Practical IT-Security

During this seminar different security topics will be dealt with. In particular, current research results from the following areas are in the foreground: Internet of Things Security, Web Security, Mobile Security, Biometric Security, Cloud Security, Automotive Security, Malware, Crypto & Politics, but also classic areas such as Hardware Security, System Security, Digital Currencies and Cryptography. The main aim is to understand and present the work and also to present concrete implementations or experiments.

In the context of this seminar each participant has to scientifically work on a topic and give a presentation about it. Furthermore, a handout must be handed out to accompany the lecture. Finally an active participation in the lectures of the other seminar participants is desired.

  • Intention

    The intention of this seminar is to provide you with a platform where you can practice preparing and giving presentations. While classical lectures focus on the teaching of materials and methods and their application, there are hardly any situations in your studies where you can learn how to give lectures.


    The offered seminar should fill this gap partially. In this respect, the main focus of our seminar is not on the creation of seminar papers, which is partly redundant for the creation of final papers, but on the presentation itself. The lectures therefore last one hour, while the rest of the time is used for discussion and feedback. As a consequence, the grading is primarily based on the lecture.

  • Organisational Matters

    Management and Organization: Prof. Frederik Armknecht

    Available for: Bachelor, teaching degree, no special previous knowledge required.

    Language: Primary German, English lecture possible.

    Event room & lecture dates: One lecture per week, see table below.

  • Participation and Topic request

    1. Premeeting: Attend the premeeting on 11 February 2019 (Monday) at 13:45 in room B6, A1.04 and find out about the available topics.
    2. Confirmation of participation: Please confirm your participation in the seminar by 9 a.m. on 13 February 2019 (Wednesday).
    3. Selection of topics: Select your three favourite topics by 09:00 a.m. on 20 February 2019 and send us an e-mail with the order of your favourite topics first. Please include your matriculation number and your name in this mail so that we can assign you.
    4. Confirmation: On 22.02.2019 you will receive a notification of which seminar topic and which time slot has been assigned to you.
  • Topics

    Crypto and Politics

    1. NSA Skandal/Report & Snowden/Whistleblower (heise onlineNews, Web, XKeyscore (c't 17/15), Tempora (c't 18/15), Fashioncleft (c't 19/15), Prism (c't 22/15), Skynet (c't 03/16), Spiegel online)

    Machine Learning and AI Security and Safety

    1. Houdini: Fooling Deep Structured Prediction Models (Paper, News1, News2, News3)
      Ostrichinator (Website)
    2. Synthesizing Robust Adversarial Examples (Paper, News, Website)
      The limitations of deep learning in adversarial settings (Paper)

    Malware and Ransomware

    1. Ransomware Backend RIG (c't 18/15)
      Pegasus (Webseite1Webseite2, Mac&i 05/16)
      0 Day Threat (PaperSurveyNews)
    2. Overview Ransomware: GVU-Trojaner, Crypto-Locker, CryptoWall, Tox, Locky, Cerber, TeslaCrypt, Goldeneye, SLocker, Xbot, Cyber Police (c't 2017/13-174, Website1, Website2)
    3. Stuxnet & Duqu (Talks at GoogleZero DaysDuqu)
    4. Industroyer & Ukrenergo (Whitepaper, News1, News2, News3, News4)
    5. SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit (VideoPaper)
    6. Scanning Malware (Paper, News, Video1, Video2)

    Digital Currencies

    Internet of Things Security

    1. Future-proofing the Connected World (DokumentNews1News2)
      Standardisation and Certification of the 'Internet of Things' (Paper)
      BrickerBot (News1News2News3News4News5)
    2. The Thermostat, The Hacker, and The Malware (NewsVideoBlog)
    3. IoT Goes Nuclear: Creating a ZigBee Chain Reaction (PaperWebsite)
    4. Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things (Paper)

    Automotive Security

    1. Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer (PaperSlidesVideoNews)
    2. Vehicular Environment Security (IEEE StandardPräsentation1Präsentation2Präsentation3)

