Secure Infrastructure

Security for future-oriented infrastructures

The research group Secure Infrastructure at Fraunhofer AISEC conducts research on applied cryptography and the impact of artificial intelligence on secure infrastructures. The research focus lies on the Internet of Things, post-quantum security and anonymization networks. Furthermore we are pioneers in the field of post-quantum security for virtual private networks.

We collaborate with companies from the high-security industry and providers or operators of critical infrastructures.

Cybersecurity Learning Lab

The learning lab in Weiden is one of the few research facilities in the field of IT security in the northern Upper Palatinate and offers an extended IT security lab in modern premises directly in the eHouse at the campus of the East Bavarian Technical University Amberg-Weiden (OTH AW). The laboratory is specially designed for the analysis of IT systems in the context of pentests.

Furthermore, dedicated training courses in the field of IT security can be held at the location in the so-called cybersecurity learning lab: Training participants can put the training content into practice using various exercises in the 90 m² training area.

For further information please visit our German website.

Offerings

Our goal is to work closely with our customers and partners to systematically improve the ability to assess the security of systems and products to evaluate system reliability, design systems securely, and sustainably maintain security throughout the lifecycle.

Evaluate security     

  • Evaluation of security concepts and architectures
  • Accompanying Common Criteria evaluations
  • Penetration testing of IT components and networks

Design security

  • Investigation and design of secure network protocols
  • Security protocols for the Internet of Things
  • Post-quantum security in computer networks

Maintain security

  • Intrusion detection and intrusion prevention
  • Live testing of cryptographic methods

Expertise

Security analysis

The department Secure Infrastructure has extensive expertise in the field of security analysis. This applies both practically in the form of penetration tests for corporate networks and software products as well as conceptually in the form of semi-formal analyses. The latter include in particular the creation and verification of security concepts. This can be based on different security standards, which are relevant for security certifications, for example. Extensive expertise in supporting Common Criteria evaluations is also available.

Applied cryptography

In the area of applied cryptography, we have extensive expertise in the secure application of cryptographic methods. In particular, we are able to put novel post-quantum protocols into practice in order to meet relevant regulatory requirements of national security authorities.

 

Selected Projects

 

Competence Center for Post-Quantum Cryptography

Fraunhofer AISEC is pooling its expertise in the future technology of post-quantum cryptography (PQC) via the Competence Center for Post-Quantum Cryptography. Our goal as a neutral and manufacturer-independent center is to support companies and public research institutions in the switch to quantum-resistant cryptographic process

 

Roadmap for Zero Trust in the Bavarian public authority network

On behalf of the Bavarian State Office for Information Security (LSI), Fraunhofer AISEC conducted a study on the implementation of a so-called Zero Trust architecture in the Bavarian government network. 

 

Cryptography Library Botan

In the "Cryptography Library Botan: Durable Security for IT Applications and Services" (KBLS), Fraunhofer AISEC is coordinating the development and implementation of reliable and user-friendly cryptographic methods that cannot be broken even by quantum computers. 

Innovation Center Weiden

The Innovation Center Weiden researches the use of Artificial Intelligence for securing infrastructures.

Publications

  • Tobias J. Bauer, Andreas Aßmuth: »Securing Confidential Data For Distributed Software Development Teams: Encrypted Container File«. In: International Journal On Advances in Security, vol. 17, no. 1 and 2 (2024), pp. 11–28. arXiv: 2407.09142 [cs.CR].
  • Pitpimon Choorod, Tobias J. Bauer, Andreas Aßmuth: »Distinguishing Tor From Other Encrypted Network Traffic Through Character Analysis«. In: Proceedings of the 15th International Conference on Cloud Computing, GRIDs, and Virtualization (Cloud Computing 2024), Venice, Italy (May 2024), pp. 8–12. arXiv: 2405.09412 [cs.CR].
  • Christian Näther, Daniel Herzinger, Stefan-Lukas Gazdag, Jan-Philipp Steghöfer, Simon Daum, Daniel Loebenberger: Migrating Software Systems towards Post-Quantum-Cryptography – A Systematic Literature Review. 2024. arXiv: 2404.12854 [cs.CR].

  • Tobias J. Bauer and Andreas Aßmuth. “Encrypted Container File: Design and Implementation of a Hybrid-Encrypted Multi-Recipient File Structure”. In: Special Track: Finding a Solution to Cloud Application Maturity Security (FASTCAMS), along with Cloud Computing 2023 (June 2023), pp. 1–7.
  • S.-L. Gazdag, S. Grundner-Culemann, T. Heider, D. Herzinger, F. Schärtl, J. Y. Cho, T. Guggemos & D. Loebenberger. “Quantum-resistant MACsec and IPsec for Virtual Private Networks”. In: 8th Security Standardisation Research Conference, SSR 2023, Lyon, France. 13895, 1–21. 2023.
  • Stefan-Lukas Gazdag, Sophia Grundner Culemann, Tobias Heider, Daniel Herzinger, Felix Schärtl, Joo Yeon Cho, Tobias Guggemos, Daniel Loebenberger: »8th Security Standardisation Research Conference, SSR 2023, Lyon, France, April 2023«. In: Security Standardisation Research. Ed. by F. Günther, J. Hesse. Vol. 13895. Lecture Notes in Computer Science. Berlin, Heidelberg, 2023, pp. 1-21.

