Research-Related Publiactions | Sirrix Aktiengesellschaft

Research Papers 2008

Ulrich Kühn, Andrei Pyshkin, Erik Tews, Ralf-Philipp Weinman. Variants of Bleichenbacher's Low-Exponent Attack on PKCS#1 RSA Signatures. Processing in: Sicherheit 2008, pages 97-109, Lecture Notes in Informatics 128, 2008.

Andre Osterhues, Ahmad-Reza Sadeghi, Marko Wolf, Christian Stüble,N. Asokan: Securing Peer-to-peer Distributions for Mobile Devices. Accepted for The 4th Information Security Practice and Experience Conference (ISPEC 2008), 21-23 April 2008, Sydney, Australia.

Ahmad-Reza Sadeghi and Christian Stüble and Marcel Winandy: Property-Based TPM Virtualization.Information Security Conferene (ISC'08), 2008.

Ulrich Kühn: Breaking the Shin-Shin-Rhee - Remotely Keyed Encryption Schemes, Information Processing Letters 105(6):236-240, 2008.

N. Asokan, Jan-Erik Ekberg, Ahmad-Reza Sadeghi, Christian Stüble, Marko Wolf: Enabling Fairer Digital Rights Management with Trusted Computing. Information
Security Conference (ISC), 2008.

Research Papers 2007

Ulrich Kühn, Marcel Selhorst, and Christian Stüble: Realizing Property-Based Attestation and Sealing with Commonly Available Hard- and Software, Proceedings of 2nd ACM Workshop on Scalable Trusted Computing (in conjunction with ACM CCS), pages 50-57, 2007.

Ulrich Kühn, Stefan Lucks: Auf dem Weg zu neuen Hashfunktionen., Datenschutz und Datensicherheit (DuD) 31(8), 2007.

Dominik Birk, Sebastian Gajek, Felix Gröbert, and Ahmad-Reza Sadeghi: Phishing Phishers - Observing and Tracing Organized Cybercrime, IEEE Workshop on Cyber-Fraud (Cyberfraud'07), Silicon Valley (USA), 2007.

Sebastian Gajek, Mark Manulis, Ahmad-Reza Sadeghi and Jörg Schwenk: Browser Models for Usable Authentication Protocols, IEEE Security and Privacy, Web 2.0 Security and Privacy Workshop (W2SP'07), Oakland (USA), 2007.

Roger Karrer, Ulrich Kühn: ISPs: Who else can you trust in the internet?, ICIN 2007.

André Adelsbach, Ulrich Huber and Ahmad-Reza Sadeghi: Fingercasting - Joint Fingerprinting and Decryption of Broadcast Messages, LNCS Transactions on Data Hiding and Media Security 2007.

Hans Löhr, Hari Govind V. Ramasamy, Ahmad-Reza Sadeghi, Stefan Schulz, Matthias Schunter, Christian Stüble: Enhancing Grid Security Using Trusted Virtualization, 4th International Conference on Autonomic and Trusted Computing (ATC-07).

Sebastian Gajek, Ahmad-Reza Sadeghi, Jörg Schwenk and Marcel Winandy: Trusted User-Aware Web Authentication, 3rd Workshop on Trustworthy User Interfaces for Passwords and Personal Information (TIPPI'07), Stanford (USA), 2007.

Stefan Katzenbeisser, Ahmad-Reza Sadeghi, Boris Skoric, Mehmet Celik: Combining Tardos fingerprinting codes and fingercasting, Information Hiding Conference (IH'07).

Liqun Chen, Alberto Escalante, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi: A Privacy-Protecting Multi-Coupon Scheme with Stronger Protection against Splitting, 11th International Conference on Financial Cryptography and Data Security (FC 2007), 12-15 February, Trinidad/Tobago.

Research Papers 2006

Melanie Volkamer, Ammar Alkassar, Ahmad-Reza Sadeghi, Stefan Schulz: Towards Trustworthy Online Voting, Fundamenta Informaticae, IOS Press and European Association for Theoretical Computer Science, EATCS.

