design principles of the lightweight cryptographic primitives, to develop concrete lightweight designs and to improve the implementations of the existing ones.
Group Homomorphic Encryption and Beyond
(funded within the PPP-Norway Program by the German Academic Exchange Service (DAAD), 01.2014–12.2015.)
The overall aim of this project is to explore the fundamental structure of homomorphic encryption in the context of: the range of homomorphic properties; the efficiency of the algorithms; and the practical applications of homomorphic encryption. This will be pursued in cooperation with the Norwegian University of Science and Technology (NTNU – Trondheim), Norway.
Neuartige Verfahren zum Arbeiten mit verschlüsselten Daten (New Mechanisms for Operating on Encrypted Data)
(funded by the Juniorprofessorenprogramm Baden-Württemberg, 08.2013–07.2016)
This program funds new research projects of Juniorprofessors in Baden-Württemberg with 150,000 EUR over a period of three years.
Project
(funded by Robert Bosch GmbH, 2013)
Security Analysis
(funded by NXP Semiconductors Germany GmbH, 2012)
The security of variations of a proprietary cryptographic scheme have been analyzed.
Analyzing and Designing Lightweight Stream Ciphers
(funded by the Siemens / DAAD Post Graduate Program, 12.2011–11.2014)
This program is oriented for young scientists from Russia, China and India and and it covers salary, accommodation, and additional expenses for a PhD student over a period of three years.
Security Analysis
(funded by NXP Semiconductors Germany GmbH, 2011)
The security of two proprietary cryptographic protocols (one from NXP, one from another company) have been compared.
Security Analysis
(funded by NXP Semiconductors Germany GmbH, 2010)
The security of two proprietary cryptographic protocols has been analyzed.
Security Analysis
(funded by NXP, 2009–2010)
The security of a proprietary cryptographic scheme against the most important cryptographic attacks like algebraic attacks and correlation attacks is analyzed. This project will be conducted on my own. Agreed run time of the project is one year.
Privacy Preserving Cryptographic Schemes and Security Hardware
(funded within the Vigoni Exchange Program by the German Academic Exchange Service (DAAD), 2009–2010)
The goal of this project is to achieve substantial contributions on privacy preserving cryptographic protocols based on security hardware. This is pursued in cooperation with the University of Salerno, Italy.
Security Analysis of the Java Crypto Provider „Bouncy Castle“
(funded by the Bundesamt für Sicherheit in der Informationstechnik (BSI), 2008–2009)
Cryptographic functionalities and network protocols are provided in Java by so-called Java Crypto Providers. Widely used is the OpenSource Crypto Provider „Bouncy Castle“. The aim of this project was to analyze the security of „Bouncy Castlack.
COST Action IC IC1403 Cryptanalysis of ubiquitous computing systems” (CRYPTACUS)
(funded by COST – European Cooperation in Science and Technology, 2015 – 2018)
The objective of the Action is to improve and adapt the existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The Action will establish a network of complementary skills, so that expertise in cryptography, information security, privacy, and embedded systems can be put to work together.
Foundations for Forgery-Resistant Security Hardware (UNIQUE)
FET – Future Emerging Technologies, funded by the EU-Program FP7, 2009 – 2012
The goal of the UNIQUE project is to to increase the protection of hardware systems against counterfeiting, cloning, tampering, reverse engineering and insertion of malicious components. Of particular interest are Physically Unclonable Functions (PUFs) and their combination with cryptographic primitives. Here, a contribution was a PUF-based symmetric cipher.
European Network of Excellence for Cryptology (ECRYPT) I + II
NOE – Network of Excellence, funded by the EU-Programs FP6 and FP7, 2004–2008 and 2008–2012
The project aims to ensure a durable integration of academic and industrial research in Europe on cryptography and to maintain and strengthen the European excellence in this area, e.g., by regular meetings and the organization of workshops. The activities are coordinated in five virtual labs. I was involved in the virtual lab PROVILAB which covers the research on cryptographic protocols. Among my contributions were a new UC-secure group key exchange protocol that requires the minimum of communication rounds. ECRYPT has been recently extended by further 2+2 years.
