Systems

Mobile and System Security

Not only smartphones and tablets have become ubiquitous but also everyday household appliances and infrastructure have been computerized – or became ‘smart’. The endless possibilities of app stores have brought diversity and ingenuity to the way we interact with our world. However, the simplicity of developing and distributing apps together with their omnipresence has made it easy for attackers to gain access to our personal address books and photos under the pretext of being a helpful app. We conduct research as to how to protect user’s data and privacy on mobile devices, we analyse attacks and data breaches and we construct more secure operating systems.

Privacy

Privacy Enhancing Technologies

With the advent of Online Social Networks and other Online Services, users, often unknowingly, publicly disseminate tremendous amounts of personal information through their online interactions. All of this information is then readily available to data collectors which use it for personal gain or for malicious actions against the user. Protection of personal data is therefore of paramount importance in a day and age where data disseminated in the Internet is completely visible and available to anyone who wants to collect it. In our group we develop foundational methods for quantifying privacy and anonymity in the Internet. Our methods allow for the analysis of existing Privacy-Enhancing Technologies, but also for the development of novel, privacy-enhancing solutions. In particular, our goal is the development of a privacy adviser that guards information disseminated by end-users in the Internet.

Foundations of Secure System Design and Analysis

The common practice of exploitable software which becomes patched creates a cat-and-mouse game that cannot be tolerated in the presence of critical infrastructure or personal data. In order to mitigate this cat-and-mouse game, we need new technologies that revolutionize the way systems are build and maintained. Our research area tackles this problem by giving foundations for the system design that incorporate security-by-design and methods for the analysis of existing systems. For example, we developed methods for analyzing properties of protocol implementations and connected these methods to construct a tool that can turn protocols specified in a declarative language into a provably secure implementation of that protocol.

Cloud

Cloud Security

The obvious advantages of cloud computing, such as a flexible pay-as-you-go model and virtual unlimited scaling, are accompanied by loss of control as data and processes have been outsourced to a third party. Today, a serious cloud computing concern is the protection of clients’ data and computations against various attacks. Especially after the revelations about intelligence services, customers fear more than ever than their sensitive data might be subject to spying with the help of the cloud provider. Our research helps to strengthen the trust in outsourced data and computations by applying state-of-the-art data protection, by analysing and assessing the cloud infrastructure and by providing operating system hardening to be protected against cloud attacks.
All Publications

Recent Publications

Year: 2016 (Total: 22)

IEEE Symposium on Security and Privacy (Oakland) [S&P]

#159 SoK: Lessons Learned From Android Security Research For Appified Software Platforms

37th IEEE Symposium on Security and Privacy (S&P '16) , 2016

#158 You Get Where You're Looking For: The Impact Of Information Sources On Code Security

37th IEEE Symposium on Security and Privacy (S&P '16) , 2016

ACM Conference on Computer and Communications Security [CCS]

#157 Computational Soundness of Dalvik Bytecode

Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS'16) , 2016

#156 Efficient Cryptographic Password Hardening Services From Partially Oblivious Commitments

Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16 ) , 2016

#155 Membership Privacy in MicroRNA-based Studies

Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16) , 2016

#154 Identifying the Scan and Attack Infrastructures behind Amplification DDoS attacks

Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16) , 2016

#153 Reliable Third-Party Library Detection in Android and its Security Applications

Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16) , 2016

Usenix Security Symposium [Usenix]

#152 An Empirical Study of Textual Key-Fingerprint Representations

25th USENIX Security Symposium (USENIX Security 16) , 2016

#151 Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles

25th USENIX Security Symposium (USENIX Security '16) , 2016

#150 Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification

Proceedings of the 25th USENIX Security Symposium (USENIX Security '16) , 2016

#149 On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis

25th USENIX Security Symposium (USENIX Security 16) , 2016

Network and Distributed System Security Symposium [NDSS]

#148 How to Make ASLR Win the Clone Wars: Runtime Re-Randomization

Proceedings of the 23rd Annual Symposium on Network and Distributed System Security (NDSS '16) , 2016

Others

#147 Automated analysis of security protocols with global state

Journal of Computer Security (Journal) , 2016

#146 On the Feasibility of TTL-based Filtering for DRDoS Mitigation

RAID 2016, 19th International Symposium on Research in Attacks, Intrusions and Defenses , 2016

