User Tools

Site Tools


Start

Welcome at the Institute of Information Security (SEC)

Dagmar Gahr
Secretary
Daniel Rausch, M.Sc.
Ph.D. Student
Enrico Scapin, M.Sc.
Ph.D. Student
Daniel Bernau, M.Sc.
External Ph.D. Student
Benjamin Weggenmann, M.Sc.
External Ph.D. Student
Ben Lebherz
System Administration

A Comprehensive Formal Security Analysis of OAuth 2.0

We recently discovered, through formal analysis, two new attacks on OAuth (Technical Report). This publication was coordinated with the OAuth Working Group who released a statement on their mailing list and prepared a draft covering the recommended mitigations. The publication of the attacks was also covered in a press release by our university, and some press articles.

Our group hosted an OAuth Security Workshop to discuss these and other findings, background on OAuth security, and future improvements to OAuth in July 2016.

SPRESSO

SPRESSO is a secure and privacy-respecting single sign-on system for the Web. We presented SPRESSO at CCS 2015. Read the technical report or try the online demo.

sElect

sElect is a lightweight, practical, and verifiable remote voting system. We presented sElect at CSF 2016. Read the technical report or try the online demo.

Book on Cryptography

Autoren: Küsters, Ralf / Wilke, Thomas
Moderne Kryptographie
Eine Einführung
2011. XII, 300 S. Mit 16 Abb. Br.
ISBN: 978-3-519-00509-4


Events

2018

2017

2016

2015

2014

2013

2012

2011