Eike Kiltz is in the editorial board of the JoC
09.03.2012 - Britta Scherer
The Journal of Cryptology is a publication of the International Association for Cryptologic Research and one of the most renowned journals for Cryptology and IT-Security. The journal provides a forum for publication of original results in all areas of modern information security. It is published by Springer and consists of four issues per year. Since January 2012 is Prof. Dr. Eike Kiltz from the Horst Görtz Institute for IT-Security member of the editorial board. He is currently the only German member. His main tasks are to verify the technical accuracy of the articles and to select relevant papers.
Encryption Method by HGI is Becoming International Standard
21.02.2012 - Britta Scherer
An increasing number of everyday devices such as car keys, smart phones and even medical implants need protection from hackers. The encryption method PRESENT is the smallest cipher for such cost and energy constrained applications. It is the result of a collaboration between the Ruhr-Universität Bochum (Germany), Orange Labs France and the Technical University of Denmark. The cipher design is characterized by its hardware efficiency which makes it even applicable in health insurance cards or RFID-labels (substitute for bar codes). Because the cipher combines low costs with a particularly high level of security it is becoming an international standard now.
Satellite telephony is unsafe
09.02.2012 - Britta Scherer
Satellite telephony was thought to be secure against eavesdropping. Researchers at the Horst Görtz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB) have cracked the encryption algorithms of the European Telecommunications Standards Institute (ETSI), which is used globally for satellite telephones, and revealed significant weaknesses. In less than an hour, and with simple equipment, they found the crypto key which is needed to intercept telephone conversations. Using open-source software and building on their previous research results, they were able to exploit the security weaknesses.
User Awareness in Android
17.01.2012 - Eva Kolb
You can download a free Android "App Permission Watcher" to monitor the permissions needed by your other apps from the Android Market or via http://www.apewatch.de in English or German. The app was developed as part of the master's thesis of Eric Struse and also as part of a common research project of the working group for Long Term Security at the Ruhr University Bochum (Christopher Wolf) and the Mobile Human-Computer-Interaction Group at the University of Duisburg-Essen (Enrico Rukzio). The application assists users to monitor the permissions used by installed applications. It warns users about suspicious permission combinations that can be used to compromise privacy or to cause unwanted costs. Installing this App helps us to better understand security aspects in the area of user interaction. | If you have any further questions, please contact Eric.Struse/at/apewatch.de.
HGI researcher reveals new threat in Mozilla products
17.01.2012 - Yvonne Roehrle-Schetz
Mario Heidrich from the Horst Görtz Institute has found a new type of vulnerability in the Firefox browser and two other Mozilla products, namely Thunderbird and Seamonkey. It concerns the function which enables displaying complex SVG vector graphics adding capability to use “Access Keys”. Via this kind of vulnerability the malware was able to recognize “Key Strokes” – that is keyboard touches – and thus allowing the attacker access to Emails or forms being worked on, even when JavaScript was disabled or the Emails were encrypted. The problem has been reported to Mozilla, and now the latest versions are equipped with improved safeguard mechanisms against information leackage. More precise information can be found here.