#145 VatiCAN - Vetted, Authenticated CAN Bus

Conference on Cryptographic Hardware and Embedded Systems (CHES) (Journal) , 2016

#144 Kizzle: A Signature Compiler for Detecting Exploit Kits

The 46th Annual IEEE/IFIP Conference on Dependable Systems and Networks , 2016

#143 Boxify: Bringing Full-Fledged App Sandboxing to Stock Android

USENIX ;login: (Journal) , 2016

#142 R-Droid: Leveraging Android App Analysis with Static Slice Optimization

Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security , 2016

#141 RamCrypt: Kernel-based Address Space Encryption for User-mode Processes

ACM SIGSAC Symposium on Information, Computer and Communications Security (ASIACCS) , 2016

#140 Implementation-level Analysis of the JavaScript Helios Voting Client

Proceedings of the 31st Annual ACM Symposium on Applied Computing - SAC 2016 , 2016

#139 Nearly Optimal Verifiable Data Streaming

IACR International Conference on Practice and Theory of Public-Key Cryptography (PKC) (Journal) , 2016

#138 Anonymous RAM

21st European Symposium on Research in Computer Security (ESORICS) , 2016

Year: 2015 (Total: 9)

IEEE Symposium on Security and Privacy (Oakland) [S&P]

#137 ADSNARK: Nearly-Practical Privacy-Preserving Proofs on Authenticated Data

Proceedings of the 36th IEEE Symposium on Security and Privacy (S&P) , 2015

ACM Conference on Computer and Communications Security [CCS]

#136 Vccfinder: Finding potential vulnerabilities in open-source projects to assist code audits

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security , 2015

Usenix Security Symposium [Usenix]

#135 Boxify: Full-fledged App Sandboxing for Stock Android

24th USENIX Security Symposium (USENIX Security 15) , 2015

Others

#134 Oblivion: Mitigating Privacy Leaks by Controlling the Discoverability of Online Information

13th International Conference on Applied Cryptography and Network Security (ACNS) , 2015

#133 PriCL: Creating a Precedent. A Framework for Reasoning about Privacy Case Law

Proceedings of the 4th Conference on Principles of Security and Trust (POST) , 2015

#132 Fully Secure Inner-Product Proxy Re-Encryption with constant size Ciphertext

ACM ASIACCS Security in Cloud Computing Workshop 2015 , 2015

#131 Data Lineage in Malicious Environments

IEEE Transactions on Dependable and Secure Computing (Journal) , 2015

#130 Achieving Optimal Utility for Distributed Differential Privacy Using SMPC

Applications of Secure Multiparty Computation , 2015

#129 Computational Soundness for Interactive Primitves

Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS'15) , 2015

Year: 2014 (Total: 18)

ACM Conference on Computer and Communications Security [CCS]

#128 You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code

Proceedings of the 21st ACM conference on Computer and communications security (ACM CCS 2014) , 2014

#127 Poster: Quasi-ID: In fact, I am a human

Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), 2014 , 2014

#126 (Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection

Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS) , 2014

Usenix Security Symposium [Usenix]

#125 Oxymoron - Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing

USENIX Security Symposium , 2014

IEEE Computer Security Foundations Symposium [CSF]

#124 TUC: Time-sensitive and Modular Analysis of Anonymous Communication

Proceedings of the of the 27th IEEE Computer Security Foundations Symposium (CSF) , 2014

Others

#123 Android Security Framework: Extensible Multi-Layered Access Control on Android

In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC'14) , 2014

#122 Scippa: System-Centric IPC Provenance on Android

In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC'14) , 2014

#121 Taking Android App Vetting to the Next Level with Path-sensitive Value Analysis

, 2014

#120 Lime: Data Lineage in the Malicious Environment

Proceedings of 10th International Workshopon Security and Trust Management (STM) , 2014

#119 Asynchronous MPC with a Strict Honest Majority Using Non-equivocation

ACM Symposium on Principles of Distributed Computing 2014 , 2014

#118 WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP

12th International Conference on Applied Cryptography and Network Security (ACNS 2014) , 2014

#117 BackRef: Accountability in Anonymous Communication Networks

Applied Cryptography and Network Security , 2014

#116 X-pire 2.0 - A User-Controlled Expiration Date and Copy Protection Mechanism.

