Completed Research Projects

Below, we give an overview over a selection of completed projects funded by third parties. Please refer to this page for summaries of ongoing projects.

Secure Updates for Smartcards in the Field

Smartcards are ubiquitous and critical to many processes in a society such as electronic payments and international travel. At the same time, the smartcard field is hard to enter for academics. Development occurs primarily within a closed group of industrial laboratories and is guarded by non-disclosure agreements. Due to certification requirements, smartcards are hardly even updated once they are deployed. Our goal in this project, funded by Bundesdruckerei GmbH, was to develop a realistic smartcard environment and to develop an update mechanism for smartcards for post-deployment use. Towards this end, we have developed an FPGA-based smartcard system based on a Xilinx Microblaze soft-core processor and FreeRTOS. We started out with SOSSE but have since developed our own smartcard logic, which we call FlexCOS (Flexible Card Operating System). Based on FlexCOS, we designed a safe update mechanism. We also developed a Common Criteria Protection Profile to support the standardization and independent certification of our and similar update mechanisms. The mechanism is described in two conference publications.

  1. Kristian Beilke and Volker Roth.
    A safe update mechanism for smart cards.
    In Proc. 4th Int'l Conference on Principles of Security and Trust (POST), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS), pages 239--258, London, UK, April 2015.
  2. Kristian Beilke and Volker Roth.
    FlexCOS: An open smartcard platform for research and education.
    In Proc. 6th Int'l Conference on Network and System Security, pages 277--290, Wuyishan, Fujian, China, November 2012.
The FlexCOS code is available from GitHub and the Common Criteria Protection Profile Package Draft is also available as a PDF.

Authentication on Multitouch Systems

Multitouch displays are particularly attractive for collaborative work because multiple users can interact with applications simultaneously. However, unfettered access can lead to loss of data confidentiality and integrity. For example, one user can open or alter files of a second user, or impersonate the second user, while the second user is absent or not looking. Towards preventing these attacks, we explore means to associate the touches of a user with the user's identity in a fashion that is cryptographically sound as well as easy to use. Our current solution relies on a ring-like device that transmits a continuous pseudorandom bit sequence in the form of infrared light pulses. The multi-touch display receives and localizes the sequence, and verifies its authenticity. Each sequence is bound to a particular user, and all touches in the direct vicinity of the location of the sequence on the display are associated with that user.

Open C3S

In der IKT-Branche werden in den nächsten Jahren mehr Fachkräfte benötigt als gegenwärtig verfügbar sind. Unter anderem sind Spezialisten gefragt, die Sicherheitskonzepte entwickeln und einführen können. Ziel der Verbundpartner Open C3S ist es daher, im deutschsprachigen Raum eine Generation von Fachkräften auszubilden, die unser Internet schützen kann. Die Verbundpartner fassen dazu verschiedene Wissenschaftsdisziplinen zusammen, die eine ganzheitliche Betrachtung des Themas IT Sicherheit erlauben. Diese wurden in einer kooperativen Verbundstruktur mit hohem Anwendungsbezug und Praxistransfer zu innovativen berufsbegleitenden Programmen aufgearbeitet. Die Freien Universität Berlin beteiligte sich am Teilprojekt zur Entwicklung und Erprobung von Zertifikatsangeboten im IT-Security-Cluster und erstellte hierzu Lehrmodule. Bei den Modulen handelt es sich um Neuentwicklungen und adaptierte Module aus bestehenden Programmen im Verbund. Die folgenden Module wurden entwickelt:

Mehr Informationen gibt es auf den Seiten des BMBF zum Wettbewerb “Aufstieg durch Bildung.”

Papers Projects Theses People Offices AG-SI CS FUB Imprint