GI Sicherheit 2022
Foundations of Generalized State Channel Networks
State channels and state channel networks allow users of a (decentralized) payment system to perform complex payment transactions securely and privately while avoiding heavy load on the payment system itself. As I will explain in my talk, the key property of the developed state channel framework is its modularity. It not only helps us to formally define and prove security of our multi-party state channel protocols, but also enables future researchers to build on top of the constructed state channels without understanding all the design details.
Don't Blame Developers! Examining a Password-Storage Study Conducted with Students, Freelancers, and Company Developers
Software developers' programming security mistakes can threaten millions of end users' data. To deepen insights into developers' security behavior around the security-critical task of user-password storage, Naiakshina et al. conducted laboratory, online, and field studies with computer science students, freelancers, and professional developers from various companies. Besides investigating software developers' processes and security practices while storing user passwords in databases, they tested the usability of different application programming interfaces (APIs) and explored the methodological implications of several security-study parameters, including deception task design, sample variety, and the comparison of qualitative with quantitative research approaches.
Practical Private Set Intersection Protocols for Privacy-Preserving Applications
PSI Protokolle sind kryptographische Protokolle zur privaten Schnittmengenberechnung, einer instrumentalen Funktionalität für eine Vielzahl von praktischen Anwendungen. In diesem Vortrag zeigen wir die Schwachstellen von derzeit leider oft genutzten unsicheren Alternativen auf und präsentieren neue, besonders effiziente PSI Protokolle für drei spezifische Anwendungsszenarien: Kontaktermittlung in mobilen Messengern, Authentifizierung für Apple AirDrop und Analyse von verteilten Datenbanken.
|17:00||Diskussion und Abstimmung|
Wenn Sie noch Fragen haben, wenden Sie sich bitte an:
Zoltán Mann, University of Amsterdam, firstname.lastname@example.org
Michael Nüsken, b-it Bonn, email@example.com
Christian Wressnegger, KIT, firstname.lastname@example.org
Andreas Heinemann, CAST e.V., email@example.com
Tel.: +49 6151 869-230
|CAST-Förderpreis IT-Sicherheit 2022||10.10.2022|
|hot topic "KI und IT-Sicherheit"||20.10.2022|
|Forensik / Internetkriminalität||15.12.2022|