29th ACM Symposium on Applied Computing (SAC 2014) , 2014

#115 Computational Soundness Results for ProVerif - Bridging the Gap from Trace Properties to Uniformity

Proceedings of the 3rd Conference on Principles of Security and Trust (POST) , 2014

#114 Differentially Private Data Aggregation with Optimal Utility

30th Annual Computer Security Applications Conference (ACSAC) , 2014

#113 Declarative Design and Enforcement for Secure Cloud Applications

, 2014

#112 Differentially Private Data Aggregation with Optimal Utility

, 2014

#111 Privacy-preserving Data Aggregation with Optimal Utility Using Arithmetic SMC -- Extended Abstract

Workshop on Usable and Efficient Secure Multiparty Computation -- Satellite Event of ESORICS , 2014

Year: 2013 (Total: 17)

ACM Conference on Computer and Communications Security [CCS]

#110 Verifiable Delegation of Computation on Outsourced Data

CCS 2013: Proceedings of the 20th ACM Conference on Computer and Communications Security , 2013

Network and Distributed System Security Symposium [NDSS]

#109 Preventing Side-Channel Leaks in Web Traffic: A Formal Approach

Proc. of the 20th Annual Network and Distributed System Security Symposium (NDSS 2013) , 2013

IEEE Computer Security Foundations Symposium [CSF]

#108 AnoA: A Framework For Analyzing Anonymous Communication Protocols

Proceedings of the of the 26th IEEE Computer Security Foundations Symposium (CSF) , 2013

Others

#107 Using Mobile Device Communication to Strengthen e-Voting Protocols

Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society - WPES 2013 , 2013

#106 AppGuard – Fine-grained Policy Enforcement for Untrusted Android Applications

8th International Workshop on Data Privacy Management (DPM'13) , 2013

#105 Differentially Private Smart Metering with Battery Recharging

Proceedings of the 8th International Workshop on Data Privacy Managemant (DPM 2013) , 2013

#104 Computational Soundness of Symbolic Zero-Knowledge Proofs: Weaker Assumptions and Mechanized Verification

Principles of Security and Trust 2013 , 2013

#103 Asynchronous Computational VSS with Reduced Communication Complexity

Proc. of the 2013 Cryptographers' Track at the RSA Conference (CT-RSA 2013) , 2013

#102 AppGuard - Fine-grained Policy Enforcement for Untrusted Android Applications

, 2013

#101 AppGuard - Enforcing User Requirements on Android Apps

19th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) , 2013

#100 Privacy-Preserving Accountable Computation

Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS) , 2013

#99 Union, Intersection, and Refinement Types and Reasoning About Type Disjointness for Secure Protocol Implementations

Special issue of the Journal of Computer Security (JCS) for TOSCA-SecCo (Journal) , 2013

#98 Callee-site Rewriting of Sealed System Libraries

International Symposium on Engineering Secure Software and Systems (ESSoS'13) , 2013

#97 Client-controlled Cryptography-as-a-Service in the Cloud

11th International Conference on Applied Cryptography and Network Security (ACNS'13) , 2013

#96 Gadge Me if You Can: Secure and Efficient Ad-Hoc Instruction-Level Randomization for x86 and ARM

8th ACM SIGSAC symposium on Information, computer and communications security (ACM ASIACCS 2013) , 2013

#95 AnoA: A Framework for Analyzing Anonymous Communication Protocols

6th Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETs) , 2013

#94 Formal Verification of Cryptographic Security Proofs

, 2013

Year: 2012 (Total: 17)

IEEE Symposium on Security and Privacy (Oakland) [S&P]

#93 ObliviAd: Provably Secure and Practical Online Behavioral Advertising

Proc. of the 2012 IEEE Symposium on Security and Privacy (Oakland 2012) , 2012

ACM Conference on Computer and Communications Security [CCS]

#92 Computational Soundness without Protocol Restrictions

ACM CCS 2012 , 2012

Network and Distributed System Security Symposium [NDSS]

#91 MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones

19th Annual Symposium on Network and Distributed System Security (NDSS) , 2012

#90 Automated Synthesis of Secure Distributed Applications

Proc. 19th Annual Network and Distributed System Security Symposium (NDSS 2012) , 2012

IEEE Computer Security Foundations Symposium [CSF]

