Project Areas

S – Solutions

S3 – Privacy-Preserving Access and Verifiable Utilization

The goal of the project is to secure the Internet infrastructure and devise techniques for secure and privacy preserving access to and usage of Internet services and platforms. The project studies cryptography deployment in the Internet and identifies the related challenges and obstacles. The project develops mechanisms for integrating cryptography into the Internet infrastructure and for automating the cryptography usage and operation. The developed deliverables are then extensively evaluated in the Internet and analyzed with simulations.

Principal Investigators

  Name Working area(s) Contact
Dr. Haya Shulman
Security in Information Technology
S3
+49 6151 869-505
Prof. Michael Waidner
Security in Information Technology
S3
+49 6151 869 250

Researchers

  Name Contact
Markus Brandt
Security in Information Technology
+49 6151 869 307
Fraunhofer SIT B6.14
Tianxiang Dai
Security in Information Technology
+49 6151 869-180
Fraunhofer SIT B6.11
Kris Shrishak
Security in Information Technology
+49 6151 869-513
SIT B6.14
Nikhil Tripathi
Security in Information Technology

Publications

Shrishak, Kris and Shulman, Haya (2020):
Limiting the Power of RPKI Authorities.
ACM, Proceedings of the Applied Networking Research Workshop (ANRW'20), Online Workshop, 30.-31.07., [Conference or Workshop Item]

Brandt, Markus and Orlandi, Claudio and Shrishak, Kris and Shulman, Haya (2020):
Optimal Transport Layer for Secure Computation.
SECRYPT 2020-The 17th International Conference on Security and Cryptography, virtual Conference, 08.-10.07., [Conference or Workshop Item]

Dalskov, Anders and Keller, Marcel and Orlandi, Claudio and Shrishak, Kris and Shulman, Haya (2020):
Securing DNSSEC Keys via Threshold ECDSA From Generic MPC.
ESORICS 2020-The 25th European Symposium on Research in Computer Security, virtual Conference, 14.-18.09, [Conference or Workshop Item]

Hlavacek, Tomas and Cunha, Italo and Gilad, Yossi and Herzberg, Amir and Katz-Bassett, Ethan and Schapira, Michael and Shulman, Haya (2020):
DISCO: Sidestepping RPKI's Deployment Barriers.
Network and Distributed Systems Security Symposium (NDSS 2020), San Diego, USA, 23.-26. Febr., [Conference or Workshop Item]

Jeitner, Philipp and Shulman, Haya and Waidner, Michael (2020):
The Impact of DNS Insecurity on Time.
DSN2020 - 50th International Conference on Dependable Systems and Networks, virtual Conference, 29.06.-02.07., [Conference or Workshop Item]

Jeitner, Philipp and Shulman, Haya and Waidner, Michael (2020):
Pitfalls of Provably Secure Systems in Internet - The Case of Chronos-NTP.
DSN 2020-International Conference on Dependable Systems and Networks, virtual Conference, 29.06.-02.07, [Conference or Workshop Item]

Jeitner, Philipp and Shulman, Haya and Waidner, Michael (2020):
Secure Consensus Generation with Distributed DoH.
DSN 2020-International Conference on Dependable Systems and Networks, virtual Conference, 29.06.-02.07., [Conference or Workshop Item]

Schneider, Markus and Shulman, Haya and Sidis, Adi and Sidis, Ravid and Waidner, Michael (2020):
Diving into Email Bomb Attack.
DSN 2020-International Conference on Dependable Systems and Networks, virtual Conference, 29.06.-02.07., [Conference or Workshop Item]

Shrishak, Kris and Shulman, Haya (2020):
MPC for Securing Internet Infrastructure.
IEEE, 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020), virtual Conference, 29.06.-02.07., [Conference or Workshop Item]

Brandt, Markus and Dai, Tianxiang and Klein, Amit and Shulman, Haya and Waidner, Michael (2018):
Domain Validation ++ for MitM-Resilient PKI.
ACM CCS 2018, Toronto, Canada, 15.-19.10. 2018, [Conference or Workshop Item]

Hlavacek, Tomas and Herzberg, Amir and Shulman, Haya and Waidner, Michael (2018):
Practical Experience: Methodologies for Measuring Route Origin Validation.
DSN 2017 - The 47th IEEE/IFIP International Conference on Dependable Systems and Networks, Denver,CO,USA, 26.-29.06.2018, [Conference or Workshop Item]

Göhring, Matthias and Shulman, Haya and Waidner, Michael (2018):
Path MTU Discovery Considered Harmful.
ICDCS 2018 - 38th IEEE International Conference on Distributed Computing Systems, Vienna, Austria, 2.-5.7.2018, [Conference or Workshop Item]

Brandt, Markus and Shulman, Haya and Waidner, Michael (2018):
Internet As a Source of Randomness.
pp. 64-70, HotNets '18: 17th ACM Workshop on Hot Topics in Networks, Redmond, USA, November 2018, DOI: 10.1145/3286062.3286072,
[Conference or Workshop Item]

Dai, Tianxiang and Shulman, Haya and Waidner, Michael (2018):
Off-path Attacks Against PKI.
pp. 2213-2215, ACM SIGSAG Conference on Computer and Communications Security (CCS 2018), Toronto, Canada, October 2018, DOI: 10.1145/3243734.3278516,
[Conference or Workshop Item]

