A successful Security Week 2023

Once more, our annual summer school Security Week took place earlier in September in the beautiful halls of our Old Campus.
Increasingly popular, it drew more than 90 participants from close and afar. Twelve international speakers shared their expertise, and students had the opportunity to present their theses, take part in labs, and gain ECTS points.
Our outing to a traditional inn in the countryside, and the odd night out were another good opportunity for networking and not to be missed. You can have a look at a few impressions here.

We are looking forward to welcoming you in Graz next year!

Best Paper Award for Florian Draschbacher

We are happy to announce that the paper “A2P2 – An Android Application Patching Pipeline Based On Generic Changesets” by Florian Draschbacher, who is part of the IAIK’s Secure Application group – team A-SIT (Secure Information Technology Center Austria), has won the Best Paper Award at the 18th International Conference on Availability, Reliability and Security (ARES 2023). 

Congratulations!

Check out the paper by clicking on the link on the right!

New security gap: Analysis of CPU energy consumption allows data theft

Main processors (CPUs) of computers are designed to run multiple applications simultaneously. This is beneficial for efficiency, but poses a security risk. Researchers at TU Graz and the Helmholtz Center for Information Security have found a novel method that allows attackers to read data from the memory of CPUs by analyzing the processor’s energy consumption. They call this method of attack “Collide+Power“.

To find out more, click on the link on the right or see Collide+Power

LosFuzzys CTF-Team secured a spot among the top 50 teams worldwide

LosFuzzys CTF-Team has qualified for events such as the CyberSecurityRumble Finals in Bonn and the Internet Festival 2023 CTF in Pisa.
Notable too is the team’s recent victory in the academic bracket of Insomni’hack 2023 in Lausanne.
Congratulations!

Graz Security Week

Once again, IAIK will hold the Graz Security Week. This summer school targets graduate students interested in security and correctness aspects of computing devices. 

Click here to check out the details of the programme and speakers, and to register!

We are looking forward to seeing you there!

Austrian Computer Science Day 2023

The Austrian Computer Science Day (ACSD) is an annual assembly that brings together computer scientists across Austria and beyond to improve visibility of the field and foster collaboration in research and teaching.

This year’s focus is on trusted computing, raising crucial questions: Can we trust artificial intelligence? Can we prove that our implementations are correct? How secure is our data?


Click HERE to register for your free participation!

Ascon is New NIST Standard for Lightweight Crypto

The US National Institute of Science and Technology (NIST) has selected Ascon as new standard for lightweight cryptography.

This concludes the NIST Lightweight Crypto (LWC) project, a 4-year competition with the goal of standardizing a lightweight authenticated encryption algorithm suitable for constrained environments.

Ascon was developed in 2014 at IAIK, TU Graz by Christoph Dobraunig (now at Intel), Maria Eichlseder, Florian Mendel, and Martin Schläffer (both now at Infineon).
The team has since continuously worked on the Ascon family to propose new family members, develop efficient and secure implementations, provide new security proofs and security analysis, and more.
This effort was also supported by several IAIK colleagues over the years, particularly Hannes Groß and Robert Primas, who provided an extensive range of efficient implementations. The Ascon team thanks everybody who has contributed to this success.

The NIST LWC competition started in 2019 with 56 Round-1 candidates, which were narrowed down in multiple rounds to 10 finalists and finally a single winner. We are proud that the finalists included all 3 submissions co-designed by IAIK cryptographers:

  • Ascon, previously selected as primary choice for lightweight cryptography in the CAESAR competition for authenticated encryption, designed by Christoph Dobraunig, Maria Eichlseder, Florian Mendel, and Martin Schläffer
  • ISAP, a design with inherent robustness against certain implementation attacks, designed by Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Bart Mennink, Robert Primas, and Thomas Unterluggauer
  • Elephant, a parallel design by Tim Beyne, Yu Long Chen, Christoph Dobraunig, and Bart Mennink.

 

Media links: NIST announcement · TU Graz · APA · ORF.at · Der Standard · Kleine Zeitung · Hacker News

Daniel Gruss and Martin Schwarzl Interviewed for Red Hat Research Quarterly

Daniel Gruss and Martin Schwarzl of IAIK spoke with Vincent Danen about “Vulnerability research and the future of vulnerability management”. The interview features in the latest issue of Red Hat Research Quarterly magazine (of Nov. 2022).

Read the full interview by clicking on the link on the right!

Award of Excellence for Daniel Kales

Each year, the Federal Ministry of Education, Science and Research presents an award for outstanding dissertations of Austrian universities. The top 40 graduates of doctoral studies of an academic year are honoured with the “Award of Excellence“.
This year, we are happy to congratulate IAIK alumni Daniel Kales, who was one of three TU Graz awardees. He received the prize for his dissertation “Improving Modern Cryptographic Protocols using Domain-Specific Symmetric Primitives”.

Information Security Scholarship 2022 awarded

Congratulations to Carina Fiedler and Ernesto Martínez García, who both received the Information Security Scholarship on 2nd December 2022!
The Cybersecurity Campus Graz is awarding these scholarships, which were sponsored by Stiftung Secure Information and Communication Technologies. Recipients are talented and motivated international students starting their studies at TU Graz. Students qualify if they have a major in information security within the English-language master’s programmes of Computer Science, Information and Computer Engineering, or Software Engineering and Management.

Find out more about the scholarship by clicking on the link on the right!