From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 8 10:28:46 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 8 Jan 2004 10:28:46 +0100 Subject: [HGI-News] HGI-Seminar am Montag, 12.01.2004, 12:00 st Message-ID: <002e01c3d5c9$d10367f0$a5289386@crypto.ruhrunibochum.de> Bitte beachten Sie das dieser Vortrag außnahmsweise um 12:00 st stattfindet (und *NICHT* um 13:00 ct). ======================================================================== Sandeep Kumar CoSy, Ruhr-Universität Bochum "Embedded End-to-End Wireless Security with ECDH Key Exchange" Montag, 12.01.2004, 12:00 hrs, IC 4/39 Abstract Sensor networks offer tremendous benefits for the future as they have the potential to make life more convenient and safer. For instance sensor networks can be used for climate control to reduce power consumption, for structures such as bridges to monitor the maintenance status, or for company badges to locate employees in order to increase productivity. However the introduction of such ubiquitous computing to everyday life also raises privacy concerns. In this presentation I will present a public-key cryptography implementation for secure key exchange on low-end wireless devices using elliptic curves. Our implementation is based on optimal extension fields(OEF) that are a special type of finite fields GF(p^m). ======================================================================== EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per Email erhalten wollen, können Sie hier http://www.hgi.ruhr-uni-bochum.de/newsletter/ unseren Newsletter abonnieren. ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden: http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html VORTRÄGE IM WS 2003/04: (Abstracts sind hier: www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html) 10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC 4/39 Cryptanalysis of Several of the UCLA Watermarking Schemes for Intellectual Property Protection of Digital Circuits/Designs 01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39 Eingebettete IT-Sicherheit im Automobil 08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39, "Secure Object Identification - Or: How To Solve The Chess-Grandmaster-Problem" 15.12.2003, Philippe Rivard, COSY Group -RUB, 13.15 c.t. IC 4/39, "Light-weight embedded SSL" 12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.15 c.t. IC 4/39, "Embedded End-to-End Wireless Security with ECDH Key Exchange" 19.01.2004, Stefan Lucks, Uni. Mannheim, 13.15 c.t., "Theorie und Praxis der Related-Key Angriffe" 26.01.2004, Johannes Ueberberg, SRC GmbH, 13.15 c.t., "Sichere Zahlungsverkehrsmodelle im Internet" 02.02.2004, Klaus Milczewsky, T-Online International AG, 13.15 c.t., TBA 09.02.2004, Roger Oyon, Uni. Essen, 13.15 c.t., "Fast Arithmetic on Jacobians of Picard Curves" ======================================================================== M.Tech. Sandeep Kumar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de From hgi-news at lists.ruhr-uni-bochum.de Fri Jan 9 10:27:14 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Fri, 9 Jan 2004 10:27:14 +0100 Subject: [HGI-News] WG: Open security research position at ABB Corporate Research Message-ID: Hier ein Stellenangebot aus der Industrie im Bereich IT-Security. Gruß, Christof Paar ============================================ Prof. Christof Paar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de -----Ursprüngliche Nachricht----- Von: martin.naedele at ch.abb.com [mailto:martin.naedele at ch.abb.com] Gesendet: Freitag, 9. Januar 2004 10:17 An: cpaar at crypto.rub.de Betreff: Open security research position at ABB Corporate Research Sehr geehrter Herr Prof. Paar, ich würde mich freuen, wenn Sie die beiliegende Auschreibung für eine Stelle im Bereich IT-Sicherheit am ABB Forschungszentrum in Baden/Schweiz an mögliche Interessenten in Ihrem Haus weiterleiten könnten. (See attached file: SecurityResearcherABB.pdf) Für Rückfragen stehe ich gerne zur Verfügung. Vielen Dank! Mit freundlichen Grüssen Martin Naedele ---------------------------------------------------------- Dr. Martin Naedele Industrial Software Systems ABB Schweiz AG, Corporate Research CH-5405 Baden-Daettwil Switzerland martin.naedele at ch.abb.com Tel +41 (0) 58 586 8339 Fax +41 (0) 58 586 7365 ---------------------------------------------------------- -------------- nächster Teil -------------- Ein Dateianhang mit Binärdaten wurde abgetrennt... Dateiname : SecurityResearcherABB.pdf Dateityp : application/pdf