The IT Security Experts Group of Darmstadt University of Applied Sciences (spokesperson: Prof. Dr. Christoph Krauß) has set itself the task of coordinating the subject area of IT security in education and research and making it more visible at Darmstadt University of Applied Sciences. Reference projects of the h_da on IT security can be found here . In addition to members from various departments of Darmstadt University of Applied Sciences - currently Computer Science as well as Social Sciences - PhD students from the National Research Center for Applied Cybersecurity ATHENE are also actively involved in the activities of the department. Study Focus IT-Security With the Cooperative Study Course IT Security (KITS) as well as the compulsory course IT Security in the first semester of the bachelor's degree in Computer Science, the h_da sustainably strengthens teaching in this field. Since November 2009, the Master of Computer Science has a further specialisation: IT Security. The new specialisation was developed in the context of the h_da participation in the "Center for Advanced Security Research Darmstadt (CASED)" - today ATHENE . Students of SPO2013 who decide on this specialisation must take at least 24 ECTS from the associated security course catalogue during the first study section (i.e. the regular semesters 1 to 3) and then work on a master's thesis on a suitable IT security topic. Students of SPO2006 have to prove at least 30 ECTS from the course catalogue "IT Security". Students will receive confirmation of their specialisation in their Master's degree. Courses Bachelor Master Current Topics of IT-Security Selected Topics of IT Security Case Studies in Information Security Usable Security Introduction into Computer Forensics Biometric Systems Hacker Contest Biometric Systems Internet Security Coding Theory IT Security Management Computer Forensics Penetration Testing Cryptography Security in Multimedia Systems and Applications Hacker Contest Implementation of Modern Public Key Algorithms IT Security Management and Compliance Theory of Complexity Security of Web Applications Security Protocols and Infrastructures Advanced Topics in Computer Forensics Advanced Topics in Digital Forensics Automotive Security Teaching Cooperation of TUD and h_da Departments of Computer Science Since summer term 2010 the Departments of Computer Science of Technical University of Darmstadt (TUD) and Darmstadt University of Applied Sciences (h_da) open some courses for students of the other institution. The cooperation refers to courses of the "TUD Master IT Security" and the "h_da-Master Computer Science with Specialisation in IT Security" and "Bachelor KITS". From the TUD catalogue, a maximum of 12 CP at the h_da in the AS catalogue will be recognizable for the SPO 2013 (note: this is half of the credit points required for the IT-Sec specialisation). In the SPO 2006 you can import 15 ECTS from the TUD. All modules imported from the TUD to the h_da are assigned to the study catalogue AS. In the summer term 2024 the following module can be taken: Embedded System Security (Prof. Dr.-Ing. Ahmad-Reza Sadeghi) Cryptography on Hardware (Prof. Dr. Amir Moradi) You must register via OBS (the courses can be found under "vIS TUD") and directly with the lecturer of the TUD. TU students can apply for the following HDA module in summer 2024: Automotive Security (Prof. Dr. Christoph Krauß) Biometric Systems (Prof. Dr. Christoph Busch) In each of the courses, a maximum of 4-6 TU Darmstadt students can be admitted due to the limited number of practical courses. TU students can apply here (between 25.03. – 05.04.2024). Please use the following credentials: User: LectureRegistration Password: yJtCy4rIC4WId6FvoNkOMg1M Contact person for the teaching cooperation is Prof. Dr. Christoph Krauß . Contact Members
Cyber Security and Foundations of Computer Science Alexander Wiesmaier holds a professorship for cyber security and foundations of computer science at Darmstadt University of Applied Sciences . He is a founding member and co-head of the Applied Cyber Security Darmstadt research group. His research interests include cryptography, security protocols & infrastructures, and privacy, focusing on subsets of applied, long-term, and usable cyber security. He is specialiced on solutions based on the use, adaption, or development of cryptographic technologies. He is a member of ATHENE National Research Center for Applied Cybersecurity , and responsible manager of Steinbeis Transfer Center Cyber Security & System Architecture . Short CV Since 2018 Professor at Darmstadt University of Applied Sciences 2011 - 2018 Research Architect at AGT International 2008 - 2011 Postdoc at Darmstadt University of Technology 2006 - 2008 Analyst at Safelayer Secure Communications 2001 - 2006 Research Associate at Darmstadt University of Technology Teaching Winter Term 2023 Security Protocols and Infrastructures ( 41.4886 ): PQC Bachelor Project System Development ( 30.7504 ): Easy Privacy Project: Research and Development ( 82.7700 ) Advanced Seminar ( 36.4800 , Nouri Alnahawi) Bachelor Project System Development ( 30.7504 , Gero Knoblauch, Dominik Heinz): PORTUNUS Summer Term 2023 Cryptography ( 41.4936 ) Cryptology ( 84.7412 ) Bachelor Project System Development ( 30.7504 , Nouri Alnahawi): eID Protocols Winter Term 2022 Master Project System Development ( 41.4806 ): PORTUNUS Security Protocols and Infrastructures ( 41.4886 ) Practice Module ( 30.7608 ) Master Project System Development ( 41.4806 , Nouri Alnahawi): eID Protocols Summer Term 2022 Master Project System Development ( 41.4806 ): PORTUNUS and Easy Privacy Cryptography ( 41.4936 ) Scientific Writing in Computer Science 2 ( 30.7512 ) Project: Project Management ( 82.7514 ) Seminar: Solution and Discussion ( 82.7518 ) Master Project System Development ( 41.4806 , Nouri Alnahawi): eID Protocols Winter Term 2021 Master Project System Development ( 41.4806 ): Easy Privacy Security Protocols and Infrastructures ( 41.4886 ) Cryptography ( 41.4936 ) Project: Research and Development ( 82.7700 ) Master Project System Development ( 41.4806 , Nouri Alnahawi): eID Protocols Summer Term 2021 Research semester Winter Term 2020 IT Security ( 30.7126 ) Master Project System Development ( 41.4806 ): Pentester's Parcours Security Protocols and Infrastructures ( 41.4886 ) Summer Term 2020 Cryptography ( 41.4936 ) IT Security ( 30.7126 ) Bachelor Project System Development ( 30.7504 ): Pentester's Parcours Winter Term 2019 Capture The Flag Hacking ( 30.101Z ) Cryptography ( 41.4936 ) IT Security 30.7126 Master Project System Development ( 41.4806 ): Info App Project: Project Management ( 82.7514 ) Seminar: Solution and Discussion ( 82.7518 ) Summer Term 2019 Capture The Flag Hacking 30.101Z Current Topics in IT Security ( 84.2010 ) Cryptography ( 41.4936 ) Programming, Algorithms and Data Structures 2 ( 30.7208 ) Master Project System Development ( 41.4806) Info App Scientific Writing in Computer Science 2 ( 30.7512 ) Winter Term 2018 Capture The Flag Hacking ( 30.101Z ) IT Security ( 30.7126 ) Research and Development ( 82.7700 ) Programming, Algorithms and Data Structures 1 ( 30.7104 ) Summer Term 2018 Capture The Flag Hacking ( 30.101Z ) Cryptology ( 84.7412 ) Programming, Algorithms and Data Structures 2 ( 30.7208 ) Publications Google Scholar dblp computer science bibliography Projects See Applied Cyber Security Darmstadt research group. Open theses / R&D studies / jobs See Applied Cyber Security Darmstadt research group. Contact Links (M)PSD: PORTUNUS PAUSED - (M)PSD: Easy Privacy PAUSED - (M)PSD: Pentester's Parcours CLOSED - (M)PSE: eID Protocols CLOSED - Advanced Seminar (English) - PQC CLOSED - (M)PSD: Info App
Quantum-Resistant Password Authenticated Connection Establishment As part of a bigger research effort on the migration of electronic identity documents (eCards) to quantum-resilient schemes, we concentrate on the PACE protocol which is at the heart of many eCard security mechanisms. This includes the analysis of the current state-of-the-art in both PQC and eCards, the underlying infrastructures, challenges, and possible solutions starting from the hardware and infrastructures, over scheme suitability and protocol design, and all the way up to a full-scale approach for PQC migration and crypto-agility. The proposed research helps paving the way towards securing eCards against the threat of quantum computers, enable crypto-agility, and provide building blocks for similar systems. Contact: Prof. Dr. Alexander Wiesmaier Nouri Alnahawi Publications Nouri Alnahawi, Nicolai Schmitt, Alexander Wiesmaier, and Chiara-Marie Zok. 2023. Towards Next Generation Quantum-Safe eIDs and eMRTDs – A Survey. ACM Trans. Embed. Comput. Syst. Just Accepted (March 2023). https://doi.org/10.1145/3585517 Alnahawi, Nouri, Kathrin Hövelmanns, Andreas Hülsing, and Silvia Ritsch "Towards post-quantum secure PAKE-A tight security proof for OCAKE in the BPR model." Cryptology ePrint Archive (2023). Project Overview Report from Latest Student Project BPSE_SS23_Report.pdf Contact
Welcome to the research group Applied Cyber Security Darmstadt at Darmstadt University of Applied Sciences.The group is headed by Prof. Dr. Christoph Krauß and Prof. Dr. Alexander Wiesmaie r. We are specialized in the protection of IT systems and applications in the fields of automotive, railway, computer networks, embedded systems, IoT and cloud. Our application-oriented and user-friendly solutions are based on the use, adaption, or development of cryptographic technologies. We are affiliated with the IT Security expert group at the Department of Computer Science at Darmstadt University of Applied Sciences. Project - PORTUNUS In the PORTUNUS project we investigate as part of the ATHENE research area Cryptography crypto-agile APIs for hardware implemented post-quantum cryptography. Contact: Prof. Dr. Alexander Wiesmaier The development of quantum-resistant cryptographic schemes (PQC) is advancing. To enable its efficient practical application the three-way abstraction gap between 1) cryptographers who design PQC algorithms, 2) platform experts who realize these algorithms on hardware, and 3) software developers who want to use these must be closed. In the project PORTUNUS the partners from Fraunhofer SIT, TU Darmstadt and Hochschule Darmstadt deal with this topic. While our partners deal with the description and realization of PQC algorithms on hardware, our focus at Hochschule Darmstadt is on