#89 Verified Security of Merkle-Damgård

Proceedings of the 25th IEEE Computer Security Foundations Symposium - CSF 2012 , 2012

#88 Provably Secure and Practical Onion Routing

Proceedings of the 25th IEEE Computer Security Foundations Symposium (CSF) , 2012

Others

#87 Ace: An Efficient Key-Exchange Protocol for Onion Routing

Proceedings of the 11th ACM Workshop on Privacy in the Electronic Society (WPES) , 2012

#86 Brief announcement: distributed cryptography using trinc

ACM Symposium on Principles of Distributed Computing 2012 , 2012

#85 AppGuard - Real-time Policy Enforcement for Third-Party Applications

, 2012

#84 Adding query privacy to robust DHTs

Proc. of the 7th ACM Symposium on Information, Computer and Communication Security (ASIACCS 2012) , 2012

#83 Diffusion-Based Image Compression in Steganography

Proceedings of the 8th International Symposium on Visual Computing -- ISVC 2012 , 2012

#82 On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols

Proc. 4th NASA Formal Methods Symposium (NFM 2012) , 2012

#81 Quantifying Information Flow in Cryptographic Systems

Mathematical Structures in Computer Science (Journal) , 2012

#80 SAFE Extensibility of Data-Driven Web Applications

WWW~'12: Proceedings of the 21st International World Wide Web Conference , 2012

#79 XIFER: A Software Diversity Tool Against Code-Reuse Attacks

4th ACM International Workshop on Wireless of the Students, by the Students, for the Students (S3) , 2012

#78 Computational Soundness of Symbolic Zero-knowledge Proofs: Weaker Assumptions and Mechanized Verification

Eigth Workshop on Formal and Computational Cryptography (FCC 2012) , 2012

#77 Rational Cryptography

, 2012

Year: 2011 (Total: 16)

ACM Conference on Computer and Communications Security [CCS]

#76 AmazonIA: When Elasticity Snaps Back

18th ACM Conference on Computer and Communications Security (CCS'11) , 2011

#75 Poster: Control-flow Integrity for Smartphones

18th ACM conference on Computer and communications security (ACM CCS 2012) , 2011

Network and Distributed System Security Symposium [NDSS]

#74 A Security API for Distributed Social Networks

Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February - 9th February 2011 , 2011

Others

#73 Twin Clouds: An Architecture for Secure Cloud Computing

Workshop on Cryptography and Security in Clouds (CSC) , 2011

#72 Automatically Verifying Typing Constraints for a Data Processing Language

Proc. 1st International Conference on Certified Programs and Proofs (CPP 2011) , 2011

#71 A Local Cross-Site Scripting Attack against Android Phones

, 2011

#70 Cryptographically sound security proofs for basic and public-key Kerberos

International Journal of Information Security (Journal) , 2011

#69 Computational Verifiable Secret Sharing Revisited

Proc. 17th International Conference on the Theory and Application of Cryptology (ASIACRYPT 2011) , 2011

#68 G2C: Cryptographic Protocols from Goal-Driven Specifications

TOSCA'11: Proceedings of the 2011 International Conference on Theory of Security and Applications (now POST), held as part of ETAPS 2011 , 2011

#67 Non-Uniform Distributions in Quantitative Information-Flow

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS) , 2011

#66 Securing social networks

Proceedings of the 30th Annual ACM Symposium on Principles of Distributed Computing, PODC 2011, San Jose, CA, USA, June 6-8, 2011 , 2011

#65 Union and Intersection Types for Secure Protocol Implementations

Theory of Security and Applications - Joint Workshop, TOSCA 2011, Saarbrücken, Germany, March 31 - April 1, 2011, Revised Selected Papers , 2011

#64 X-pire! - A digital expiration date for images in social networks

, 2011

#63 Twin Clouds: Secure Cloud Computing with Low Latency

Communications and Multimedia Security Conference (CMS'11) , 2011

#62 CFI Goes Mobile: Control-Flow Integrity for Smartphones

International Workshop on Trustworthy Embedded Devices (TrustED) (Journal) , 2011

#61 Union Intersection, and Refinement Types and Reasoning About Type Disjointness for Security Protocol Analysis

, 2011

Year: 2010 (Total: 10)

Usenix Security Symposium [Usenix]