Dateigröße : 82517 bytes Beschreibung: nicht verfügbar URL : From hgi-news at lists.ruhr-uni-bochum.de Fri Jan 9 18:53:41 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Fri, 9 Jan 2004 18:53:41 +0100 Subject: [HGI-News] WG: faculty position open in cryptology and security of information systems Message-ID: Hier ist noch eine Ausschreibung fur eine Position im IT-Security Bereich, diesmal im akademischen Sektor. Gru?, Christof Paar ============================================ Prof. Christof Paar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de -----Ursprungliche Nachricht----- Von: Jean-Claude Asselborn [mailto:jcl at crpgl.lu] Gesendet: Freitag, 9. Januar 2004 19:29 An: cpaar at crypto.ruhr-uni-bochum.de Betreff: faculty position open in cryptology and security of information systems Dear Colleague, May I attract your attention to the opening at the newly founded University of Luxembourg of a faculty position (assistant-professor) in computing science oriented towards cryptology and security of information systems. More details are available on the following web page: http://www.cu.lu/def/recruteDEF.html I would appreciate if the case given you could forward this information to potentially interested colleagues. Best Regards, Season's Greetings, Prof. Jean-Claude Asselborn -------------- nächster Teil -------------- Ein Dateianhang mit Binärdaten wurde abgetrennt... Dateiname : FDEF-GI-Crypto-04.pdf Dateityp : application/octet-stream Dateigröße : 70410 bytes Beschreibung: nicht verfügbar URL : -------------- nächster Teil -------------- Ein eingebundener Text mit undefiniertem Zeichensatz wurde abgetrennt. Name: ATT00008.txt URL: From hgi-news at lists.ruhr-uni-bochum.de Mon Jan 12 17:08:19 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Mon, 12 Jan 2004 17:08:19 +0100 Subject: [HGI-News] =?iso-8859-1?q?Das_Institut_f=FCr_Sicherheit_im_E-Bus?= =?iso-8859-1?q?iness_=28ISEB=29_informiert?= Message-ID: <000901c3d926$4b60b700$d5139386@hgi3> Sehr geehrte Damen und Herren, zum Abschluss des letzten Jahres möchten wir Sie gerne über ausgewählte Aktivitäten des ISEB informieren. Mit freundlichen Grüßen, im Auftrag Benedikt Gierlichs ------------------------------------------- Horst Görtz Institut für Sicherheit in der Informationstechnik an der Ruhr-Universität Bochum Gebäude NA Ebene 5 Raum 71 Telefon: 0234 - 32 23263 Fax: 0234 - 32 14430 gierlichs at hgi.ruhr-uni-bochum.de http://www.hgi.ruhr-uni-bochum.de ------------------------------------------- -------------- nächster Teil -------------- Ein Dateianhang mit Binärdaten wurde abgetrennt... Dateiname : ISEB_Info_221203.pdf Dateityp : application/pdf Dateigröße : 117595 bytes Beschreibung: nicht verfügbar URL : From hgi-news at lists.ruhr-uni-bochum.de Tue Jan 13 09:39:34 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Tue, 13 Jan 2004 09:39:34 +0100 Subject: [HGI-News] WG: Jobs.ac.uk Mathematics (fwd) Message-ID: Hier 2 Unistellen im Bereich IT Sicherheit in den Niederlanden. Gru?, Christof Paar ============================================ Prof. Christof Paar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de PostDoc Vacancy Design and Verification of Cryptographic Protocols Distributed and Embedded Systems Research Group University of Twente http://jobs.ac.uk/jobfiles/PJ087.html Date of entry: 12/01/04 PostDoc Vacancy: Security Policy Distributed and Embedded Systems Research Group University of Twente http://jobs.ac.uk/jobfiles/PJ088.html Date of entry: 12/01/04 From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 15 10:12:08 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 15 Jan 2004 10:12:08 +0100 Subject: [HGI-News] HGI-Seminar am Montag, 19.01.2004, 13:00 ct Message-ID: <000001c3db47$a6cb7b20$a5289386@crypto.ruhrunibochum.de> ======================================================================== Stefan Lucks Universität Mannheim "Practice and Theory of Related-Key Attacks" Montag, 19.01.2004, 13:00 c.t, IC 4/39 Abstract The "classical" attack scenarios for block ciphers allow the adversary to choose plaintexts and ask for ciphertexts, or additionally to choose ciphertexts and request plaintexts. "Related-key" attacks give the adversary the additional power to manipulate the secret key. Two practical reasons to study related-key attacks are: 1. Related key attacks have been found useful to evaluate the security of block ciphers (e.g. in the context of the AES-process). 