User Tools

Site Tools


Welcome at the Institute of Information Security (SEC)

Visit us at CeBit 2018

The Institute of Information Security (SEC) of the University of Stuttgart, newly founded in 2017, shows current developments in security research: secure single sign-on systems, provable security for blockchains, progress in the field of electronic elections and other topics. Discuss questions such as: How do you analyze web security comprehensively and in depth these days? How can “security” be guaranteed for smart contracts? How secure are protocols in the IoT and automotive sector? How can the requirements of the GDPR be implemented with Differential Privacy?

The staff of the Institute of Information Security will also be available at the booth for information on industrial cooperations.

You will find us at the CeBit from 12.06.2018 - 15.06.2018 in hall 27 at the booth of the University of Stuttgart (H51).

A Comprehensive Formal Security Analysis of OAuth 2.0

We recently discovered, through formal analysis, two new attacks on OAuth (Technical Report). This publication was coordinated with the OAuth Working Group who released a statement on their mailing list and prepared a draft covering the recommended mitigations. The publication of the attacks was also covered in a press release by our university, and some press articles.

Our group hosted an OAuth Security Workshop to discuss these and other findings, background on OAuth security, and future improvements to OAuth in July 2016.


SPRESSO is a secure and privacy-respecting single sign-on system for the Web. We presented SPRESSO at CCS 2015. Read the technical report or try the online demo.


sElect is a lightweight, practical, and verifiable remote voting system. We presented sElect at CSF 2016. Read the technical report or try the online demo.

Book on Cryptography

Autoren: Küsters, Ralf / Wilke, Thomas
Moderne Kryptographie
Eine Einführung
2011. XII, 300 S. Mit 16 Abb. Br.
ISBN: 978-3-519-00509-4