    Hardware Security

    1. On the (in)security of a Self-Encrypting Drive series (Paper)
    2. ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs (Paper)
    3. MouseJack (PaperDetailsDevicesNews)
    4. Wireless Mice and Keyboards Vulnerabilities (News, Crazyradio, nRF24Playset)
    5. Fansmitter (PaperNewsVideo1Video2)
    6. PoisonTap (WebsiteVideo)
    7. Brute force iPhone 5C PIN (Paper)
      Barcode-Hacks (Weitere InformationenPräsentation)
    8. Magspoof (Website)
      Neuer Kreditkartenstandard 3.2 (ix 07/16:92)
      EMV Writer (c't 03/16)
    9. Drammer: Deterministic Rowhammer Attacks on Mobile Platforms (NewsWebsitePaper)
    10. Blockcipher-based Authenticated Encryption (Paper, News1, News2)
    11. Smart TV hack embeds attack code into broadcast signal (News, Talk)
    12. Ultrasonic Side Channel (Paper)
      Google Tone (Website)
    13. SeaGlass: Enabling City-Wide IMSI-Catcher Detection (News, Paper)

    Cloud Security

    1. Authentication & Identification: OAuth, Single Sign-On (SSO), OpenID, SAML, and SCIM. (OAuth3-legged-OAuthOAuth2OzSSOCovert RedirectOpenIDSAMLSCIMSimplecloud, iX 03/16)
    2. LoSt: Location Based Storage (Paper)
      GeoProof: Proofs of Geographic Location for Cloud Computing Environment (Paper)
    3. Position Based Cryptography (Paper)
    4. An Investigation of Geographic Mapping Techniques for Internet Hosts (Paper)
      Distributed Traceroute Approach to Geographically Located IP Devices (Paper)
    5. CPV: Delay-based Location Verification for the Internet (Paper)
      Method and systems for locating geographical locations of online users (Patent)
    6. Dude, where’s that IP? Circumventing measurement-based IP geolocation (Paper)
      Accurate Manipulation of Delay-based Internet Geolocation (Paper)
    7. Proofs of Retrievability for Large Files (Paper)
    8. Compact Proofs of Retrievability (Paper, Talk)
    9. Securely Accessing Encrypted Cloud Storage from Multiple Authorized Devices (Paper)
    10. A Novel Cryptographic Framework for Cloud File Systems and CryFS (Paper)

    System Security

    1. Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques (PaperOverview, c't 18/15)
      Windows 10 Single Sign-On (iX 12/16:44)
    2. Deep Dive: Return Oriented Programming (Book)
      Bypass ASLR (PaperNews)
    3. Dirty COW (Video1Video2Video3Webseite, c't 4/17)
      Atom Bombing (VideoWebsite)
    4. Windows 10 Datenleak (Artikel, c't 01/17:158, Tool) [Experiments]
    5. Trusted Computing, Trusted Computing Modul, Trusted Platform Module, Intel SGX, ARM TrustZone, Digital Rights Management (Intel SGX PaperIntel SGX WebsiteIntel SGX KritikIntel SGX ApplicationARM TrustZone WebsiteARM TrustZone Weakness, iX 02/17)
    6. Comparison of Specialized Operating Systems: Qubes OS, Tails, Parrot Linux, Subgraph OS (Qubes OS, Tails, Parrot, Subgraph), iX 2017/07-61, iX 2017/03-58, iX 2016/06-63)
    7. Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud (News, Paper1, Paper2, Paper3, Talk)+

    Biometric Security

    1. Keystroke Recognition Using WiFi Signals (PaperNews)
      Don’t Skype & Type! Acoustic Eavesdropping in Voice-Over-IP (Paper)
    2. FreeSense & WiFi-ID: Human Identification with WiFi Signals (Paper1Paper2News)
      When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals (PaperNews)
    3. Fingerprinting: Writing & Audio (Paper1, Paper2)
    4. Common Pitfalls in Writing about Security and Privacy Human Subjects Experiments (Paper)
      Evaluating Behavioral Biometrics for Continuous Authentication (Paper)