  • Ahmed Alqattaa, Daniel Loebenberger, and Lukas Moeges. "Analyzing the Latency of QUIC over an IoT Gateway". In: IEEE International Conference on Omnilayer Intelligent Systems, COINS 2022, Barcelona, Spain, August 13, 2022. IEEE, 2022, pp. 1–6. DOI: 10.1109/COINS54846.2022.9854951. URL: https://doi.org/10.1109/COINS54846.2022.9854951.

  • Tilo Fischer, Stefan-Lukas Gazdag, Daniel Loebenberger, and Felix Schärtl. "Mehr Flexibilität bitte! Post-Quanten-Kryptografie und Schutz vor Quantencomputerangriffen". In: iX: Magazin für professionelle Informationstechnik 10/2021 (2021), pp. 122–125.
  • Stefan-Lukas Gazdag, Sophia Grundner-Culeman, Tobias Guggemos, Tobias Heider, and Daniel Loebenberger. "Entangled Secrets: Quantum computers and the quest for quantumresilient encryption". In: Linux Magazin 247 (2021), pp. 16–19.
  • Stefan-Lukas Gazdag, Sophia Grundner-Culeman, Tobias Guggemos, Tobias Heider, and Daniel Loebenberger. "Migration zu quantenresistenter IT". In: Linux Magazin 04/2021 (2021), pp. 16–19.
  • Stefan-Lukas Gazdag, Sophia Grundner-Culemann, Tobias Guggemos, Tobias Heider, and Daniel Loebenberger. "A Formal Analysis of IKEv2’s Post Quantum Extension". In: Annual Computer Security Applications Conference. ACSAC. Virtual Event, USA: Association for Computing Machinery, 2021, pp. 91 –105. ISBN: 9781450385794. DOI: 10.1145/3485832.3485885. URL:https://doi.org/10.1145/3485832.3485885.
  • Tobias Hemmert, Mandred Lochter, Daniel Loebenberger, Marian Margraf, Stephanie Reinhardt, and Georg Sigl. "Quantencomputerresistente Kryptografie: Aktuelle Aktivitäten und Fragestellungen". In: Deutschland. Digital. Sicher. 30 Jahre BSI. SecuMedia Verlag, 2021, pp. 367–381. ISBN: 978-3-922746-83-6.
  • Daniel Herzinger, Stefan-Lukas Gazdag, and Daniel Loebenberger. "Real World Quantum Resistant IPsec". In: 2021 14th International Conference on Security of Information and Networks (SIN). Vol. 1. 2021, pp. 1–8. DOI: 10.1109/SIN54109.2021.9699255.
  • Daniel Loebenberger. "Langzeitsichere Kryptographie: Was Quantencomputer und andere Disruptionen für Verschlüsselung aus Sicht der Forschung bedeuten". In: <kes> – Die Zeitschrift für Informationssicherheit 37.1 (2021), pp. 55–58.

  • Johannes vom Dorp, Joachim von zur Gathen, Daniel Loebenberger, Jan Lür, and Simon Schneider. “Comparative analysis of random generators”. In: Algorithmic Combinatorics – Enumerative Combi-natorics, Special Functions and Computer Algebra. Ed. by Veronika Pillwein and Carsten Schneider. Springer International Publishing, Dec. 2020, pp. 181–196. URL: http://dx.doi.org/10.1007/978-3-030-44559-1_10.
  • Joo Cho, Stefan-Lukas Gazdag, Alexander von Gernler, Helmut Grießer, Sophia Grundner-Culemann, Tobias Guggemos, Tobias Heider, and Daniel Loebenberger. “Towards Quantum-resistant Virtual Private Networks”. In: 31. Krypto-Tag, Berlin, Germany, October 17-18, 2019. Ed. by Marcel Selhorst, Daniel Loebenberger, and Michael Nüsken. Gesellschaft für Informatik e.V. / FG KRYPTO, 2019. DOI:10.18420/cdm-2019-31-22. URL: https://doi.org/10.18420/cdm-2019-31-22.
  • Tilo Fischer, Hendrik Linka, Michael Rademacher, Karl Jonas, and Daniel Loebenberger.  “Analyzingpower consumption of TLS ciphers on an ESP32”. In: 30. Krypto-Tag, Berlin, Germany, March 28-29, 2019. Ed. by Franziskus Kiefer and Daniel Loebenberger. Gesellschaft für Informatik e.V. / FGKRYPTO, 2019. DOI:10.18420/cdm-2019-30-04. URL: https://doi.org/10.18420/cdm-2019-30-04.
  • Stefan-Lukas Gazdag and Daniel Loebenberger. “Post-Quantum Software Updates: A case studyon Code Signing with Hash-based Signatures”. In: INFORMATIK 2019: Konferenzbeiträge der 49.Jahrestagung der Gesellschaft für Informatik. Ed. by Klaus David, Kurt Geihs, Martin Lange, andGerd Stumme. Vol. P-294. Lecture Notes in Informatics. Bonn: Köllen Druck+Verlag GmbH, 2019,pp. 459–472. ISBN: 978-3-88579-688-6. URL: https://dl.gi.de/bitstream/handle/20.500.12116/25014/paper5_01.pdf?isAllowed=y&sequence=1

  • Tilo Fischer. “Testing Cryptographically Secure Pseudo Random Number Generators with Artificial Neural Networks”. In: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). TrustCom ’18. Newark, New Jersey: IEEE, 2018, pp. 1214–1223. DOI: 10.1109/TrustCom/BigDataSE.2018.00168.