2. Some cryptographic protocols actually allow the adversary to mount a related-key attack against an underlying block cipher. Thus, the security of the protocol can depend on the block cipher's related-key security. The talk gives examples for related-key attacks against block ciphers and protocols. Also, it presents new theoretical constructions for ciphers provably secure against related-key attacks. ======================================================================== EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per Email erhalten wollen, können Sie hier http://www.hgi.ruhr-uni-bochum.de/newsletter/ unseren Newsletter abonnieren. ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden: http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html VORTRÄGE IM WS 2003/04: (Abstracts sind hier: www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html) 10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC 4/39 Cryptanalysis of Several of the UCLA Watermarking Schemes for Intellectual Property Protection of Digital Circuits/Designs 01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39 Eingebettete IT-Sicherheit im Automobil 08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39, "Secure Object Identification - Or: How To Solve The Chess-Grandmaster-Problem" 15.12.2003, Philippe Rivard, COSY Group -RUB, 13.00 c.t. IC 4/39, "Light-weight embedded SSL" 12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.0 c.t. IC 4/39, "Embedded End-to-End Wireless Security with ECDH Key Exchange" 19.01.2004, Stefan Lucks, Uni. Mannheim, 13.00 c.t., "Practice and Theory of Related-Key Attacks" 26.01.2004, Johannes Ueberberg, SRC GmbH, 13.00 c.t., "Sichere Zahlungsverkehrsmodelle im Internet" 02.02.2004, Klaus Milczewsky, T-Online International AG, 13.00 c.t., TBA 09.02.2004, Roger Oyon, Uni. Essen, 13.00 c.t., "Fast Arithmetic on Jacobians of Picard Curves" ======================================================================== M.Tech. Sandeep Kumar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 22 08:54:12 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 22 Jan 2004 08:54:12 +0100 Subject: [HGI-News] HGI-Seminar am Montag, 26.01.2004, 13:00 ct Message-ID: <000b01c3e0bc$ed35b7e0$a5289386@crypto.ruhrunibochum.de> ======================================================================== Johannes Ueberberg SRC GmbH "Sichere Zahlungsverkehrsmodelle im Internet" Montag, 26.01.2004, 13:00 c.t, IC 4/39 Abstract Kartengestützte elektronische Bezahlverfahren gibt es derzeit fast ausschließlich an einem Terminal (Kartenleser), das sich physisch beim Händler befindet. Diese Systeme (insbesondere Kreditkarte, Debitkarte und GeldKarte) werden derzeit weiterentwickelt, um sie auch für Internet-Zahlungen nutzbar zu machen. In dem Vortrag wird ein Überblick über den Stand der Entwicklungen gegeben. ======================================================================== EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per Email erhalten wollen, können Sie hier http://www.hgi.ruhr-uni-bochum.de/newsletter/ unseren Newsletter abonnieren. ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden: http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html VORTRÄGE IM WS 2003/04: (Abstracts sind hier: www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html) 10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC 4/39 Cryptanalysis of Several of the UCLA Watermarking Schemes for Intellectual Property Protection of Digital Circuits/Designs 01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39 Eingebettete IT-Sicherheit im Automobil 08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39, "Secure Object Identification - Or: How To Solve The Chess-Grandmaster-Problem" 15.12.2003, Philippe Rivard, COSY Group -RUB, 13.15 c.t. IC 4/39, "Light-weight embedded SSL" 12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.15 c.t. IC 4/39, "Embedded End-to-End Wireless Security with ECDH Key Exchange" 19.01.2004, Stefan Lucks, Uni. Mannheim, 13.15 c.t., "Theorie und Praxis der Related-Key Angriffe" 26.01.2004, Johannes Ueberberg, SRC GmbH, 13.15 c.t., "Sichere Zahlungsverkehrsmodelle im Internet" 02.02.2004, Klaus Milczewsky, T-Online International AG, 13.15 c.t., TBA 09.02.2004, Roger Oyon, Uni. Essen, 13.15 c.t., "Fast Arithmetic on Jacobians of Picard Curves" ======================================================================== M.Tech. Sandeep Kumar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 22 21:06:54 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 22 Jan 2004 21:06:54 +0100 Subject: [HGI-News] WG: Aktuelle SAP Sicherheitsschulungen GITS AG Message-ID: Sorry für die Werbung auf dem HGI-Verteiler, aber vielleicht sind diese Schulungen ja von Interess. Gruss, Christof Paar -----Ursprüngliche Nachricht----- Von: Annette Montag [mailto:montag at gits-ag.de] Gesendet: Donnerstag, 22. Januar 2004 13:24 An: cpaar at crypto.ruhr-uni-bochum.de Betreff: Aktuelle SAP Sicherheitsschulungen GITS AG Sehr geehrte SAP-Anwender, die Zahl der SAP-Systeme, die in große IT-Landschaften und Netzwerke eingebettet sind nimmt ständig zu. Somit auch die Anforderungen an alle Mitarbeiter, die für reibungslose Arbeitsabläufe oder Weiterentwicklung im SAP Umfeld verantwortlich sind. Gemeinsam mit unserem Kooperationspartner SecurIntegration bieten wir Ihnen in Köln/Walldorf fünf interessante Schulungen zum Thema SAP-Sicherheit an: - „SAP Security Basics“, 09.02. – 13.02.2004 - „SAP Enterprise Portal 6.0”, 01.03. – 05.03.2004 - “SSO in SAP-Netzen”, 14.04. – 15.04.2004 - “Securing Windows for SAP systems”, 27.04. – 29.04.2004 - “Netzwerkgrundlagen für SAP-Landschaften“, 18.05. – 19.05.2004 Bitte informieren Sie sich ausführlich über Inhalte und Preise auf unserer Web-Seite www.gits-ag.de oder rufen Sie uns an! Wir würden uns freuen, Sie bei einer Schulung persönlich begrüßen zu dürfen. Für Rückfragen stehen wir Ihnen selbstverständlich gerne zur Verfügung. Mit freundlichen Grüßen Birgitte Baardseth GITS AG Gesellschaft für IT Sicherheit Lise-Meitner-Allee 4 D-44801 Bochum Birgitte Baardseth Marketingleiterin Telefon:  +49 (234) 438702-02 Telefax:  +49 (234) 438702-22 E-Mail: baardseth at gits-ag.de www.gits-ag.de From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 22 21:46:16 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 22 Jan 2004 21:46:16 +0100 Subject: [HGI-News] Hardware Security position at Microsoft.. Message-ID: Sorry for the many job postings recently. Here is another for a very interesting security position in the US. If anybody is interested, please contact Rob McIntosh directly (email is in the cc). Gruss, Christof Paar -----Ursprüngliche Nachricht----- Von: Rob McIntosh [mailto:rmcint at microsoft.com] Gesendet: Mittwoch, 21. Januar 2004 17:19 An: Christof Paar Betreff: RE: Need your help re Hardware Security @ Microsoft.. Program Manager(NGSCB - Hardware Security) Come work on exciting new initiatives at Microsoft! The security compliance program manager builds a framework to promote good 3rd party implementations of our security technology. Specifically, you will be defining technical requirements for hardware partners who are helping to build the Next Generation Secure Computing Base (NGSCB, http://www.microsoft.com/ngscb). NGSCB is new security technology for the Microsoft Windows platform that uses a unique hardware and software design to provide strong security and privacy protections in an interconnected world. Your program will define security compliance requirements for new hardware components that will support the NGSCB architecture. The components include chips, motherboards, I/O devices and graphics processors. How do you help our partners? You have the following responsibilities: Work with the technical team to develop threat models for NGSCB implementations, identify and specify mitigating behaviors for these threats, and incorporate these in technical specifications; ensure that other product documentation, tools and communications reflect the security compliance program/requirements; build an overall framework for expressing and evaluating these threats and mitigations, working with stakeholders to define and set quality bar(s) that IHV partners could meet prior to receiving enabling technology; determine how partners would “prove” meeting the quality bars; help drive the test function’s development of supporting test tools; promulgate information inside and outside the company; represent the compliance program and its requirements to internal and external stakeholders, incorporating feedback in program design and promoting adoption of our framework (this could include representing the company in a working group of a standards body and working with OEMs developing NGSCB hardware); work with internal stakeholders to define and roll out the overall compliance program for NGSCB, helping set strategy and policy in this area; own the technical vision for NGSCB security compliance. We’re looking for an experienced technical Progam Manager with at least an undergraduate degree in computer