Signal Processing in Encrypted Domain (SPEED)
FET – Future Emerging Technologies, funded by the EU-Program FP6, 2006–2009
The purpose of SPEED is to foster the advancement of the marriage between Signal Processing and Cryptographic techniques. The objective is the initiation and development of a new interdisciplinary framework and technologies for signal processing in the encrypted domain (s.p.e.d.). The goal is to develop novel solutions to ensure security in multimedia communication/
My Personal Adaptive Global NET (MAGNET)
IP – Integrated Project, funded by the EU-Program FP6, 2006–2008
The project has a profound emphasis on user-centricity, personalization and personal networking. The objective of this user-centric approach is to improve the quality of life for the end-user by introducing new technologies more adapted to the user. MAGNET research focuses on environments to become smarter, more responsive, and more accommodating to the needs of the individual without jeopardizing privacy and security. I worked in the work package “Security and Privacy Issues” and was the main contributor in the development of a key management scheme for large, personalized networks.
Ubiquitous Sensing and Security in the European Homeland (UbiSec&Sens)
STREP – Specific Targeted Research Project, funded by the EU-Program FP6, 2006 – 2008
The project aims for providing a comprehensive architecture for medium and large scale wireless sensor networks (WSNs) with the full level of security. Within the project, I worked on the development of various new cryptographic protocols for sensor networks.
University Self-Administration
Editorial Board
PC (Co-)Chair/Organizer
Program committee
Invited Talks/
Smartphones – Sie verraten mehr, als man erwartet.
25. Deutscher EDV-Gerichtstag.
Saarbrücken, Germany, 2016.
Operating on Encrypted Data: New Approaches and New Problems.
Third Privacy Preserving IR Workshop (PIR2016).
Pisa, Italy, 2016.
Cloud Security – Challenges \ldots and Solutions (?)
Panel Discussion ''Reconciling Security \& Functional Requirements in the Cloud''.
Trust in the Digital World, The Hague, Netherlands, 2016.
On Lightweight Stream Ciphers.
TU Berlin, Germany, 2015.
Lightweight Misunderstanding.
University of Maryland, USA, 2015.
Crypto in the Cloud.
Bell Labs, Stuttgart, Germany, 2015.
Crypto in the Cloud.
TROOPERS15 Conference, Heidelberg, Germany, 2015.
Cryptographic Tools for Privacy-Preserving Data Processing.
University Paris 6, LIP6, France, 2014.
A Security Framework for the Analysis and Design of Software Attestation.
Saarland University Saarbrücken, Germany, 2014.
A Security Framework for the Analysis and Design of Software Attestation.
Technische Universität Darmstadt, Germany, 2014.
Sichere Internetkommunikation durch Kryptographie.
Aktionstag IT-Sicherheit, Online-Messe “Unternehmenssoftware für den Mittelstand”, 2013.
On Increasing the Throughput of Stream Ciphers.
Friederich-Alexander Universität, Erlangen-Nürnberg, Germany 2013.
Physically Unclonable Functions: Security Applications and Models.
Universität Ulm, Germany, 2013.
Homomorphic Encryption for Secure Cloud Computing.
Robert Bosch GmbH, Abstatt, Germany, 2012.
Homomorphic Encryption.
Robert Bosch GmbH, Möglingen, Germany, 2012.
Using the Inhomogeneous Simultaneous Approximation Problem for Cryptographic Design.
InfoMaTech – Seminar, FHDW Hannover, Germany, 2011.
Operating on Encrypted Data
Friederich-Alexander Universität, Erlangen-Nürnberg, Germanym 2011.
On Constructing Homomophic Encryption Schemes from Coding Theory.
Royal Holloway, Egham, UK, 2011.
On the Security of ZUC Algorithm – Current State and Open Questions.
First International Workshop on the ZUC Algorithm, Beijing, China, 2010.
A Cleaner View on IND-CCA1 Secure Homomorphic Encryption using SOAP.
State Key Laboratory of Information Security, Beijing, China, 2010.
A Cleaner View on IND-CCA1 Secure Homomorphic Encryption using SOAP.
13. Kryptotag, Technische Universität Darmstadt, Germany, 2010.
Constructing Full-Homomorphic Encryption Schemes from Coding Theory.
InfoMaTech – Seminar, FHDW Hannover, Germany, 2009.
A New Approach for Algebraically Homomorphic Encryption.
Joint seminar in cryptography from the projects SALSA (Solvers for Algebraic Systems and Applications) and ALI (Algorithms, Languages, and Information), Paris, France, 2008.
Beweisbare Sicherheit und das Universal Composability Framework (Provable Security and the Universal Composability Framework).
Kolloqiumsseminar, Universität Mannheim, Germany, 2008.
