For the 22nd time, this year's CAST Promotional Award for IT Security was awarded. The award ceremony for the categories "Master's Theses and "Bachelor's Theses" took place on October 10, 2022 in Wiesbaden. In both categories, students from the Paderborn University took first place and thus prevailed against strong competition. The prize for the best Master's thesis was awarded to Simon Nachtigall on the topic "Evaluation of TLS session tickets". The prize for the best bachelor thesis went to Nico Heitmann on the topic "Security Analysis of the Web Conferencing System BigBlueButton".
Prof. Dr. Juraj Somorovsky supervised both theses and is very pleased with the outstanding performance of both students. "Both Nico and Simon conducted thorough security analyses of major systems in their final theses. Nico uncovered over 40 vulnerabilities in BigBlueButton. This system is also used at our university. Simon found critical vulnerabilities in some implementations of the encryption protocol TLS, which is used to protect internet communication. All vulnerabilities were subsequently reported and fixed, thus improving the security of the systems. It is worth mentioning that the vulnerabilities were not discovered by accident, but by very thorough systematic analysis by both students. Since their final theses were also of the highest standard, I nominated both topics," explains Prof. Dr. Somorovsky.
In the run-up to the competition, all submissions were reviewed by experts from CAST registered association (Competence Centre for Applied Security Technology) and evaluated according to their quality. On this basis, a total of 6 authors were nominated for the finalists' workshop, which took place this year as part of the Hesse Cybersecurity Summit. The finalists* were invited to present their results to the jury of representatives from industry and research and to convince them of the innovation of their work. "I am very happy that I could be part of the event. It was exciting to be there and present my work, but it was definitely an unforgettable day," says Nico Heitmann. Simon Nachtigall was also very enthusiastic about the event: "I am very happy about the award for my work. The event was a great experience overall. In particular, the exchange with the other finalists*, who also presented outstanding work, will stay well in my memory."
CAST e.V. offers a wide range of services in the field of security of modern information technologies and is the contact for IT security issues. Its competence network imparts knowledge about IT security technology at all levels of education - from support for the IT security major at TU Darmstadt to in-service training and continuing education. With information events, consulting, workshops and tutorials, CAST supports users in selecting and using security technology that meets their needs. The IT Security Promotion Award is one of these, which primarily honours innovative ideas, interesting results, new perspectives and approaches that address current and relevant IT security topics.
All finalists* have won free participation in the CAST Workshops 2023. In addition, the CAST sponsorship award is coupled with prize money totalling €3,600.