science and a minimum of three years working on the Windows client platform and PC architecture, including involvement shipping hardware product. In addition to having a strong technical background, this person must be a self-starter, a strong written and oral communicator, and able to work effectively across organizations. You will be required to travel ~20% of the time (mostly domestic). Familiarity with common computer security attacks/concepts would also be highly beneficial but is not required. Bottom Line: a.. Advanced degree in electrical engineering (preferred) or computer science. b.. Exp working as a Architect focused on hardware development, including chips, motherboards, peripheral devices (e.g. input/output devices like mice, keyboards) and graphics (processor, renderer) and has deep understanding of how these components interact with operating system. c.. Must have exp focusing on PC client architecture; familiarity with Windows OS a benefit (Security at the OS/Hardware level) d.. Participation in standards body would be benficial. e.. Candidate has to be willing to be very hands on in development of technical security requirements, capturing those in documentation (Architecture & requirements) f.. Experience working with external stakeholders (OEMs/ODMs and hardware partners) on compliance programs will be a distinct advantage. g.. Experience working with product groups and product management/marketing. h.. Exp working in a senior role where impacting/infulencing decision makers/groups without direct authority is a must ============================================ Prof. Christof Paar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de -------------- nächster Teil -------------- Ein Dateianhang mit HTML-Daten wurde abgetrennt... URL: From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 22 21:15:12 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 22 Jan 2004 21:15:12 +0100 Subject: [HGI-News] CHES 2004 - 2nd CFP Message-ID: Dear Friends of CHES, a few updates: - Please find the 2nd CFP bleow. - Please note that the submission deadline is March 2nd. - You can order a CD with the full proceedings of all 5 CHES conferences (1999-2003) from the CHES website, see the URL below. Regards, Christof ========================================================================= Conference on Cryptographic Hardware and Embedded Systems 2004 (CHES 2004) www.chesworkshop.org Cambridge (Boston), USA August 11-13, 2004 Second Call for Papers The 6th CHES Conference will be held in Cambridge, Massachusetts (next to Boston.) Following the tradition of previous CHES conferences, it will take place on the Wednesday-Friday immediately preceeding CRYPTO 2004, which starts on Sunday, August 15. The full Call for Papers is available on the CHES webpage at: www.chesworkshop.org ============================================ Prof. Christof Paar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de From hgi-news at lists.ruhr-uni-bochum.de Mon Jan 26 16:12:29 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Mon, 26 Jan 2004 16:12:29 +0100 Subject: [HGI-News] =?iso-8859-1?q?Vortragsank=FCndigung_29=2E1=2E04?= Message-ID: <000001c3e41e$d0c26b20$d5139386@hgi3> ---------------------- Ankündigung ---------------------- Frau Dr. Siguna Müller (University Calgary, Canada) wird am Donnerstag, den 29. Januar 2004, zwischen 14 und 15 Uhr in Raum NA 02/257 vortragen. Titel sowie Abstract werden schnellstmöglich bekannt gegeben. ---------------------- Ankündigung ---------------------- From hgi-news at lists.ruhr-uni-bochum.de Tue Jan 27 11:57:23 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Tue, 27 Jan 2004 11:57:23 +0100 Subject: [HGI-News] =?iso-8859-1?q?Vortragsank=FCndigung_29=2E1=2E04_-_Ps?= =?iso-8859-1?q?eudopowers_and_Cryptography?= Message-ID: <001501c3e4c4$58244200$d5139386@hgi3> --------------------------- Ankündigung --------------------------- Frau Dr. Siguna Müller (University Calgary, Canada) wird am Donnerstag, den 29. Januar 2004, zwischen 14 und 15 Uhr in Raum NA 02/257 vortragen. ************************************************************************ *** Pseudopowers and Cryptography The recent ideas of Agrawal, Kayal, and Saxena have produced a milestone in the area of deterministic primality testing. Unfortunately, their method, as well as their successors are mainly of theoretical interest, as they are much too slow for practical applications. Via a totally different approach, Williams et al. Have developed a