Projects

Funded by German Federal Ministry of Education and Research (BMBF): “IoT security in smart homes, production and sensitive infrastructures” as part of the German government's research framework program on IT security “Digital. Secure. Sovereign.” (Federal Gazette from 02.06.2021)

This project is in cooperation with the research group of Dr. Christian Bartelt at InES at University of Mannheim and two medium-sized industrial technology partners M2M Germany and osapiens. In this interdisciplinary project AI- and security-based fields of research are combined to increase security of smart home systems by utilizing physical signal parameters. In principle, a smart home system consisting of various sensors (e.g. door, light, or temperature sensors, etc.) that occur in homes is assumed when researching a physical guard system. The type of sensors is not limited to specific models and/or protocols, as the aim is to generically research a security system. For example, an ISM band (e.g. the 2.4 GHz band) is often used divided into channels. Phase shift keying (e.g. BPSK or (O)QPSK) or frequency shift keying (e.g. (G)FSK) are often used for modulation. Bluetooth, for example, uses FSK and QPSK depending on the version, while ZigBee or the underlying IEEE 802.15.4 standard uses OQPSK, among others, although all also use the 2.4 GHz band.

Entwicklung realistischer Angriffsszenarien bei der Zusammenführung personenbezogener Daten und Algorithmen zur Verhinderung solcher Angriffe

(funded by the Deutsche Forschungsgemeinschaft (DFG), 2015–2017)
The project is in collaboration with the group of Prof. Schnell at University Duisberg-Essen. In this interdisciplinary project between the two universities, methods for privacy-preserving linkage of sensitive personal data, such as patient data, are investigated and improved.

PAL SaaS – Building Triangular Trust for Secure Cloud Auditing

(funded by Baden-Württemberg Stiftung, 2015–2017)
The goal of this project is to develop and integrate cryptographic building blocks for security cloud audits. This means that on the one hand, mechanisms are constructed which allow for verifying the security of an offered cloud service. On the other hand, it will be likewise investigated if and how this auditing process may result into new security risks, e.g., loss of privacy of the user, and how this can be prevented. To this end, the focus will be on ensuring privacy, availability, and liability (PAL).

Entwicklung und Anwendung eines fundierten Rahmenwerkes für Sicherheit in Sensornetzen (Developing and Applying a Sound Security Framework for Sensor Networks)

(funded by the Deutsche Forschungsgemeinschaft (DFG), 2015–2017)
Cyber Physical Systems (CPS) are characterized by the tight interaction of their computational elements, software, and physical components. They represent a change of paradigm in modern computer science. One of the most important examples for CPS are wireless sensor networks that measure and process environmental data. Sensor networks are widely employed, amongst others, in security critical applications such as early warning systems or medical telemonitoring. Despite the enormous relevance of this topic, till today a comprehensive, universal framework for a sound analysis of security features is missing. Instead the majority of existing work only provides rudimentary and informal security analysis. In particular, the state of the art does neither allow to compare nor to securely combine several schemes.
The aim of this project is to close this gap. First, an appropriate security framework is developed. Afterwards, provably secure solutions for the most important security goals are derived within the developed framework. Due to the particular properties of sensor networks, this project requires interdisciplinary collaboration of experts from the fields of sensor networks and cryptography. In consequence, this application aims for a cooperative project between two working groups.

Cooperation Project

(funded by Huawei Technologies Düsseldorf GmbH, 01.2016 – 08.2016)
The goal of this project is to gather an overview on a certain cryptographic technique and to test some of these for practical applications. 

Security Analysis for an AES based Transponder Protocol

(funded by NXP Semiconductors Germany GmbH, 01.2016 – 05.2016)
The security of a proprietary protocol was analyzed.

Lightweight Cryptography

(funded by COMET Competence Centers for Excellent Technologies (Austria), 10.2015 – 09.2016)
The goal of this project is to work in the field of Lightweight Cryptography in order to systematize and to advance the knowledge of the security and of the design principles of the lightweight cryptographic primitives, to develop concrete lightweight designs and to improve the implementations of the existing ones.

Group Homomorphic Encryption and Beyond

(funded within the PPP-Norway Program by the German Academic Exchange Service (DAAD), 01.2014–12.2015.)
The overall aim of this project is to explore the fundamental structure of homomorphic encryption in the context of: the range of homomorphic properties; the efficiency of the algorithms; and the practical applications of homomorphic encryption. This will be pursued in cooperation with the Norwegian University of Science and Technology (NTNU – Trondheim), Norway.

Neuartige Verfahren zum Arbeiten mit verschlüsselten Daten (New Mechanisms for Operating on Encrypted Data)

(funded by the Juniorprofessorenprogramm Baden-Württemberg, 08.2013–07.2016)
This program funds new research projects of Juniorprofessors in Baden-Württemberg with 150,000 EUR over a period of three years.

