Rüdiger Weis

The Performance of Modern Block Ciphers in Java

This paper explores the question of how fast modern block ciphers can be realized as machine-independent Java implementations. The ciphers we considered include well-known proven ones such as DES and IDEA and recent candidates for the proposed DES-successor AES.

A Secure, Accountable, and Collaborative Whiteboard

This paper addresses the design issues and the security concept of the digital lecture board which is an enhanced whiteboard tailored to the specific needs of collaborative types of work, for instance, in computer-based distance education. The development of the digital lecture board emerged from our experiences with synchronous, computer-based distance education in the TeleTeaching projects of the University of Mannheim. For almost two years, we have been using video conferencing tools for transmitting lectures and seminars. These tools prove to be far from optimal for this purpose since they do not take into account the specific requirements of teaching. Security issues such as authentication, secure key exchange, and fast symmetric encryption are almost completely neglected, even though security is extremely important to allow for confidential, private sessions, and billing.

How to Make DES-Based Smartcards Fit for the 21-St Century

With its 56-bit key size, the data encryption standard (DES) seems to be at end of its useful lifetime. Also, the 64-bit DES block size is dangerously small for some applications. We discuss techniques such as triple DES and DESX to push up the key size, and we present DEAL to increase both block and key size. We propose DEALKx, a new variant of DEAL with an improved key schedule.

The design and the security concept of a collaborative whiteboard

This paper presents the design and the security concept of the digital lecture board, an enhanced whiteboard tailored to the specific needs of collaborative types of work, for instance, in computer-based distance education. The development of the digital lecture board emerged from our experiences with synchronous, computer-based distance education in the TeleTeaching projects of the University of Mannheim. For almost four years, we have been using video conferencing tools for transmitting lectures and seminars. These tools prove to be far from optimal for this purpose since they are not powerful enough to support team work, not flexible enough for the use of media, and somewhat difficult to handle for non-experts. Security issues such as authentication, secure key exchange, and fast symmetric encryption are almost completely neglected, even though security is extremely important to allow for confidential, private sessions, and billing. We discuss shortcomings of existing video conferencing tools and describe features we had in mind while designing the digital lecture board. We then present our security concept that is a user-oriented approach that takes into account the specific security requirements of different user groups. We also cover implementation issues of the current prototype.

How to Make a Digital Whiteboard Secure - Using Java-Cards for Multimedia Applications

In this paper we propose a light-weight, provable secure smart card integration for the OpenPGP secure message format. The basic idea is that the secret keys are stored on a smart card and never leave it. We have integrated this new security approach into an enhanced whiteboard, the digital lecture board (dlb). Existing whiteboards neglect security mechanisms almost completely, even though these mechanisms are extremely important to allow confidential private sessions and billing. The primary application field of our concept are small and closed groups, whereas the smart card serves to testify group membership. Our first implementation supports the JAVA i-Button which provides an additional hardware security.

Combining Authentication and Light-Weight Payment for Active Networks

Security functions are of critical importance for the acceptance of Active Networks in practice: network nodes must be protected from malicious code, and they should account for the cost of executing code; this also helps to prevent denial-of-service attacks. For the payment function code packets must carry some form of light-weight electronic cash. Cryptographic schemes can be used to solve both the security and the payment/resource management problem. In this paper we propose to combine cryptographic algorithms in order to solve both problems in an integrated way. Our scheme is secure, light-weight and efficient: It saves space in the packet headers, and the security is higher than that of separate algorithms for authentication and cost accounting.