A Survey of Algebraic Attacks against Stream Ciphers.
Special Semester on Gröbner Bases: Workshop D1 on “Gröbner Bases in Cryptography, Coding Theory, and Algebraic Combinatorics”, Linz, Austria, 2006.
On the Existence of Low-Degree Equations for Algebraic Attacks.
“Algebraic Methods in Cryptography” Workshop, Beijing, China, 2005.
On Fast Algebraic Attacks.
Seminaire de Cryptographie, Université de Rennes 1, Rennes, France, 2004.
Algebraic Attacks on Symmetric Ciphers.
Oberseminar Kryptographie und Computeralgebra, TU Darmstadt, Germany, 2004.
Introduction to Cryptography,
NEC Europe Ltd. – Network Laboratories, Heidelberg, Germany, 2003.
Conference/
The Preimage Security of Double-Block-Length Compression Functions
ASIACRYPT – 17th Annual International Conference on the Theory and Application of Cryptology and Information Security, 2011.
On Constructing Homomorphic Encryption Schemes from Coding Theory.
IMACC – 13th IMA International Conference on Cryptography and Coding, 2011.
A Formal Foundation for the Security Features of Physical Functions.
Oakland – 32nd IEEE Symposium on Security and Privacy, 2011.
Memory Leakage-Resilient Encryption based on Physically Unclonable Functions.
SECSI – 2nd Workshop on Secure Component and System Identification, 2010.
Memory Leakage-Resilient Encryption based on Physically Unclonable Functions.
ASIACRYPT – 15th International Conference on the Theory and Application of Cryptology and Information Security, 2009.
Re-visited: Denial of Service Resilient Access Control for Wireless Sensor Networks.
ESAS – 3rd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks, 2006.
Introducing a New Variant of Fast Algebraic Attacks and Minimizing their Successive Data Complexity.
Mycrypt – 1st International Conference on Cryptology in Malaysia, 2005.
Fault Attacks on Combiners with Memory.
SAC – 12th International Workshop on Selected Areas in Cryptography, 2005.
Algebraic Attacks and Annihilators.
WEWoRC – 1st Western European Workshop on Research in Cryptology, 2005.
On the Existence of Low-Degree Equations for Algebraic Attacks.
SASC – State of the Art of Stream Ciphers (Special Workshop hosted by ECRYPT), 2004.
Algebraic Attacks on Stream Ciphers.
ECCOMAS – Fourth European Congress on Computational Methods in Applied Sciences and Engineering, 2004.
Linearity of the AES Key Schedule.
AES – 4th International Conference on the Advanced Encryption Standard, 2004.
Improving Fast Algebraic Attacks.
FSE – 11th International Workshop on Fast Software Encryption, 2004.
Algebraic Attacks on Combiners with Memory.
CRYPTO – 23rd Annual International Cryptology Conference, 2003.
Miscellaneous
The Preimage Security of Double-Block-Length Compression Functions.
Schloss Dagstuhl seminar “Symmetric Cryptography”, 2012.
Constructing Full-Homomorphic Encryption Schemes from Coding Theory.
ESC- Early Symmetric Crypto seminar, 2010.
Memory-leakage resilient encryption based on Physically Unclonable Functions.
Schloss Dagstuhl seminar “Foundations for Forgery-Resilient Cryptographic Hardware”, 2009.
Physically Unclonable Pseudorandom Functions.
Schloss Dagstuhl seminar “Symmetric Cryptography”, 2009.
A Two-Round Universal Composable Group Key Exchange Protocol.
ESC – Echternach Symmetric Cryptography seminar, 2008.
A Universal Composable Two-Round Group Key Exchange Protocol.
ECRYPT Provilab Meeting, 2007.
Secure Group Key Exchange.
Schloss Dagstuhl seminar „Formal protocol verification applied“, 2007.
Concealed Data Aggregation in Wireless Sensor Networks.
6. Krypto-Tag (6th Crypto Day), 2007.
Concealed Data Aggregation in Wireless Sensor Networks.
Schloss Dagstuhl seminar “Symmetric Cryptography“, 2007.
On the Application of Merkle's Puzzle for Telemedicine and M-Health.
5. Krypto-Tag (5th Crypto Day), 2006.
Erste Erfahrungen zu meinem „Post-doc-Leben“ in der Industrie (First Experiences to my Post-Doc Life in Industry).
1. Kryptowochenende (1st Crypto weekend), 2006.