Ammar Alkassar, Hilger Lipmaa and Ellen Andreeva: “Efficient Authenticated Encryption for Short Packets”. Proceedings of Sicherheit 2006, in Magedburg, Germany; Lecture Notes in Informatics, Springer, pp 270--278, Magdeburg, Germany, February 20--22, 2006.

Dario Carluccio, Kerstin Lemke-Rust, Christof Paar, Ahmad-Reza Sadeghi: E-Passport: The Global Traceability or How to Feel Like an UPS Package, 7th International Workshop on Information Security Applications (WISA06).

Dario Carluccio, Kerstin Lemke-Rust, Christof Paar, Ahmad-Reza Sadeghi: E-Passport: The Global Traceability or How to Feel Like an UPS Package, presented at the Workshop on RFID Security 2006 in Graz.

Andre Adelsbach, Markus Rohe, Ahmad-Reza Sadeghi: Efficient Implementation of Zero-Knowledge Proofs for Watermark Detection in Multimedia Data, LNCS Transactions on Data Hiding and Multimedia Security.

Mark Manulis, Ahmad-Reza Sadeghi: Key Agreement for Heterogenous Mobile Ad-hoc Groups, Special Issue on Ubiquitous Computing and Mobile Networking of IJWMC (International Journal of Wireless and Mobile Computing) Journal.

Kerstin Lemke, Christof Paar and Ahmad-Reza Sadeghi: Physical Security Bounds Against Tampering, International Conference on Applied Cryptography and Network Security (ACNS 2006).

Research Papers 2005

Kerstin Lemke, Ahmad-Reza Sadeghi and Christian Stüble: An Open Approach for Designing Secure Electronic Immobilizers; First Information Security Practice and Experience Conference (ISPEC 2005).

André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi: Secure Software Delivery and Installation in Embedded Systems; First Information Security Practice and Experience Conference (ISPEC 2005).

Ahmad-Reza Sadeghi and Christian Stüble: Towards Multilateral Security On DRM Platforms; First Information Security Practice and Experience Conference (ISPEC 2005).

André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi: Secure Software Delivery and Installation in Embedded Systems; In: K. Lemke, C. Paar and M. Wolf (eds.): Embedded Security in Cars: Securing Current and Future Automotive IT Applications, pp. 27-49, Springer-Verlag, 2005.

André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble: Property-Based Broadcast Encryption for Multi-level Security Policies; Technical Report detailing the ICISC 2005 paper below.

André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble: Property-Based Broadcast Encryption for Multi-level Security Policies; 8th Internationale Conference on Information Security and Cryptology (ICISC 2005), Seoul, Korea, December 1-2, 2005. To be published in Springers LNCS Conference presentation.

Ammar Alkassar, Markus Rohe and Thomas Nicolay: Obtaining True-Random Binary Numbers From A Weak Radioactive Source. International Workshop on Information Security & Hiding (ISH '05), Singapore May 9 - 12, 2005, to appear at Springer LNCS.

Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Proving a WS-Federation Passive Requestor Profile with a Browser Model; Wokshop on Secure Web Services (SWS) 2005.

André Adelsbach, Markus Rohe, Ahmad-Reza Sadeghi: Towards Multilateral Secure Digital Rights Distribution Infrastructures; ACM DRM 2005.

Ahmad-Reza Sadeghi and Christian Stüble: Towards Multilaterally Secure Computing Platforms - With Open Source and Trusted Computing; Information Security Technical Report, Elesevier, Volume 10, Issue 2, 2005, pp. 83-95.

Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Browser Model for Security Analysis of Browser-Based Protocols; European Symposium for Research in Computer Science (ESORICS), 2005.

Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Browser Model for Security Analysis of Browser-Based Protocols; IBM Technical Report RZ3600, 2005.

