Adrian Dabrowski participated in the panel discussion „IT ist überall – Wie sicher ist unsere Infrastruktur?“ hosted by the Report Verlag that took place 13.09.2016. More information can be found here.
The paper “No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large” has won the best paper award at ARES 2016. Congrats to our researchers Willi, Aaron, Martin and Markus!
Bart Preneel, member of SBA Research’s Scientific Board, talked about Cryptography to futurezone.at
Today is the first day of the 11th International Conference on Availability, Reliability and Security (ARES 2016), which is hosted by the University of Applied Sciences Salzburg and SBA Research. The ARES 2016 Conference takes place from 31 August to 2 September 2016 in Salzburg, Austria.
We are welcoming 227 participants from 41 countries! At ARES 2016 35 full & short papers will be presented; 18 workshops, the CD-ARES 2016 and the ARES EU Symposium are co-located and in total we are welcoming 12 invited talks.
Salzburger Dialog is an annual event organized by Dr. Stefan Eder. Edgar Weippl gave a presentation on Cyber-Security and possible effects of the NIS directive.
The second joint workshop between NIST and SBA Research on combinatorial security testing was held at SBA Research, Vienna on August 4th, 2016.
The scope of the workshop was to strengthen the existing and already high successful cooperation between the Combinatorial Security Testing team of SBA Research and the ACTS project team of US NIST on the research field of combinatorial security testing.
The workshop was highly successful and paved the way for new applications of combinatorial security testing in cyber-physical systems, cryptography and web technologies, together with the advancement of methodologies for constructing optimal arrays and covering sequences.
For more information on the workshop’s agenda, see here.
Today is the last day of the 9th International Conference on Trust & Trustworthy Computing (TRUST 2016), which is hosted by SBA Research. We are welcoming Virgil D. Gligor (Carnegie Mellon University, UK) & Stefan Katzenbeisser (TU Darmstadt & CASED, Germany) as Keynote Speakers at TRUST 2016. The TRUST 2016 Conference takes place from 29-30 June 2016 in Vienna. Website
Under the lead of TU Austria, we organize an Alpbach Breakout Session on Cyber-Security as a fundamental right. Participants include Isao Echizen (NII), Lokke Moerel (Tilburg University), Günter Müller (University of Freiburg), Reinhard Posch (TU Graz), Bart Preneel (University of Leuven), A Min Tjoa (TU Wien), and Edgar Weippl (TU Wien, SBA Research).
Find the summary of the results discussed in the breakout session here:
Alpbach Executive Summary
Klaus Krapfenbauer, one of SBA’s bright students, successfully finished his Winter of Security project at Mozilla.
As part of his master thesis he implemented a PoC for fully automated Let’s Encrypt support in nginx. Due to the design of nginx, this was not a straight forward task. You can read the technical details in the blogpost from Mozilla.
Students from the Changwon National University of South Korea visited SBA Research.
Watch it here:
Members of SBA will be present at USENIX Security and co-located workshops like WOOT or FOCI to cover them for our PRIME partner program. If you run into them, don’t be shy to say hi.
Sebastian and Martin will present two research papers at DFRWS USA, the leading conference in digital forensics.
The first one is on using nano-second timestamps for embedding steganographic information securely, titled “Time is on my side: Steganography in filesystem metadata”. You can find a preprint of the paper, the data and the source codes online. The second paper improves the forensic process by leveraging sub-file hashes part of the Torrent filesharing protocol, “PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics”. Preprint, data and source codes can be found here.
The 2016 IEEE International Conference on Software Quality, Reliability & Security (QRS 2016) was held from 01 – 03 August 2016 in Vienna, Austria, supported by SBA Research.
Dimitris Simos (SBA Research), Rick Kuhn (NIST), Jeff Yu Lei (University of Texas at Arlington) and Raghu Kacker (NIST) give a tutorial on Combinatorial Security Testing at QRS 2016.
The tutorial is comprised of two parts focusing on combinatorial testing methods and their usage to security testing.
The abstract can be found here.
Dimitris Simos gives a talk on August, 1 at QRS 2016 about “TLS Cipher Suites Recommendations: A Combinatorial Coverage Measurement Approach” joint work with Kristoffer Kleine (SBA Research), Artemios Voyiatzis (SBA Research), Rick Kuhn (NIST), Raghu Kacker (NIST).
QRS 2016 takes place from August 1 – 3, 2016 in Vienna, Austria. QRS is organized by University of Texas at Dallas and supported by Graz University of Technology and SBA Research.
Members of SBA will be present at Blackhat and Defcon.
Aaron’s work with Hanno Böck, Philipp Jovanovic and Sean Devlin on nonce re-uses in TLS is scheduled to be presented at Blackhat on August 3rd, 11:30. This work is also nominated for the Pwnie for Best Cryptographic Attack. Adrian Dabrowski will be on-site to cover the presentations for our PRIME partner program.
The quarterly meeting of the SPLIT (Security Protocol Interaction Testing in Practice) project took place on July 29th, 2016 at SBA Research. SPLIT is funded under the Bridge Early Phase programme of the Austrian Research Promotion Agency (FFG). The project aims to provide quality assurance of security protocols by combining combinatorial testing and model-based testing methodologies as part of a fully automated test cycle. Recent advances of the project on protocols attacks and certificate testing were discussed.
SBA Research acts as the consortium leader, with Graz University of Technology (Franz Wotawa, Institute for Software Technology), University of Texas at Arlington (Jeff Lei, Department of Computer Science and Engineering) and Objentis Software Integration GmbH (Roland Tscheinig) as project partners. For more information regarding SPLIT see the project’s webpage or contact its project leader, Dimitris Simos at firstname.lastname@example.org
A summary of the SPLIT project has been featured in a special theme of ERCIM News on cyber security, which can be found here.
Wilfried Mayer was today on national TV and explained Tor, the dark web and how it is used world-wide by dissidents and journalists, not only by perpetrators.