#60 Acoustic Side-Channel Attacks of Printers

Proceedings of 19th USENIX Security Symposium , 2010

Others

#59 Anonymous Webs of Trust

Proceedings of 10th Privacy Enhancing Technologies Symposium (PETS) , 2010

#58 Anonymity and Trust in Distributed Systems

Proceedings of 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC) , 2010

#57 Computationally Sound Verification of Source Code

ACM CCS 2010 , 2010

#56 Computationally Sound Abstraction and Verification of Secure Multi-Party Computations

Proceedings of the 30th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS) , 2010

#55 Computational Soundness of Symbolic Zero-Knowledge Proofs

Journal of Computer Security (Journal) , 2010

#54 RatFish: A File Sharing Protocol Provably Secure Against Rational Users

Proceedings of 15th European Symposium on Research in Computer Security (ESORICS) , 2010

#53 Speaker Recognition in Encrypted Voice-over-IP Traffic

Proceedings of 15th European Symposium on Research in Computer Security (ESORICS) , 2010

#52 Novel Classes of Side Channels and Covert Channels

, 2010

#51 Ray - A Secure Microkernel Architecture

Eighth Annual International Conference on Privacy Security and Trust (IEEE PST 2010) , 2010

Year: 2009 (Total: 8)

Network and Distributed System Security Symposium [NDSS]

#50 CSAR: A practical and provable technique to make randomized systems accountable

NDSS 2009 , 2009

IEEE Computer Security Foundations Symposium [CSF]

#49 Achieving Security Despite Compromise Using Zero-knowledge

Proceedings of 22nd IEEE Computer Security Foundations Symposium (CSF) , 2009

Others

#48 Automatic Discovery and Quantification of Information Leaks

Proceedings of 30th IEEE Symposium on Security and Privacy , 2009

#47 CoSP: a general framework for computational soundness proofs

Proceedings of the 16th ACM conference on Computer and communications security (CCS) , 2009

#46 Design and Verification of Anonymous Trust Protocols

Security Protocols XVII, 17th International Workshop, Cambridge, UK, April 1-3, 2009. Revised Selected Papers , 2009

#45 Tempest in a Teapot: Compromising Reflections Revisited

Proceedings of 30th IEEE Symposium on Security and Privacy , 2009

#44 Anonymous and Censorship-resistant Content-sharing in Unstructured Overlays

Proceedings of OTM Conferences , 2009

#43 Security of Robust Audio Hashes

First IEEE International Workshop on Information Forensics and Security (WIFS 2009) , 2009

Year: 2008 (Total: 15)

Others

#42 Gespiegelt / Verräterische Reflexionen: Wie Brillengläser Geheimnisse verraten

iX Magazin für Professionelle Informationstechnik (Journal) , 2008

#41 Type-checking zero-knowledge

Proceedings of the 15th ACM conference on Computer and communications security , 2008

#40 A Formal Language for Cryptographic Pseudocode

LPAR 2008 , 2008

#39 Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-calculus

Proceedings of 21st IEEE Computer Security Foundations Symposium (CSF) , 2008

#38 Conditional reactive simulatability

International Journal of Information Security (Journal) , 2008

#37 Computational Soundness of Symbolic Zero-Knowledge Proofs Against Active Attackers

21st IEEE Computer Security Foundations Symposium, CSF 2008 , 2008

#36 Compromising Reflections or How to Read LCD Monitors Around the Corner

IEEE Symposium on Security and Privacy, Proceedings of SSP'08 , 2008

#35 CASPA: Causality-based Abstraction for Security Protocol Analysis

Proceedings of 20th International Conference on Computer Aided Verification (CAV) , 2008

#34 Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks

Proceedings of 13th European Symposium on Research in Computer Security (ESORICS) , 2008

#33 Limits of the BRSIM/UC soundness of Dolev-Yao-style XOR

International Journal of Information Security (Journal) , 2008

#32 Limits of Constructive Security Proofs

ASIACRYPT 2008 , 2008

#31 Key-dependent Message Security under Active Attacks - BRSIM/UC-Soundness of Symbolic Encryption with Key Cycles

Journal of Computer Security (JCS) (Journal) , 2008

#30 OAEP is Secure Under Key-dependent Messages

ASIACRYPT 2008 , 2008

#29 Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol

IEEE Symposium on Security and Privacy, Proceedings of SSP'08 , 2008

#28 Brief Announcement: Anonymous and Censorship-resistant Content-sharing in Unstructured Overlays