easy-to-use and crypto-agile access to the PQC implementation, including support for runtime specific needs. Project - QR-PACE In the QR-PACE project we investigate as part of the ATHENE research area Cryptography the migration of electronic identity documents (eCards) to quantum-resilient schemes, so-called post-quantum cryptography (PQC). In particular, we focus on the PACE protocol, which is used for the initial authentication in electronic ID documents and passports. Contact: Nouri Alnahawi Prof. Dr. Alexander Wiesmaier Project - SEACOP The project SEcure Automotive COmmunication Protocols (SEACOP) is part of the ATHENE research area Secure Autonomous Driving (SAD) . Contact: Prof. Dr. Christoph Krauß Autonomous driving requires new automotive technologies that rely on increased computing power and increased data exchange within the vehicle and to the outside world. New technologies such as Automotive Ethernet are replacing or extending legacy technologies within a vehicle such as LIN, CAN, MOST, or FlexRay. Also new E/E architectures are used in autonomous vehicles including domain fusion, centralization, ECU consolidation / integration of multiple functionalities in one ECU (including mixed criticality), and increased backend connection. Also in the automotive world new approaches such as service-orientation are introduced with the AUTOSAR adaptive platform. From a security perspective, this technology change is ambivalent since it enables new attacks but also enables the use of (new) sophisticated security solutions or the use of established Internet security protocols within a vehicle. However, there are still many issues to solve. Internet protocols such as (D)TLS or IPsec using TCP/IP or UDP/IP have not been specifically designed to address automotive requirements, e.g., support for multicast communication, or latency and bandwidth guarantees. A thorough evaluation of such protocols and adaptions / improvements is required. In addition, entirely new protocols need to be developed for certain scenarios. Furthermore, designs for communication architectures, e.g., the use of firewalls, domain separation, filtering mechanisms, or VLANs, requires additional research. In addition to already intensively investigated ITS Vehicle2X communication, new communication protocols are rising. For example, autonomous electric vehicles will communicate wirelessly with charge points using ISO 15118 Edition 2. The vehicle communicates the estimated time of arrival, battery status, required energy, and desired point in time to continue the travel to the charging point, which enables optimal charging schedules as well as the optimization of the load management to use the energy grid effectively. In addition, protocols for secure over-the-air (OTA) code updates are required (which is also required by the UNECE WP.29 regulation). The goal of SEACOP is to improve the communication security within the E/E system of autonomous vehicles and for selected external communication. To achieve this goal, we evaluate existing protocols, develop new protocols, and implement and evaluate our new solutions. Concrete, we address the following objectives: Evaluation of (security) protocols used in the automotive domain and other domains which may be suitable for use in E/E architectures of autonomous vehicles Development of improved and adapted protocols as well as new protocols for the use within vehicles Evaluation of protocols used for external communication with focus on remote management and communication of electric vehicles with the charging infrastructure Development of improved and adapted protocols as well as new protocols for the external communication Prototypical implementation and evaluation Thus, the results of this project are analyses of the applicability of security protocols, adapted and new protocols, and their prototypical implementation and evaluation. Project - PQC Integration The project Agile and Easy-to-use Integration of PQC Schemes investigates as part of the ATHENE research area Cryptography the praktical challenges introduced by the migration from classical to PQC schemes. Contact: Prof. Dr. Alexander Wiesmaier Post-quantum cryptographic schemes have been under development for several years. Very soon there will be standardized post-quantum algorithms replacing the previous standards, which will eventually become obsolete. In order for quantum-resistant cryptographic Measures to be utilized, one needs more than simply developing secure post-quantum algorithms. The migration towards PQC poses great challenges on different levels. Those are not only restricted to the integration into existing protocols, but also include performance issues such as hardware specifications and memory usage, and especially the uncertainty of long term security of the new algorithm families. Moreover, a major challenge lies within finding suitable means of communicating and negotiating new algorithms and protocol parameters between different IT-systems. This leads to the urgent need for establishing the concept of crypto-agility, so as to be prepared for the rapid changes of cryptography, and insure the compatibility in all possible scenarios and settings. Our research group deals with the challenges