test which is conjectured to prove the primality of $N$ in time only $(\lg N)^{3+o(1)}$. Their (plausible) conjecture concerns the distribution of pseudosquares. These are numbers which locally behave like a perfect square but are nevertheless not a perfect square. While not completely explored yet, this new theory involving the pseudosquares allow a number of interesting applications in cryptography. Altough squares are much easier to deal with, this naturally gives rise to the question if the pseudosquares can be replaced by more general types of numbers. We have succeeded in extending the theory to the cubic case. To capture pseudocubes we rely on interesting properties of elements in the ring of Eisenstein integers and suitable applications of cubic residuacity. Surprisingly, the test itself is very simple as it can be formulated in the integers only. Moreover, the new theory suggests to lead to an even more powerful primality testing algorithm than the one based on the pseudosquares. Joint work with H.C. Williams (Calgary, CA), and P. Berrizbeitia (Caracas, VE) ************************************************************************ *** From hgi-news at lists.ruhr-uni-bochum.de Thu Jan 29 16:10:14 2004 From: hgi-news at lists.ruhr-uni-bochum.de (hgi-news at lists.ruhr-uni-bochum.de) Date: Thu, 29 Jan 2004 16:10:14 +0100 Subject: [HGI-News] HGI-Seminar am Montag, 02.02.2004, 13:00 ct Message-ID: <001101c3e679$ffb96fc0$a5289386@crypto.ruhrunibochum.de> ======================================================================== Thomas Groß IBM Research Lab Zurich "Emerging protocols in Federated Identity Management" Montag, 02.02.2004, 13:00 c.t, IC 4/39 Abstract Many influential industrial players are currently pursuing the development of new protocols for federated identity management. The Security Assertion Markup Language (SAML), Liberty, and WS Federation are the most important examples of this new protocol class and will be widely used in business-to-business scenarios to reduce user-management costs. All of them utilize constraint-based specifications and techniques of modular design, but do not include general security analyses. We analyze the security of the SAML Single Sign-on Browser/Artifact profile, which is the most important protocol of this class and already included in all major access control products. We demonstrate flaws of SAML Single Sign-on by mounting exemplary attacks on the protocol. Given this result, we also deduce the need for a methodology of Research to model, analyze and prove the security of this new protocol class. ======================================================================== EMAIL-VERTEILER: Wenn Sie Vortragsankündigungen auch in Zukunft per Email erhalten wollen, können Sie hier http://www.hgi.ruhr-uni-bochum.de/newsletter/ unseren Newsletter abonnieren. ANFAHRT: Eine Wegbeschreibung zum IC Gebäude der RUB ist hier zu finden: http://www.crypto.ruhr-uni-bochum.de/Kontakt/Kontakt.html VORTRÄGE IM WS 2003/04: (Abstracts sind hier: www.crypto.ruhr-uni-bochum.de/Seminare/Krypt/Kryptowise0304.html) 10.11.2003 Yvo Desmedt, Florida State University, USA, 13.00 c.t. IC 4/39 Cryptanalysis of Several of the UCLA Watermarking Schemes for Intellectual Property Protection of Digital Circuits/Designs 01.12.2003 Christof Paar, COSY Group - RUB, 13.00 c.t. IC 4/39 Eingebettete IT-Sicherheit im Automobil 08.12.2003, Ammar Alkassar, Uni Saarland, 13.00 c.t. IC 4/39, "Secure Object Identification - Or: How To Solve The Chess-Grandmaster-Problem" 15.12.2003, Philippe Rivard, COSY Group -RUB, 13.15 c.t. IC 4/39, "Light-weight embedded SSL" 12.01.2004, Sandeep Kumar, COSY Group -RUB, 13.15 c.t. IC 4/39, "Embedded End-to-End Wireless Security with ECDH Key Exchange" 19.01.2004, Stefan Lucks, Uni. Mannheim, 13.15 c.t.,IC 4/39 "Theorie und Praxis der Related-Key Angriffe" 26.01.2004, Johannes Ueberberg, SRC GmbH, 13.15 c.t.,IC 4/39 "Sichere Zahlungsverkehrsmodelle im Internet" 02.02.2004, Thomas Groß, IBM Research Lab Zurich, 13:15hrs. IC4/39 "Emerging protocols in Federated Identity Management" 09.02.2004, Roger Oyono, Uni. Essen, 13.15 c.t., "Fast Arithmetic on Jacobians of Picard Curves" 16.02.2004, Bernhard Loehlein, T-Systems, 13.00 c.t. IC 4/39, "IP Multicast Security" ======================================================================== M.Tech. Sandeep Kumar Chair for Communication Security Dept. of Electr. Eng. & Information Sciences Ruhr-University Bochum 44780 Bochum, Germany URL: www.crypto.rub.de