Proceedings of 27th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC) , 2008

Year: 2007 (Total: 12)

Others

#27 A Calculus of Challenges and Responses

Proceedings of 5th ACM Workshop on Formal Methods in Security Engineering (FMSE) , 2007

#26 Causality-based Abstraction of Multiplicity in Security Protocols

Proceedings of 20th IEEE Computer Security Foundation Symposium (CSF) , 2007

#25 Causality-based Abstraction of Multiplicity in Security Protocol Analysis

, 2007

#24 Enterprise Privacy Policies and Languages

Digital Privacy: Theory, Technologies and Practices , 2007

#23 Enterprise Privacy Policies and Languages

Digital Privacy: Theory, Technologies and Practices , 2007

#22 Information Flow in the Peer-Reviewing Process (extended abstract)

Proceedings of 28th IEEE Symposium on Security and Privacy (SSP) , 2007

#21 Key-dependent Message Security under Active Attacks - BRSIM/UC-Soundness of Symbolic Encryption with Key Cycles

Proceedings of 20th IEEE Computer Security Foundation Symposium (CSF) , 2007

#20 On the Security of Protocols with Logarithmic Communication Complexity

, 2007

#19 On the Necessity of Rewinding in Secure Multiparty Computation

Theory of Cryptography, Proceedings of TCC 2007 , 2007

#18 The Reactive Simulatability Framework for Asynchronous Systems

Information and Computation (Journal) , 2007

#17 Vorgetäuscht / Böse Textdokumente -- Postscript gone wild

iX Magazin für Professionelle Informationstechnik (Journal) , 2007

#16 On Simulatability Soundness and Mapping Soundness of Symbolic Cryptography

Proceedings of 27th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS) , 2007

Year: 2006 (Total: 15)

Others

#15 Cryptographically Sound Theorem Proving

Proceedings of 19th IEEE Computer Security Foundations Workshop (CSFW) , 2006

#14 Cryptographically Sound Security Proofs for Basic and Public-key Kerberos

Proceedings of 11th European Symposium on Research in Computer Security(ESORICS) , 2006

#13 Computationally Sound Secrecy Proofs by Mechanized Flow Analysis

, 2006

#12 Compositional Analysis of Contract Signing Protocols

Theoretical Computer Science (Journal) , 2006

#11 Formal Methods and Cryptography

Proceedings of 14th International Symposium on Formal Methods (FM) , 2006

#10 Games and the Impossibility of Realizable Ideal Functionality

, 2006

#9 Limits of the Reactive Simulatability/UC of Dolev-Yao Models with Hashes

Proceedings of 11th European Symposium on Research in Computer Security(ESORICS) , 2006

#8 Proceedings of 9th International Conference on Information Security (ISC), Samos Island, Greece

, 2006

#7 On the Cryptographic Key Secrecy of the Strengthened Yahalom Protocol

Proceedings of 21st IFIP International Information Security Conference (SEC) , 2006

#6 Real-or-Random Key Secrecy of the Otway-Rees Protocol via a Symbolic Security Proof

Electronic Notes in Theoretical Computer Science (ENTCS) (Journal) , 2006

#5 Soundness Limits of Dolev-Yao Models

, 2006

#4 Secure Key-Updating for Lazy Revocation

Proceedings of 11th European Symposium on Research in Computer Security(ESORICS) , 2006

#3 Conditional Reactive Simulatability

Proceedings of 11th European Symposium on Research in Computer Security (ESORICS) , 2006

#2 Computationally Sound Secrecy Proofs by Mechanized Flow Analysis

Proceedings of 13th ACM Conference on Computer and Communications Security (CCS) , 2006

#1 Symbolic and Cryptographic Analysis of the Secure WS-ReliableMessaging Scenario

Proceedings of Foundations of Software Science and Computational Structures (FOSSACS) , 2006

Selected Projects

Android Security Framework

Enabling Generic and Extensible Access Control on Android.

Anonymous Communication

Projects regarding Anonymous Communication.

AppGuard

Real-time policy enforcement for third-party applications.

Securing Systems against Run-Time Attacks

Runtime Attack Protection mechanisms like XnR.
All Theses

Recent Theses