Winter
2025/26

Electronic Identity

[3313017] SE  (2 SWS)
Mo. 11:00-12:30 RUD26, 1307
Instructor: Dr. Wolf Müller
 


Computer Science Department
Systems Architecture Group

 

 
Abstract: The Internet was built without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception that
will cumulatively erode public trust in the Internet. [Kim Cameron, identityblog]


©xkcd
  
Synopsis:
  • Seminar, Praktische Informatik
  • 2h each week, 2 SWS
  • Students will present a selection of papers that will help you understand which threats exist, judge their significance and learn methods to defend your system against hackers. In addition you will explore the mathematical underpinnings of today's most common security tools and protocols.

Credits:

  In order to obtain credits for this seminar, participants are expected to:

  • Is possible for Bachelor.
  • This seminar can be combined with "VL IT-Sicherheit Grundlagen" "Modul mit Seminar (BSEM)" zur Studienordnung Bachelor Informatik (Mono-Bachelor) [link]
  • Attend regularly (at least 80%).
  • Read each paper before the seminar, to be adequately prepared for discussion.
  • Research an assigned subject; present major findings (30 min presentation; 15 min discussion).
  • Presentations will be evaluated by two members of the audience at the end of each class (Bewertungskriterien-Seminarvortrag.pdf).
  • Presenters summarize their in a term paper (German or English).
    The paper should have 6 .. 10 pages (without counting the references), and should contain, abstract, motivation, related work, presentation of topic, conclusion and references.
  • Presentations may be given in German or English.

Prerequisites:

  • This seminar is suitable for students of all technical science disciplines who have previously completed courses "GdP" and "algorithms and data structures" or equivalent.

Topics (21/20 assigned):

  • ---Post Quantum Cryptography---
  • Motivation und Survey (Grover, Shor, Timeline, Recommendations, Challenge) [pdf][NIST][https] (Alexander)
  • Quantum Cryptography [pdf:Kapitel 4][pdf] (Yuuma)
  • HASH-based Signatures [https][pdf] (Linus)
  • NIST FIPS205 "Stateless Hash-Based Digital Signature Standard" [pdf] (Tom)
  • NIST FIPS204 "Module-Lattice-Based Digital Signature Standard" [pdf] (Nihal)
  • NIST FIPS203 "Module-Lattice-Based Key-Encapsulation Mechanism Standard" [pdf]
  • Signal ML-KEM Braid [https][https] (Yana)
    ---Private or Anonymous Communication: Tools, Building blocks & Limits---   
  • Password Hashing [html][git][pdf] (Robert)
  • One-TIME-Passwords [RFC6238][RFC4226][https] (Arda)
  • TOR the onion router [pdf][Attack: pdf][Datagram: pdf] (Tristan)
  • OTR Off-the-Record Messaging Protocol (version 3) [https]
  • Telegramm [html][html][html][pdf]
  • Signal [https][https][git] (Zowie)
  • Kryptografie mit elliptischen Kurven, ECDSA [pdf] (Hannah)
  • Dragonfly Key Exchange [RFC] (David)
  • VeraCrypt [https][Probleme]
    ---Authentication: Techniques and Tokens---
  • Mozilla Sync 1.5 API (Theory and Praxis) [https][https]
  • WebAuthn / FIDO2 / U2F / [W3C][Video][https][WireShark-dissector][Demo]
    • (Maximilian)
  • Direct Anonymous Attestation (DAA) [pdf]
  • ---German electronic IDs---
  • ePASS [ICAO] (Mark)
  • nPA: PACE, EAC [TR-03110] (Jonas P.)
    ---Network---
  • WLAN WPA-2 KRACK [https][pdf] (Frederik)
  • Bluetooth Pairing / KNOB-Attack [Specification / 4.2 Security, 4.2.2 Pairing] [https] (Julius)
  • TLS 1.3 [blog][RFC] (Vraj)
  • TLS Revocation Mechanismen (CRL, OCSP, OCSP-stapling) in Theorie & Praxis [https]
  • QUIC: A UDP-Based Multiplexed and Secure Transport [RFC9000][RFC9001 TLS] (Nick)
  • OpenVPN [pdf][https][https][https] (Jonas S.)
  • WireGuard [pdf] (Phil)
  • --- (further topics are possible, also own interesting suggestions are welcome) ---

Syllabus:

DatePresentersTopicSlides
13.10.25 dies academicus 
20.10.25 bootstrap / assignment of topics[pdf]
27.10.25(optional)consultation (fine tuning of topics) 
03.11.25allelevator speeches (3 min)
10.11.25Alexander
Yuuma		PQC: Motivation und Survey
Quantum Cryptography		[pdf]
17.11.25Linus
Tom		HASH-based Signatures
NIST FIPS205		[pdf]
24.11.25Robert
Arda		Password Hashing
One-TIME-Passwords		 
01.12.25Vraj
Nick		TLS 1.3
QUIC		 
08.12.25Jonas S.
Phil		OpenVPN
WireGuard		 
15.12.25Nihal
Tristan		NIST FIPS204
TOR the onion router		fällt
aus!
05.01.26Zowie
Yana
Tristan		Signal
Signal ML-KEM Braid
TOR the onion router
[pdf]
12.01.26Frederik
David
Nihal		WLAN WPA-2 KRACK
Dragonfly Key Exchange
NIST FIPS204		 
19.01.26  OmniSecure
26.01.26Jonas P.
Mark
Julius		nPA: PACE
ePASS, EAC
Bluetooth Pairing / KNOB-Attack		 
02.02.26Maximilian
Nick
David		WebAuthn / FIDO2 / U2F
QUIC
Dragonfly Key Exchange		 
09.02.26 reserved 


Recent / Incoming:

  • BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses [pdf]
  • Bluetooth-Lücke: Tastenanschläge in Android, Linux, iOS und macOS einschleusbar [html]
  • Unsiche Implementierung PhotoTAN [https]
  • Tails -The Amnesic Incognito Live System [https]
  • Email 3.0 [http]
  • TOR Hardware:SpOnionPi [Spiegel]
  • Verschlüsselungssoftware TrueCrypt: Ein Zweifel weniger [heise]
  • NFC-Smartphones als sichere Chipkartenleser [http]
  • Browser Fingerprinting [Golem][Diplomarbeit]

Further Readings (Research@SAR & Books):

 Links
Cambridge
Ross Anderson's home page
Bruce Schneier
home page
Safe Personal Computing
NIST
Computer Security Resource Center
NIST
Federal Information Standards (FIPS)
CERT
cert.org
 
Legal disclaimer. .  © 2025 Humboldt-Universität zu Berlin, Computer Science Department, Systems Architecture Group.Contact: sar@informatik.hu-berlin.de .