Project

(funded by Robert Bosch GmbH, 2013)
Security Analysis
(funded by NXP Semiconductors Germany GmbH, 2012)
The security of variations of a proprietary cryptographic scheme have been analyzed.

Analyzing and Designing Lightweight Stream Ciphers

(funded by the Siemens / DAAD Post Graduate Program, 12.2011–11.2014)
This program is oriented for young scientists from Russia, China and India and and it covers salary, accommodation, and additional expenses for a PhD student over a period of three years.

Security Analysis

(funded by NXP Semiconductors Germany GmbH, 2011)
The security of two proprietary cryptographic protocols (one from NXP, one from another company) have been compared.

Security Analysis

(funded by NXP Semiconductors Germany GmbH, 2010)
The security of two proprietary cryptographic protocols has been analyzed. 

Security Analysis

(funded by NXP, 2009–2010)
The security of a proprietary cryptographic scheme against the most important cryptographic attacks like algebraic attacks and correlation attacks is analyzed. This project will be conducted on my own. Agreed run time of the project is one year.

Privacy Preserving Cryptographic Schemes and Security Hardware

(funded within the Vigoni Exchange Program by the German Academic Exchange Service (DAAD), 2009–2010)
The goal of this project is to achieve substantial contributions on privacy preserving cryptographic protocols based on security hardware. This is pursued in cooperation with the University of Salerno, Italy.

Security Analysis of the  Java Crypto Provider „Bouncy Castle“

(funded by the Bundesamt für Sicherheit in der Informationstechnik (BSI), 2008–2009)
Cryptographic functionalities and network protocols are provided in Java by so-called Java Crypto Providers. Widely used is the OpenSource Crypto Provider „Bouncy Castle“. The aim of this project was to analyze the security of „Bouncy Castlack. 

COST Action IC IC1403 Cryptanalysis of ubiquitous computing systems” (CRYPTACUS)

(funded by COST – European Cooperation in Science and Technology, 2015 – 2018)
The objective of the Action is to improve and adapt the existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The Action will establish a network of complementary skills, so that expertise in cryptography, information security, privacy, and embedded systems can be put to work together.

Foundations for Forgery-Resistant Security Hardware (UNIQUE)

FET – Future Emerging Technologies, funded by the EU-Program FP7, 2009 – 2012
The goal of the UNIQUE project is to to increase the protection of hardware systems against counterfeiting, cloning, tampering, reverse engineering and insertion of malicious components. Of particular interest are Physically Unclonable Functions (PUFs) and their combination with cryptographic primitives. Here, a contribution was a PUF-based symmetric cipher.

European Network of Excellence for Cryptology (ECRYPT) I + II

NOE – Network of Excellence, funded by the EU-Programs FP6 and FP7, 2004–2008 and 2008–2012
The project aims to ensure a durable integration of academic and industrial research in Europe on cryptography and to maintain and strengthen the European excellence in this area, e.g., by regular meetings and the organization of workshops. The activities are coordinated in five virtual labs. I was involved in the virtual lab PROVILAB which covers the research on cryptographic protocols. Among my contributions were a new UC-secure group key exchange protocol that requires the minimum of communication rounds. ECRYPT has been recently extended by further 2+2 years.

Signal Processing in Encrypted Domain (SPEED)

FET – Future Emerging Technologies, funded by the EU-Program FP6, 2006–2009
The purpose of SPEED is to foster the advancement of the marriage between Signal Processing and Cryptographic techniques. The objective is the initiation and development of a new interdisciplinary framework and technologies for signal processing in the encrypted domain (s.p.e.d.). The goal is to develop novel solutions to ensure security in multimedia communication/consumption, and digital signal manipulations. Within the project, I worked in the work packages “Development of theory and building blocks” and “Development of architecture and protocols”. I contributed a new homomorphic encryption scheme that supports the algebraic structures occurring in signal theory.

My Personal Adaptive Global NET (MAGNET)

IP – Integrated Project, funded by the EU-Program FP6, 2006–2008
The project has a profound emphasis on user-centricity, personalization and personal networking. The objective of this user-centric approach is to improve the quality of life for the end-user by introducing new technologies more adapted to the user. MAGNET research focuses on environments to become smarter, more responsive, and more accommodating to the needs of the individual without jeopardizing privacy and security. I worked in the work package “Security and Privacy Issues” and was the main contributor in the development of a key management scheme for large, personalized networks.

Ubiquitous Sensing and Security in the European Homeland (UbiSec&Sens)

STREP – Specific Targeted Research Project, funded by the EU-Program FP6, 2006 – 2008
The project aims for providing a comprehensive architecture for medium and large scale wireless sensor networks (WSNs) with the full level of security. Within the project, I worked on the development of various new cryptographic protocols for sensor networks.