Liqun Chen, Matthias Enzmann, Ahmad-Reza Sadeghi, Markus Schneider, Michael Steiner: A Privacy-Protecting Coupon System; Financial Cryptography 2005.

Ulrich Kühn, Klaus Kursawe, Stefan Lucks, Ahmad-Reza Sadeghi, Christian Stüble: Secure Data Management in Trusted Computing; Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES), LNCS 3659, pp. 324-338, Springer-Verlag, 2005.

Ahmad-Reza Sadeghi: Trusted Computing: Whom do we trust? Building Open Multilateral Secure Platforms Based On Trusted Computing; DRM Conference, 2005.

Sebastian Gajek and Ahmad-Reza Sadeghi: Client Authentication in Federations Using a Security Mode, presented at Toward a More Secure Web - W3C Workshop on Usability and Transparency of Web Authentication. Available at http://www.w3c.org/2005/Security/usability-ws/program.

André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi: Secure Software Delivery and Installation in Embedded Systems; First Information Security Practice and Experience Conference (ISPEC 2005).

Research Papers 2004

Ahmad-Reza Sadeghi, Christian Stüble: Property-based Attestation for Computing Platforms: Caring about policies, not mechanisms; Panel on Themes and Highlights of the New Security Paradigms Workshop 2004; presented at 20th Annual Computer Security Applications Conference (ACSAC) December, 2004.

Ahmad-Reza Sadeghi, Christian Stüble: Property-based Attestation for Computing Platforms: Caring about policies, not mechanisms; New Security Paradigm Workshop (NSPW), 2004.

André Adelsbach, Stefan Katzenbeisser and Ahmad-Reza Sadeghi: On the Insecurity of Non-Invertible Watermarking Schemes for Dispute Resolving; International Workshop on Digital Watermarking (IWDW 2003), LNCS 2939, Springer-Verlag, Berlin, 2004, pp. 355 - 369.

Research Papers 2003

Ahmad-Reza Sadeghi and Christian Stüble: Taming "Trusted Computing" by Operating System Design; Proceedings of the 4th International Workshop on Information Security Applications (WISA'03), Cheju Island, Korea, 2003, pp. 286-302.

Ahmad-Reza Sadeghi and Christian Stüble: Bridging the Gap between TCPA/Palladium and Personal Security; Technical Report, Saarland University, 2003.

Ammar Alkassar and Ahmad-Reza Sadeghi: The Quest for Security in Integrated Networks; Proceedings of the Eleventh International Conference on Telecommunication Systems, Modeling and Analysis, October 2-5, 2003 in Monterey CA.

André Adelsbach, Stefan Katzenbeisser and Helmut Veith: Watermarking Schemes Provably Secure Against Copy and Ambiguity Attacks; Proceedings of the 2003 ACM Workshop on Digital Rights Management, Washington, DC, USA, October 27, 2003, pp. 111-119.

Ammar Alkassar, Ahmad-Reza Sadeghi and Christian Stüble: Secure Object Identification - or: Solving The Chess Grandmaster Problem; Proceedings of the New Security Paradigms Workshop, August 18-21, 2003 in Ascona, Switzerland.

André Adelsbach, Stefan Katzenbeisser and Ahmad-Reza Sadeghi: Watermark Detection with Zero-Knowledge Disclosure; ACM Multimedia Systems Journal, Special Issue on Multimedia Security, Vol. 9, Nr. 3, pp. 266-278

Ammar Alkassar, Markus Garschhammer, Frank Gehring, Patrick Keil, Harald Kelter, Markus Ullmann: Kommunikations- und Informationstechnik 2010+3: Neue Trends und Entwicklungen in Technologien, Anwendungen und Sicherheit; Tagungsband zum 8. BSI-Kongress, 13.-15. Mai, Bonn, 2003. ISBN 3-922746-49-7 erschienen beim SecuMedia-Verlag, Ingelheim.

