Attacks on computer systems: TU Graz publishes Æpic Leak and SQUIP

International IT security research teams headed by Daniel Gruss of IAIK have released information on two new forms of cyberattack that exploit hardware.
Reliable, bug-free computer hardware provides the foundation for secure software. Now, vulnerabilities on the hardware side are increasingly attracting the attention of hackers and developers alike, not least following the discovery of the Meltdown and Spectre side-channel attacks by TU Graz researchers in 2018. Since then, researchers – including from TU Graz – have uncovered a series of new openings for cyberattacks that capitalise on weaknesses in PC hardware. A team headed by Daniel Gruss has now published details of two further vulnerabilities: Æpic Leak and SQUIP.

Read the whole article by following the link on the right.

Summer School: Graz Security Week

Once again, IAIK will hold the Graz Security Week. The summer school targets graduate students interested in security and correctness aspects of computing devices. 

Click here to check out the programme, speakers, and all the details!

We are looking forward to seeing you there!

Quantum Computers: Cryptographic Algorithm Bearing the Handwriting of TU Graz Becomes Standard

Extremely powerful computers of the future require alternative encryption and signature methods. In a six-year process, the US authority NIST has now elevated four post-quantum algorithms to standard status – one of these algorithms, the signature algorithm SPHINCS+, was developed by the SPHINCS+-team including Christian Rechberger of IAIK. To read the full article, please click on the link on the right.

Best master’s thesis award for IAIK student Aikata

We are proud to announce that IAIK PhD-student Aikata has received the 1st prize in the category “best master’s thesis” for her work “Efficient Polynomial Arithmetic Architecture for Saber and Dilithium”. Aikata was awarded the prize from the TU Graz Forum Technology and Society 2022, which honours PhD- and master theses which have particular relevance to society.
You can read more about the prize here (in German).

Congratulations and keep up the good work!

The dream of an internet without passwords

Large IT groups are working on making passwords obsolete. The technology for this already exists and is now to be brought into the cloud. Kleine Zeitung Kärnten spoke about the subject with IAIK senior scientist Arne Tauber.

You can read the full article (in german) by clicking on the link on the right.

Daniel Gruß promoted to Associate Professor

We are delighted to announce that Daniel Gruß has successfully completed his tenure track and has now been promoted to be an associate professor as of 1st of June 2022. Daniel has been part of our institute since 2010 and become a popular lecturer and also a reknown researcher within his field. Along with his own and other research teams, he is responsible for the discoveries and defences against serious security bugs such as Meltdown and Spectre, ZombieLoad, or Load Value Injection.

Thank you for your committment, and most of all: Congratulations!

Whom to trust? Stefan Mangard on Cybersecurity

“Cybersecurity is the basic prerequisite for the for the functioning of a networked society. The basis of cybersecurity is  confidentiality, availability, and integrity. How can I be sure that the data I get displayed is really trustworthy?”

Read the whole interview of The Red Bulletin Innovator Steiermark with Stefan Mangard by clicking on the link on the right (page 47).

“Everyone has a right to privacy” – Interview with Maria Eichlseder

Maria Eichlseder is conducting research at the highest international level on new mathematical methods that will make the world a safer place to communicate.
Find the full interview on page 40 of the “Spirit of Styria” magazine – link on the right (German only).

How to prove digital security

By now, we entrust almost our entire lives to the digital world. Be it on the mobile phone, on the computer, on the net. No wonder that security is playing an increasingly important role. IAIK has always been concerned with these issues.

Stefan Mangard and Roderick Bloem spoke about provable security with Kleine Zeitung – read the whole article by clicking on the link on the right.

Russia’s access to international online networks on hold

Within days, the largest social networks in Russia lost their raison d’être, and the digital regulars’ tables emptied out. On the one hand, at the behest of the tech companies themselves, on the other, Russian authorities are visibly tightening digital censorship in the country. Russia is not only targeting popular services and digital news sites, it is also increasingly concerned with infrastructure.
“Technical access can be perfectly isolated. It’s not technically difficult to seal off information,” says Reinhard Posch of IAIK, and Chief Information Officer of the government. In Austria, ministries also have their own networks that are not accessible from the outside for security reasons. However, it should be borne in mind that, as a result of a cut-off, only their own services can be offered.
In Russia, this could be particularly serious. After all, civil society there has long since become accustomed to “Western” online services. Posch: “People will quickly become frustrated if established services no longer work.” And, last but not least, the networked Tesla car can no longer be unlocked and locked.

(Reinhard Posch talked with Kleine Zeitung, published on 12th March, 2022)