Our research focuses on system security, network security, applied cryptography, the analysis of censorship behavior and file format security. We analyze widely used standards and implementations from various fields. We search for new attacks and protection techniques to make communication more secure. Likewise, we mainly focus on the security of web applications, web services, single sign-on (e.g., SAML and OpenID Connect), file formats, IoT devices such as printers, Transport Layer Security (TLS) and other cryptographic standards.

Systematic analysis of widely used standards

With our systematic analyses in the relevant fields, we were able to find attacks that affect known implementations and widely used standards. For example, we found attacks on OpenPGP and S/MIME, TLS (DROWN, ROBOT) and SAML.

Two of our attacks were honored with the Pwnie Award for the best cryptographic attacks: DROWN and ROBOT.

Development of open-source tools for practical analyzes

In addition to the new attacks, we also implement practical tools that help developers and security experts to analyze the security of their implementations. One of the most sophisticated tools is TLS-Attacker. This open-source tool enables the creation of customized TLS flows and the easy development of new TLS attacks. It can also be used to automatically analyze TLS implementations.

Analyzing side-channel attacks

When analyzing new attacks, we consider different attacks and attacker models. One of our specialities is side-channel attacks, e.g. timing attacks. Timing attacks exploit tiny timing differences in the behavior of an application. This tiny difference can have serious consequences and allow an attacker to retrieve confidential information, extract user data or even cryptographic keys. In our research, we have shown how to apply timing side-channel attacks to TLS or XML Encryption.

Using modern techniques for systematic analyzes

Our analysis techniques are not only manual. We also use modern techniques that include machine learning and state learning libraries. This allows us to analyze the internal automata of various cryptographic implementations and uncover new vulnerabilities and attacks. For this purpose, we mainly use the LearnLib library.

Assessing real-world impact through systematic scanning

Large-scale web scanning has proven to be a useful tool for finding a wide variety of vulnerabilities and discovering new attack techniques in web applications and TLS. We have used this technique to assess the impact of known attacks (e.g., padding oracles and nonce-reuse attacks) or our new DROWN and ROBOT attacks. The scans always provide new insights into the attacks and lead to the discovery of vulnerabilities that increase the security of established implementations.

Analysis of censorship behavior

There are many countries around the world that implement some form of censorship. One form of censorship is to limit access to websites. To achieve this, countries deploy specific infrastructure and tools which are capable of analyzing many protocols such as IP, TCP, HTTP, DNS and TLS. Depending on the country and protocol, there are many ways to implement and circumvent censorship. In our research, we analyze the concrete censorship behavior in various countries. We also analyze how existing censorship can be circumvented on different protocols (e.g., TLS record fragmentation).

Analyzing file formats

File formats determine our daily lives, not only those that we use ourselves (such as .docx), but also those that are not directly visible (such as XML). Every time we open a file, the computer has to read (parse) it, errors can occur, or an attacker can exploit vulnerabilities to, for example, break encryption(XML Encryption), execute malware or deceive the user (3MF Analysis).

Such formats are not only processed by “normal” computers, but also by IoT devices such as printers.