André Adelsbach and Ahmad-Reza Sadeghi: Advanced Techniques for Dispute Resolving and Authorship Proofs on Digital Works; Proceedings of SPIE Volume: 5020, Security and Watermarking of Multimedia Contents V, 2003, pp. 677 - 688

Back Research Papers

Ammar Alkassar, Christian Stüble: Towards Secure IFF - Preventing Mafia Fraud Attacks; proceedings of MILCOM 2002 IEEE Military Communications Conference, Anaheim, October 2002.

Abstract: Common identification schemes like in the context of identification between friend and foe can be broken by an active adversary who is able to perform real time attacks that have been known as mafia fraud. Because no convincing practical solution is known so far, common security proofs explicitly omit such scenarios.

We present an identification scheme in this paper that solves this problem by hiding the conversation channel between the participants using Channel Hopping (CH) technology. The security of our approach is based on the assumption that an adversary cannot efficiently eavesdrop all channels of an CH system in parallel. Finally, we argue that the proposed protocol is essential for a variety of military and civil applications.

Download full article: [.ps | kB] [.ps.gz | kB] [.pdf | kB]

Ammar Alkassar: Verlässlichkeit durch beweisbar sichere kryptographische Verfahren; LIT 2002, proceedings in infix, Akademische Veralgsgesellschaft, Leipzig, September 2002.

Abstract: Kryptographische Systeme und Anwendungen, deren Sicherheit beweisbar ist, waren lange Zeit ineffizient und für den praktischen Einsatz nicht verwendbar. In den letzten Jahren entwickleten sich eine Reihe praktikabler Ansätze, die es ermöglichen verlässliche Anwendungen mit beweisbarer Sicherheit zu entwickeln.

Insbesondere im rechtsverbindlichen Bereich und im Hinblick auf die immer wieder aufgetretenen Fehler und Lücken bei konventionellen Systemen bietet sich der Einsatz solcher Anwendungen an. Dieser Artikel vermittelt die Grundideen der Definitions- und Beweisschemata und zeigt deren Funktionsweise auf.

download full article: [.ps | kB] [.ps.gz | kB] [.pdf | kB]

Ammar Alkassar, Alexander Geraldy, Birgit Pfitzmann, Ahmad-Reza Sadeghi: Optimized Self-Synchronizing Mode of Operation; 8th International Workshop on Fast Software Encryption, Yokohama, April 2001, proceedings in LNCS 2355, p.78ff, Springer-Verlag.

Abstract: Modes of operation adapt block ciphers to many applications. Among the encryption modes, only CFB (Cipher Feedback) has both of the following properties: Firstly it allows transmission units shorter than the block-cipher length to be encrypted and sent without delay and message expansion. Secondly, it can resynchronize after the loss of such transmission units.However, CFB is inefficient in such applications, since for every transmission unit, regardless how short, a call to the block cipher is needed.

We propose a new mode of operation based on CFB which remedies this problem. Our proposal, OCFB, is almost optimally efficient (i.e., almost as many message bits are encrypted as block-cipher output bits produced) and it can self-synchronize after the loss or insertion of transmission units. We prove the security of CFB and OCFB in the sense of modern cryptography.

download full article: [.ps | 488kB] [.ps.gz | 108kB] [.pdf | 280kB]

André Adelsbach, Ahmad-Reza Sadeghi: Zero-Knowledge Watermark Detection and Proof of Ownership; 4th International Information Hiding Workshop (IH '01).

Abstract: The goal of zero-knowledge watermarking detection is to allow a prover to soundly convince a verifier of the presence of a watermark in a certain stego-data without revealing any information which the verifier can use to remove the watermark. Existing proposals do not achieve this goal in terms of definition (not formally zero-knowledge), security (unproven) and coverage (handle only blind watermark detection).

In this paper we define zero-knowledge watermark detection precisely. We then propose efficient and provably secure zero-knowledge protocols for blind and non-blind versions of a well-known class of watermarking schemes. Our protocols can be applied to improve the security of many watermark based applications.