of post-quantum cryptography migration, and searches for answers to the open questions in this field. We build upon our findings and analysis towards finding suitable solutions for achieving said migration and establishing crypto-agility in IT-systems. Our goal is to develop such solutions through design, strategies, frameworks and interfaces. On the one hand we conduct research on the newest findings regarding cryptographic measures and their development state. On the other hand, we Contribute to cutting edge post quantum cryptography technologies and it's applications, as we transform our theoretical and scientific findings into practical solutions. Project - Pentester's Parcours The project Pentester's Parcours deals with the development and provisioning of a practicing environment for offensive security, i.e. a dedicated target for white hacking attacks. Contact: Prof. Dr. Alexander Wiesmaier The environment simulates a company network consisting of multiple computers running different applications. Various vulnerabilities have been placed within the system, which allows attackers to successively invade the network. An important feature of the environment is the ability to be easily reset (after an attack) to its initial state. A further important feature is the ability to be easily replicated. Both is realized by applying virtualization technology. Last but not least, an easy management of the environment is provided by automation tools. Project - Digital Shadows Funded by the German Federal Ministry for Economic Affairs and Energy (BMWi) the ZIM network Digital Shadows brings together experts from industry and academia with the purpose of conducting joined research and development projects in the area of digital shadows. Contact: Prof. Dr. Alexander Wiesmaier A digital shadow denotes all data that is gathered while executing or using a concrete process or service. Together with the digital master that models the general behavior and relations of the process or service, the digital twin can be generated. The latter is then a digital reflection of the concrete instance of the process or service. Contact Members
The 7th ACM Computer Science in Cars Symposium (CSCS) took place on December 5, 2023, at Darmstadt University of Applied Sciences (h_da) in Germany. The conference served as a central meeting point, bringing together experts and enthusiasts to explore the central topics artificial intelligence (AI) and security for vehicles. The agenda began with a warm welcome at the premises of h_da by Prof. Dr. Nicole Saenger, Vice President for Research at h_da, together with Björn Brücher as General Chair and Prof. Dr. Christoph Krauß as Program Chair. Three keynotes, nine full papers, and three extended abstracts formed the backbone of the conference program, showcasing the latest advances, research results, and innovative approaches in the field of AI and automotive security. Attendees had the opportunity to delve into various topics, gaining insights into the challenges and opportunities of these dynamic fields. At the end of the symposium, attendees voted for the (unofficial) best paper and best extended abstract. A highlight of the symposium was the exceptional line-up of keynotes delivered by industry and research leaders. Martin Arend (BMW Group, Germany) provided insights into automotive security management systems and Hassan Mohd (Continental Automotive, Germany) discussed cybersecurity regulations impacting Europe. The AI keynote was delivered by Prof. Jan Peters, Ph.D. (Technical University of Darmstadt, Germany), who provided attendees with insights into lessons learned from robot reinforcement learning. The symposium attracted nearly 50 participants, fostering a collaborative environment conducive to knowledge exchange and networking. Scientists, researchers, and practitioners engaged in insightful discussions, solidifying connections within the vibrant community dedicated to advancing the frontiers of AI and automotive security. The conference's success was a testament to the collaborative efforts of its organizers. The general organization was in the capable hands of Björn Brücher (Intel Germany) as General Chair. The carefully crafted program was a collaborative effort of Program Chair Prof. Dr. Christoph Krauß (h_da), Co-Chairs Prof. Dr. Mario Fritz (CISPA Helmholtz Center for Information Security, Germany), Prof. Dr. Hans-Joachim Hof (Technical University of Ingolstadt, Germany), and Prof. Dr. Oliver Wasenmüller (Mannheim University of Applied Sciences, Germany) with the support of 20 reviewers from academia and industry. Special recognition goes to the Web Chairs and Local Organization Chairs, whose dedication was instrumental to the success of the event: Dominik Bayerl (Technical University of Ingolstadt, Germany), Timm Lauser (h_da), Lukas Kaupp (h_da), Jana Brücher (Munich University of Applied Sciences, Germany), and Oliver Grau (Intel Germany). The proceedings of the symposium have been published in the ACM Digital Library as " CSCS '23: Proceedings of the 7th ACM Computer Science in Cars Symposium ". This collection captures the depth and breadth of insights shared during this collaborative exploration of AI and security in the automotive domain.