    Mobile Security

    1. XApp: Unauthorized Cross-App Resource Access on MAC OS X and iOS (Paper)
      Angriff auf Sparkassen TAN-App (Informationenzweiter Angriff)
      On App-based Matrix Code Authentication in Online Banking (PaperNews)
    2. A Formal Security Analysis of the Signal Messaging Protocol (Paper), Concern & Resolve)
      WhatsApp: From Unsecure Most Widely Used End To End Crypto Tool On The Planet & The Noise Protocol Framework (Noise ProtocolWhatsApp SecurityAxolotlPrivate GroupsAsynchronous SecuritySimplifying OTR DeniabilityNews1News2News3News4News5News6)
      WhatsApp Design Flaw? (Report)
    3. Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage (PaperInfos)
    4. Toward Robotic Robbery on the Touch Screen (PaperInformation)
    5. (In-) Security of Security Applications (PaperInformationen)
    6. Riposte: An Anonymous Messaging System Handling Millions of Users (Paper)
    7. Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption (BlogpostApple)
    8. Spatial-Temporal Recreation of Android App Displays from Memory Images (PaperVideo)
    9. Cloak and Dagger (Paper, Talk, Website)
    10. Passphone (Paper)
    11. Stealing PINs via Mobile Sensors (Paper) [Experiments]
    12. Mobile Fingerprinting (Paper1, Paper2)

    Web Security

    1. HTTPS: Let's Encrypt, DNSSec & Key Exchange, Automated Certificate Management Environment (ACME)  (Let's EncryptDNSSecKey ExchangeACME)
    2. Attacking the Network Time Protocol (PaperInformationen)
      Malware in Advertisements & Ads vs. Ad Blocker vs. Ad Blocker Blocker (Source1Source2)
    3. Brotli & HTTP/2 (PaperInformationenGithubHTTP/2)
      Time-based One-time Password Algorithm (RFC)
    4. HTTP Strict Transport Security (HSTSNews1News2Attack)
      HTTP Public Key Pinning (HPKP)
      CA & Pinning list administration in browsers like Firefox, Chrome, Safari, and Internet Explorer (MozillaNews)
      DigiNotar Attack (News)
    5. Security of Adobe Flash and Silverlight over the last 10 years (Start)
    6. Web of Trust Services (WebsiteNews1News2, iX 01/17:54, Web of Trust) [Experiments]
      Privacy and Web Robots (c't 2017/13-168, c't 2017/12-170) [Experiments]
    7. Libsodium in PHP (Website, News1, News2)
      Project Wycheproof (Website)
    9. DNSSEC Root Key Resolver, KSK, Resolver (DNSSEC, c't 2017/14-162, c't 2014/08-202, RFC1, RFC2, KSK Test, KSK Gen, DNSSEC Info1, DNSSEC Info2, KSK Rollover, News1, News2, Article, Trust Anchor Fetcher, EDNS Keytag, PK-Zip)
    10. Fingerprinting: Authentication (Paper1, Paper2, Paper3)

    SSL/TLS and RC4

    1. BEAST (Informationen)
      POODLE (Weitere InformationenPaper)
    2. BREACH (InformationenPaper)
      CRIME (Weitere InformationenPräsentation)
      HEIST (Paper)
    3. LogJam (WebsiteNewsPaper)
      FREAK (Weitere InformationenPaperWebseitePräsentation)
      DROWN (WebseitePaper)
    4. Lucky 13 (InformationenPaper)
      BERserk (InformationenPaper1Paper2)
      SLOTH (InformationenPaper)
    5. RC4-Angriff von Klein (Paper)
    6. TLS/RC4-Angriff von AlFardan et al. (InformationenPaper)
    7. RC4-Angriff innerhalb WPA-TKIP und TLS von Vanhoef und Piessens (Paper)
    8. Sweet32 (WebseitePaperNews)
    9. A Cryptographic Analysis of the TLS 1.3 Handshake Protocol Candidates (Paper)
    10. Multi-Context TLS (mcTLS) (Paper, Website, Slides, Talk, News)