Gilad, Yossi and Hlavacek, Tomas and Herzberg, Amir and Schapira, Michael and Shulman, Haya (2018):
Perfect is the Enemy of Good: Setting Realistic Goals for BGP Security.
pp. 57-63, ACM, HotNets'18: 17th ACM Workshop on Hot Topics in Networks, November 2018, Redmond, USA, ISBN 978-1-4503-6120-0,
DOI: 10.1145/3286062.3286071,
[Conference or Workshop Item]

Shrishak, Kris and Shulman, Haya and Waidner, Michael (2018):
Removing the Bottleneck for Practical 2PC.
pp. 2300-2302, ACM SIGSAG Conference on Computer and Communications Security (ACM CCS), Toronto, Canada, 15.-19. Oct. 2018, DOI: 10.1145/3243734.3278521,
[Conference or Workshop Item]

Klein, Amit and Shulman, Haya and Waidner, Michael (2017):
Counting in the Dark: Caches Discovery and Enumeration in the Internet.
In: IEEE/IFIP International Conference on Dependable Systems and Networks (DSN),
Denver, CO, USA, [Conference or Workshop Item]

Klein, Amit and Shulman, Haya and Waidner, Michael (2017):
Internet-Wide Study of DNS Cache Injections.
In: IEEE International Conference on Computer Communications (INFOCOM),
Atlanta, GA, USA, [Conference or Workshop Item]

Cohen, Avichai and Gilad, Yossi and Herzberg, Amir and Schapira, Michael and Shulman, Haya (2017):
Are We There Yet? On RPKIs Deployment and Security.
In: Network and Distributed Systems Security (NDSS),
San Diego, CA, USA, [Conference or Workshop Item]

Shulman, Haya and Waidner, Michael (2017):
One Key to Sign Them All Considered Vulnerable: Evaluation of DNSSEC in the Internet.
In: Proceedings of the 14th USENIX Conference on Networked Systems Design and Implementation, pp. 131-144,
USENIX Association, 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 17), Boston, MA, USA, 27.-29.03. 2017, [Conference or Workshop Item]

Fischlin, Marc and Herzberg, Amir and Noon, Hon Bin and Shulman, Haya (2016):
Obfuscation Combiners.
In: International Cryptology Conference (CRYPTO),
Santa Barbara, CA, USA, [Conference or Workshop Item]

Feldmann, Anja and Heyder, Philipp and Kreutzer, Michael and Schmid, Stefan and Seifert, Jean-Pierre and Shulman, Haya and Thimmaraju, Kashyap and Waidner, Michael and Sieberg, Jens (2016):
NetCo: Reliable Routing with Unreliable Routers.
In: IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Workshops,
Toulouse, France, [Conference or Workshop Item]

Shulman, Haya and Waidner, Michael (2016):
Is the Internet Ready for DNSSEC: Evaluating Pitfalls in the Naming Infrastructure.
In: In Traffic Monitoring and Analysis (TMA),
Louvain La Neuve, Belgium, [Conference or Workshop Item]

Borgwart, Andreas and Boukoros, Spyros and Shulman, Haya and Waidner, Michael and van Royeen, Carel (2015):
Detection and Forensics of Domains Hijacking.
In: IEEE Global Communications Conference,
IEEE, San Diego, CA, USA, [Conference or Workshop Item]

Shulman, Haya and Waidner, Michael (2015):
DNSSEC for Cyber Forensics.
In: EURASIP J. Information Security, (16), p. 14. [Article]

Shulman, Haya and Waidner, Michael (2015):
Towards Security of Internet's Naming Infrastructure.
In: Computer Security ESORICS,
Vienna, Austria, [Conference or Workshop Item]

Herzberg, Amir and Shulman, Haya (2015):
Cipher-Suite Negotiation for DNSSEC: Hop-by-Hop or End-to-End?
In: Internet Computing, IEEE, (19), pp. 80-84. [Article]

Herzberg, Amir and Shulman, Haya (2014):
DNS Authentication as a Service: Preventing Amplifikation Attacks.
In: ACSAC, In: 30th Annual Computer Security Applications Conference, pp. 356-365,
New Orleans, LA, USA, [Conference or Workshop Item]

Herzberg, Amir and Shulman, Haya and Crispo, Bruno (2014):
Less is More: Cipher-Suite Negotiation for DNSSEC.
In: Computer Security Applications Conference (ACM ACSAC),
ACSAC, IEEE, New Orleans, Louisiana, U.S., [Conference or Workshop Item]

Shulman, Haya and Ezra, Shiran (2014):
Poster: On the Resilience of DNS Infrastructure.
In: ACM Conference on Computer and Communications Security (ACM CCS),
ACM, Scottsdale, Arizona, USA, [Conference or Workshop Item]

Herzberg, Amir and Shulman, Haya (2014):
DNS Security: Past, Present and Future.
In: Future Security Conference 2014,
Berlin, Germany, [Conference or Workshop Item]

Shulman, Haya (2014):
Pretty Bad Privacy: Pitfalls of DNS Encryption.
In: Proceedings of the 13th annual ACM workshop on Privacy in the electronic society, pp. 191-200 (9),
Scottsdale, Arizona, USA, [Conference or Workshop Item]