Kai Rannenberg

Advances in Information and Computer Security

Software and Multimedia Security.- A Note on the (Im)possibility of Using Obfuscators to Transform Private-Key Encryption into Public-Key Encryption.- Design Issues of an Isolated Sandbox Used to Analyze Malwares.- Collusion-Resistant Fingerprinting Scheme Based on the CDMA-Technique.- Public-Key Cryptography (1).- Reduction Optimal Trinomials for Efficient Software Implementation of the ? T Pairing.- Experiments on the Linear Algebra Step in the Number Field Sieve.- Batch Pairing Delegation.- Botnet Traffic Detection Techniques by C&C Session Classification Using SVM.- A Global Authentication Scheme for Mobile Ad-Hoc Networks.- An Efficient Pre-authentication Scheme for IEEE 802.11-Based Vehicular Networks.- Intrusion Detection and Identification System Using Data Mining and Forensic Techniques.- Run-Time Randomization to Mitigate Tampering.- Privacy-Preserving Eigentaste-Based Collaborative Filtering.- Secure and Private Incentive-Based Advertisement Dissemination in Mobile Ad Hoc Networks.- Verifiable Internet Voting Solving Secure Platform Problem.- Enforcement of Integrated Security Policy in Trusted Operating Systems.- Salvia: A Privacy-Aware Operating System for Prevention of Data Leakage.- InfoCage: A Development and Evaluation of Confidential File Lifetime Monitoring Technology by Analyzing Events from File Systems and GUIs.- Public-Key Cryptography (2).- Accredited Symmetrically Private Information Retrieval.- Generic Certificateless Encryption in the Standard Model.- On Security Models and Compilers for Group Key Exchange Protocols.- Processing Multi-parameter Attacktrees with Estimated Parameter Values.- Practical Security Analysis of E-Voting Systems.- Fine-Grained Sticky Provenance Architecture for Office Documents.- Secure Anonymous Communications with Practical Anonymity Revocation Scheme.- GAS: Overloading a File Sharing Network as an Anonymizing System.- A Composite Privacy Protection Model.- Nominative Signature from Ring Signature.- Anonymous Authentication Protocols with Credit-Based Chargeability and Fair Privacy for Mobile Communications.- How to Find Many Collisions of 3-Pass HAVAL.- A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol.

Privacy and Identity Management for Life

At the end of the PrimeLife EU project, a book will contain the main research results. It will address primarily researchers. In addition to fundamental research it will contain description of best practice solutions.

Pseudonymous audit for privacy enhanced intrusion detection

Intrusion detection systems can serve as powerful security audit analysis tools. But by analysing the user activities, they are affecting the privacy of the users at the same time. Pseudonymous audit can be the basis for privacy enhanced intrusion detection. In this paper, the concept of pseudonymous audit for privacy enhanced intrusion detection and its prototype realisations are presented. Furthermore it is discussed whether IT security evaluation criteria cover pseudonymous audit and the respective changes are suggested.*

Individual management of personal reachability in mobile communication

This paper describes a concept for controlling personal reachability while maintaining a high degree of privacy and data protection. By easy negotiation of their communication requests users can reach others without disturbing the called partners and without compromising their own privacy. Reachability management can strengthen the called subscribers right to self-determined communication without violating the callersO interests in protecting their personal data. *

Sicherheit, insbesondere mehrseitige IT-Sicherheit

Sicherheit besteht bei informationstechnischen (IT-) Systemen darin, daß Schutzziele trotz intelligenter Angreifer durchgesetzt werden. In diesem Text wird zunächst der Begriff Sicherheit im Kontext von IT-Systemen kurz diskutiert, insbesondere die Erweiterung, die er im Zuge der Entwicklung der IT und der Verbreitung ihrer Anwendung, speziell bei IT-gestützten Kommunikationssystemen, erfahren hat. Danach werden potentielle Angreifer betrachtet. Eine Erläuterung und ein Beispiel für Sicherheitsanforderungen aus mehreren Blickwinkeln ( mehrseitige Sicherheit) folgen. Eine kurze Betrachtung der Möglichkeiten, mehrseitige Sicherheit in verteilten Systemen zu realisieren, schließt den Text ab.

Identity management in mobile cellular networks and related applications

Abstract While identity management systems for the Internet are debated intensively identity management in mobile application has grown silently over the last 12 years. More then 980 million GSM subscriptions and the SIM infrastructure are the basis for many application oriented initiatives to manage identities. This paper discusses the technological foundations as well as the application scenarios and the privacy challenges and opportunities.

Attribute-Based Credentials for Trust (ABC4Trust)

The rapid growth of communication infrastructures and enterprise software solutions has caused electronic services to penetrate into our everyday life. So it is not far from reality that many personal and trust-sensitive transactions happen online. In this regard, one of the biggest challenges to deal with will be proper user authentication and access control, as strong authentication and authorization techniques used nowadays are double-edged swords: while they can protect service providers by offering a satisfactory level of resilience against unauthorized accesses, most of these technologies have the drawback of threatening the clients’ privacy.

Integrating Anonymous Credentials with eIDs for Privacy-Respecting Online Authentication

Electronic Identity eID cards are rapidly emerging in Europe and are gaining user acceptance. As an authentication token, an eID card is a gateway to personal information and as such it is subject to privacy risks. Several European countries have taken extra care to protect their citizens against these risks. A notable example is the German eID card, which we take as a case study in this paper. We first discuss important privacy and security threats that remain in the German eID system and elaborate on the advantages of using privacy attribute-based credentials Privacy-ABCs to address these threats. Then we study two approaches for integrating Privacy-ABCs with eID systems. In the first approach, we show that by introducing a new entity in the current German eID system, the citizen can get a lot of the Privacy-ABCs advantages, without further modifications. Then we concentrate on putting Privacy-ABCs directly on smart cards, and we present new results on performance, which demonstrate that it is now feasible for smart cards to support the required computations these mechanisms require.

How to enhance Privacy and Identity Management for Mobile Communities: Approach and User driven Concepts of the PICOS Project

Mobility allows social communities to become a ubiquitous part of our daily lives. However, as users in such communities share huge amounts of personal data and contents, new challenges emerge with regard to privacy and trust. In this paper we motivate the necessity of advanced privacy enhancing concepts, especially for mobile communities and outline the approach of the PICOS project in order to elaborate such concepts. We explicate how we collected mobile community requirements and elaborated adequate concepts to address them. Finally, we conclude with details on how the concepts were prototypically implemented to demonstrate their feasibility, what distinguishes them from existing work, and how we intend to transfer the concepts to practice.

Mobilität, mobile Technologie und Identität Mobile Identitätsmanagementsysteme

ZusammenfassungDie Beziehungen zwischen Mobilität und Identität sind nicht nur vielschichtig sondern werden mit der Berücksichtigung von Mobilität und mobiler Technologien in Identitätsmanagementsystemen auch immer wichtiger. Dieser Beitrag gibt einen Überblick über die verschiedenen Aspekte von Identität und Mobilität, wie sie im Work Package 11 von FIDIS behandelt werden und vertieft diese anhand eines Anwen-dungsszenarios aus dem Bereich „Mobiles Leben und Arbeiten“.