Network and Data Security
Keeping pace with the hacker community
To enhance the security of IT systems, researchers from Bochum break security systems considered to be secure, detect their weak points and propose improvements. The Chair of Network and Data Security (NDS) researches into cryptographic protocols, internet security and XML security. This entails a comprehensive study of cryptographic techniques and standards together with the complete system in which they are used.
Cryptographic protocols are the basis for many security solutions, ranging from the well-know SSL protocol to the European Citizen Card (in Germany: neuer Personalausweis). The ultimate goal of research in this area is to prove the security of a protocol within a formal model that is as close as possible to reality. One challenging task is to model protocols that are used in practice, because many different implementation aspects have to be modeled (concurrent execution of the same security process on a single host that has access to the same static key material, and non-trustworthy participants), and because these protocols cannot be changed.
The main research challenges in internet security are browser based protocols, especially complex SSL scenarios and defense techniques against XSS. For XML based data formats, the so-called “wrapping attacks” published by IBM New York have been improved, and new attacks against XML Encryption have been discovered.
In these areas we are currently working on many projects financed by BMBF, BMWi and BSI.