    1. A Practical Cryptanalysis of the Algebraic Eraser (Paper, News, Website)
    2. Dual_EC_DRBG & Juniper (PaperInformationenPräsentationPaper2Paper3BlogECBlog Juniper)
    3. Watermarking Cryptographic Programs Against Arbitrary Removal Strategies (Paper)
    4. Indistinguishability Obfuscation (InformationenPaper1Paper2Paper3Paper4Paper5)
    5. scrypt (Paper)
    6. Argon2 (Paper)
    7. Strongly Undetectable Algorithm-Substitution Attacks (Paper1Paper2Paper3Paper4)
    8. Post-quantum key exchange - a new hope & CECPQ1 (PaperBackreference1Backreference2CECPQ1)
    9. RSA Sliding Window Attack (Paper)
    10. 1024 Bit Primes may be weak: A kilobit hidden SNFS discrete logarithm (Paper)
    11. SHA-1 Shattered (Paper, Website, News, MD5 Collision)
    12. Private Set Intersection for Unequal Set Sizes with Mobile Applications (Paper)
    13. Privately Computing Set-Union and Set-Intersection Cardinality via Bloom Filters (Paper)
    14. Efficient Set Operations in the Presence of Malicious Adversaries (Paper, Talk)
    15. Forward-Security under Continual Leakage (Paper)
    16. One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation (Paper)
    17. ElsieFour: A Low-Tech Authenticated Encryption Algorithm (Paper)
    18. Modelling a public-key infrastructure (Paper)
    19. Non-Interactive Zero-Knowledge and Its Applications (Paper)
      Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack (Paper)
    20. How To Prove Yourself: Practical Solutions to Identification and Signature Problems (Paper)
      Publicly Verifiable Non-Interactive Zero-Knowledge Proofs (Paper)
  • Schedule

    Date Time Location Content Lecturer
    11.02.2019 13:45 B6, A104 Kick-Off-Meeting: Preliminary discussion and organizational matters Armknecht/Müller
    13.02.2019 09:00 Mail Deadline for confirmation of participation Armknecht/Müller
    20.02.2019 09:00 Mail Deadline for submitting comments on desired topics and dates Armknecht/Müller
    22.02.2019 23:59 Mail Announcement of topic allocations and seminar day Armknecht/Müller
    25.03.2019 13:45 B6, A104 Presentation 1 Lecturer 1
    01.04.2019 13:45 B6, A104 Presentation 2 Lecturer 2
    08.04.2019 13:45 B6, A104 Presentation 3 Lecturer 3
    06.05.2019 13:45 B6, A104 Presentation 5 Lecturer 5
    09.05.2019 15:30 B6, A104 Presentation 4 Lecturer 4
    13.05.2019 13:45 B6, A104 Presentation 6 Lecturer 6
    20.05.2019 13:45 B6, A104 Presentation 7 Lecturer 7
    24.05.2019 TBA TBA Presentation 8 Lecturer 8
  • Evaluation

    Length of lecture: A lecture lasts exactly 60 minutes.

    Size of the handouts: The handout should be concise and informative; no longer than 6 pages.

    Deviation from the specification: Duration and/or scope may be greater by arrangement, e.g. for demonstrations or source texts.

    Previous feedback: If you would like feedback on your presentation, please send us your slides by e-mail no later than one week before your presentation date. Unfortunately, we cannot give feedback for papers submitted later.

    Submission: You must submit the slides of your presentation (PDF, alternatively PowerPoint) no later than the date of the presentation. The submission must take place before your presentation. Together with this, you must submit a printed and digital version of your handouts. Please send both submissions by e-mail to us.

    Evaluation: The focus of the seminar is on the induction and presentation of the given topic/material. This includes content as well as form and presentation style. In addition, the handout and the oral participation in the other seminar lectures are included as follows:

    • Oral participation: 10%.
    • Handout: 20%.
    • Lecture: 70%

    Missing dates: A maximum of one unexcused missed date is allowed.

  • Final Paper

    If you are interested in a topic or complex of topics from the seminar, we offer you the opportunity to write your thesis on it for most of the topics. The seminar topics can either be deepened or linked with other seminar topics to a main topic.

    If you are interested, please contact Christian Müller.

  • News

    • 03.05.2019: Room and time for lecture 4 updated.
    • 04.02.2019: Website updated