Mobile smart devices (such as smartphones and tablets) have emerged to become mainstream computing platforms that are in use by millions of users on a daily basis for a wide variety of tasks. While processing a large amount of security critical and privacy sensitive information about their owners, they have also become attractive attack targets; in recent years, we have witnessed large amount of cyber-attacks against mobile platforms, which continue to grow in number, variety and sophistication. In this talk, we present privilege escalation attacks against mobile platforms that enable malicious or compromised apps to perform privileged operations without appropriate permissions, and then propose countermeasures against these attacks.

Widely used digital signature and public-key encryption schemes like RSA and ECC are based on mathematical problems that would be solvable using currently not available quantum computers. In this work we investigate the efficient implementation of cryptosystems based on hard problems on ideal lattices that are considered safe against attacks by quantum computers. Our contribution are novel techniques for the resource efficient and high performance realization of lattice-based cryptoschemes on microcontrollers and reconfigurable hardware.

In dem Vortrag werden die vorherschenden Schwächen im Design von Anonymisierungsdiensten diskutiert. Hierbei dient das Tor-Netzwerk als anschauliches und relevantes Anwendungsbeispiel. Die häufig nicht direkt offensichtlichen Zusammenhänge zwischen Mechanismen des Datentransports erweisen sich als Hauptaugenmerk für Verbesserungen. Nur durch eine integrale Betrachtungsweise ist es schließlich möglich, ein Protokoll zu spezifizieren, das den speziellen Anforderungen von Anonymisierungsdiesnten gerecht wird.