Using such protocols as building blocks we propose concrete protocols for direct proof of ownership which enable offline ownership proofs, i.e., copyright holders can prove their rightful ownership to anyone without involving a trusted third party in the actual proof protocol.

Ahmad-Reza Sadeghi, Michael Steiner: Assumptions Related to Discrete Logarithms: Why Subtleties Make a Real Difference; Eurocrypt 2001, Innsbruck, May 2001, proceedings to appear in LNCS, Springer-Verlag.

Abstract: The security of many cryptographic constructions relies on assumptions related to Discrete Logarithms (DL), e.g., the Diffie-Hellman, Square Exponent, Inverse Exponent or Representation Problem assumptions. In the concrete formalizations of these assumptions one has some degrees of freedom offered by parameters such as computational model, the problem type (computational, decisional) or success probability of adversary. However, these parameters and their impact are often not properly considered or are simply overlooked in the existing literature.

In this paper we identify parameters relevant to cryptographic applications and describe a formal framework for defining DL-related assumptions. This enables us to precisely and systematically classify these assumptions.

In particular, we identify a parameter, termed granularity, which describes the underlying probability space in an assumption. Varying granularity we discover the following surprising result: We prove that two DL-related assumptions can be reduced to each other for medium granularity but we also show that they are provably not reducible with generic algorithms for high granularity. Further we show that reductions for medium granularity can achieve much better concrete security than equivalent high-granularity reductions.

Birgit Pfitzmann, Ahmad-Reza Sadeghi: Self-Escrowed Cash Against User Blackmailing; 4th International Conference on Financial Cryptography (FC '00), LNCS, Springer-Verlag, Berlin 2000.

Abstract: Protecting customer privacy is an important requirement when designing electronic cash systems. However, there is also concern that anonymous cash systems can be misused for criminal activities. Particularly blackmailing is in fact more severe in digital cash systems than in paper-based systems. This is because on the one hand the blackmailer is able to avoid physical contact and on the other hand there are no recognizable note numbers.

To prevent such activities, several cash systems have been proposed where one or a collection of trustees can revoke the anonymity of a user. However, this also introduces a serious risk that this revocation ability is misused.

In this paper we show that the problem of user blackmailing can be solved without this risk. In our proposal, instead of a trustee, it is rather the blackmailed person who reveals the required information to trace extorted coins without compromising any of her secrets. We show how to derive such systems from concrete existing proposals for anonymity-revocable cash systems with passive trustee.

Birgit Pfitzmann, Ahmad-Reza Sadeghi: Anonymous Fingerprinting with Direct Non-Repudiation; Asiacrypt 2000, Kyoto, Dec. 2000.

Abstract: Fingerprinting schemes support copyright protection by enabling the merchant of a data item to identify the original buyer of a redistributed copy. In asymmetric schemes, the merchant can also convince an arbiter of this fact. Anonymous fingerprinting schemes enable buyers to purchase digital items anonymously; however, identification is possible if they redistribute the data item.

Recently, a concrete and reasonably efficient construction based on digital coins was proposed. A disadvantage is that the accused buyer has to participate in any trial protocol to deny charges. Trials with direct non-repudiation, i.e., the merchant alone holds enough evidence to convince an arbiter, are more useful in real life. This is similar to the difference between "normal" and "undeniable" signatures.
In this paper, we present an equally efficient anonymous fingerprinting scheme with direct non-repudiation.

The main technique we use, delayed verifiable encryption, is related to coin tracing in escrowed cash systems. However, there are technical differences, mainly to provide an unforgeable link to license conditions.

Matthias Schunter: Optimistic Fair Exchange; Dissertation, Saarland University, October 2000.

Abstract: A fair exchange guarantees that a participant only reveals its items (such as signatures, payments, or data) if it receives the expected items in exchange. Efficient fair exchange requires a so-called \tp, which is assumed to be correct. Optimistic fair exchange involves this Third Party only if needed, i.e., if the participants cheat or disagree.