Researchers from the Applied Cyber Security Darmstadt (ACSD) research group successfully placed a paper at this year's 22nd International Conference on Applied Cryptography and Network Security (ACNS). In the paper "Self-sovereign Identity for Electric Vehicle Charging", the researchers propose a new approach for using self-sovereign identities (SSIs) to authenticate and authorize charging sessions. This improves privacy protection and eliminates the need for complex PKIs. The paper is available as open access here .
Advanced Seminar (English) Topics in Cyber-Security and Post-Quantum Cryptography Overview Module Number: 36.4800 In the advanced seminar the students have the opportunity to: specialize in at least one sub-domain of Computer Science, become familiar with literature research, train and exercise in writing a scientific paper, improve interdisciplinary and soft-skills while presenting the paper, improve scientific skills while actively participating in discussing and challenging all participants´ contribution to the seminar. Workflow Students will be provided with general information and guides on how to write a scientific paper or thesis, how to conduct a literature research and survey, as well as material on working with LaTex. Enrolled students have to register to the Moodle course to get access to the course material and to form work groups. Lectures dates will be arranged shortly after the end of the OBS course selection phase. Topics: How to write a Survey Paper (survey vs. SoK) Security (crypto-agility and PQC migration) in automotive (eMobility) and smart-grid PQC - Diffie-Hellman (DH) replacement schemes PQC Password Authenticated Key Exchange (PAKE) Provable security and cryptographic techniques (classical vs. PQC) Other cryptography related topics... Examination Language: English Graded scientific paper in the range of 10 to 20 pages and graded presentation in the range of 45 to 60 minutes (the two partial services are included in the overall evaluation in the ratio of 70 % (written paper) and 30 % (presentation)). Contact
Researchers from the Applied Cyber Security Darmstadt (ACSD) and User Center Security (UCS) research group successfully placed a paper at this year's GI Sicherheit conference. Abstract: When cryptography becomes insecure, a migration to new schemes is required. Often the migration process is very complicated, but the time available is very limited. Only if the used cryptographic algorithms, protocols and configurations are known can a system be efficiently and fully adapted to changed security situations. This creates the need for a crypto-inventory that gathers this knowledge. Consequently, the question arises what criteria a crypto-inventory must fulfill to support this adaptation. It also highlights the need for tools to assist compilation. We therefore conducted a literature survey and extracted key requirements. Missing content was supplemented by expanding existing requirements or adding new ones. Furthermore, appropriate metrics were assigned to assess the fulfillment of the requirements for a certain crypto-inventory implementation. Regarding the tooling, we identified five major areas of interest — installed software, connected hardware, communication, stored data and source code scanning — and provide prototypes for semi-automatic creation of crypto-inventories for three of them. This provides organizations with a starting point to understand their cryptographic landscape as a prerequisite for crypto-agility and crypto-migration. However, theoretical design and prototypes have not yet been evaluated. This will be done as a follow-up to this work. All types of organizations are invited to participate.
Researchers from the Applied Cyber Security Darmstadt (ACSD) research group successfully placed two papers at this year's Annual Computer Security Applications Conference (ACSAC) . In the paper Detection of Anomalies in Electric Vehicle Charging Sessions , Dustin Kern, Christoph Krauß, and Matthias Hollick propose an intrusion detection system (IDS) that can be used to detect attacks when charging electric vehicles. In the worst case, such attacks can lead to a fire in the vehicle battery or a blackout of the power grid. The paper can be downloaded here as open access. In the paper Remote Attestation with Constrained Disclosure , Michael Eckel, Dominik Roy George, Björn Grohmann, and Christoph Krauß propose a new remote attestation method with constrained disclosure, allowing for selective disclosure of entries in the measurement log. The paper can be downloaded here as Open Access.
the Best Student Paper in the Best Security Paper category at the ACNS Conference 2024 for the paper Self-Sovereign Identity for Electric Vehicle Charging by Adrian Kailus, Dustin Kern, and Christoph Krauß.