In Part I, we prove lower bounds on the message and time complexity of two particular instances of fair exchange in varying models, namely contract signing (fair exchange of two signatures under a contract) and certified mail (fair exchange of data for a receipt). We show that all given bounds are tight by describing provably time- and message-optimal protocols for all considered models and instances.
In Part II, we have a closer look at formalizing the security of fair exchange. We introduce a new formal notion of security (including privacy) for reactive distributed systems. We illustrate this new formalism by a specification of certified mail as an alternative to the traditional specification given in Part III.

In Part III, we describe protocols for generic and optimistic fair exchange of arbitrary items. These protocols are embedded into the SEMPER Fair Exchange Layer, which is a central part of the SEMPER Framework for Secure Electronic Commerce.

Birgit Pfitzmann, Ahmad-Reza Sadeghi: Coin-Based Anonymous Fingerprinting; Eurocrypt '99, LNCS 434, Springer-Verlag, Berlin 1999, 150-164.

Abstract: Fingerprinting schemes are technical means to discourage people from illegally redistributing the digital data they have legally purchased. These schemes enable the original merchant to identify the original buyer of the digital data.

In so-called asymmetric fingerprinting schemes the fingerprinted data item is only known to the buyer after a sale and if the merchant finds an illegally redistributed copy, he obtains a proof convincing a third party whom this copy belonged to. All these fingerprinting schemes require the buyers to identify themselves just for the purpose of fingerprinting and thus offer the buyers no privacy.

Hence anonymous asymmetric fingerprinting schemes were introduced, which preserve the anonymity of the buyers as long as they do not redistribute the data item.

In this paper a new anonymous fingerprinting scheme based on the principles of digital coins is introduced. The construction replaces the general zero-knowledge techniques from the known certificate-based construction by explicit protocols, thus bringing anonymous fingerprinting far nearer to practicality.

There is a small mistake in the proceedings version of this paper. In one place it is incorrectly written that "The anonymity is information-theoretic....". The correct statement is "The anonymity is computationally... "

Birgit Pfitzmann, Ahmad-Reza Sadeghi: Selbst-Deanonymisierbarkeit gegen Benutzererpressung in digitalen Münzsystemen; Verläßliche IT-Systeme, GI-Fachtagung VIS '99, DuD Fachbeiträge, Vieweg, Braunschweig 1999, 35-48.

Abstract: Datenschutz ist eine wichtige Anforderung beim Entwurf elektronischer Zahlungssysteme. Es bestehen aber Bedenken, daß anonyme digitale Zahlungssysteme für kriminelle Aktivitäten mißbraucht werden könnten. Speziell Erpressung ist in digitalen Zahlungssystemen in der Tat ein ernsteres Problem als im traditionellen Bargeldsystem: Einerseits kann der Erpresser physischen Kontakt vermeiden, andererseits sind keine Seriennummer von Banknoten erkennbar.

Um solche Mißbräuche zu verhindern, wurden sogenannte faire Zahlungssysteme vorgestellt, in denen eine oder mehrere Vertrauenspersonen (Treuhänder) die Anonymität eines Benutzers aufheben können. Diese Möglichkeit zur Deanonymisierung eröffnet jedoch ein großes Mißbrauchsrisiko.

In diesem Artikel zeigen wir, daß zumindest das Erpressungsproblem ohne dieses Mißbrauchsrisiko gelöst werden kann. In unserem Ansatz liefert der erpreßte Benutzer selbst die Informationen, die zur Verfolgung des erpreßten Geldes benötigt werden, ohne dabei weitere Geheimnisse verraten zu müssen. Wir zeigen auch, wie solche Systeme aus konkret vorgeschlagenen deanonymisierbaren Zahlungssystemen (mit passivem Treuhänder) abgeleitet werden.