Welcome to KASTEL Security Research Labs
The Competence Center for Applied Security Technology (KASTEL) is a competence center for cyber security initiated by the German Federal Ministry of Education and Research (BMBF).
Following the motto "Comprehensible security in the networked world“, KASTEL addresses the challenges posed by the increasing interconnection of previously isolated systems. Of particular importance are the consequences of digitalization in the area of critical infrastructures, for example in the energy industry, in networked mobility or in industrial production.
KASTEL bundles the competencies in the field of IT security at the research location Karlsruhe. The goal is to develop a comprehensive approach instead of isolated partial solutions. The focus will be on comprehensive security in specific application areas, such as power grids, smart mobility, or intelligent factories.
To ensure this security, new threats must be modeled, security objectives described and new methods developed. This can only be achieved through collaboration between cryptographers, IT security specialists, software engineers, network experts, jurists, economists and social scientists - as is the case here at KASTEL.
KASTEL started in 2011 with a term of four years. After a successful evaluation in 2014, the term was extended by the BMBF, and after another successful scientific evaluation and a strategic assessment by the Helmholtz Association, it was finally decided to permanently fund KASTEL.
The KASTEL Institute of Information Security and Reliability at KIT, part of the KASTEL Security Research Labs, can be found here.
During her visit to Karlsruhe on June 28, 2022, the Consul General of Israel, Carmela Shamir, informed herself about the activities of KIT on the topic of Cyber Security. She was accompanied by the representative of Israel to Baden-Württemberg, Maren Steege, and Mayor Dr Frank Mentrup. KASTEL Fellow Professor Jörn Müller-Quade explained current research activities of the Topic "Engineering Secure Systems" (ESS). Using examples from the energy industry, networked mobility and industrial production, Müller-Quade illustrated the special importance of IT security for the ongoing digitalization in the area of critical infrastructures. The Consul General and her delegation showed great interest in the statements, as the topic is also of great actual relevance in Israel.
The number of participants in Bitcoin's P2P network is difficult to measure. With the help of two students, the DSN research group has developed a method to estimate how many peers are active on the P2P network - regardless of whether those peers are reachable or not. At Financial Cryptography and Data Security 2022, the results of applying this method to data from the DSN research group's long-standing Bitcoin monitoring were published.To the paper
At the IEEE International Conference on Blockchain and Cryptocurrency 2022, Matthias Grundmann, Max Baumstark, and Hannes Hartenstein published a short paper presenting insights into Bitcoin's P2P network. Among other things, the authors show that currently the connection capacity of a large part of the publicly accessible Bitcoin peers is maxed out. In addition, Matthias Grundmann presented a poster showing how security properties of payment channel protocols can be proven with TLA+.To the paper
Watch out! Cybercriminlas want to obtain your private data or access your user accounts. At the Digitaltag 2022, the SECUSO research group will introduce you to tipps and tricks of cybercriminals. With our course on Digital Self Defense, we will show you how to detect fraudsters. The workshop will take place online. There is no registration needed for your participation.More information
With his presentation on "You better act normal! Ubiquitous electronic observation: Threats and
Solution Attempts", Prof. Dr. Strufe will be appearing this year at renowned events such as the Honda Research Colloquium on Security and Privacy in Frankfurt, the Huawei Open S3 Workshop in Darmstadt, and the Heinz Nixdorf Symposium in Paderborn. He will also give a tutorial on behavioral data privacy at ESWEEK '22 in Shanghai on October 9. His presentations will focus on the potential for misuse of user data, ranging from unexpected identification to the disclosure of sensitive characteristics, health conditions, or personal peculiarities, despite constant claims of "anonymization" and "GDPR compliance".
Franz Lehr (TU Dresden), Heike Dietmann, Chiara Krisam and Melanie Volkamer (SECUSO) published an article about the manipulative design of cookie disclaimers in the current issue of “Datenschutz und Datensicherheit” (data protection and data security, DuD). A recent study analyzed the cookie disclaimers of the most visited websites in Germany. The authors could observe that most cookie disclaimers are not privacy friendly. In this article, we comment on the current legal basis and provide and discuss recommendations for the future of cookie disclaimers.Read the article
The humanoid robot STAR of the SECUSO research group welcomes guests to the Today I Learned (TIL) Festival which will take place 18-21th of May in the Triangle at the Kronenplatz, Karlsruhe. Guests can speak to STAR to learn about phishing messages and spotting dangerous links in fraudulent messages. STAR presents his skills on our Teams’ webpage. STAR is looking forward to the exchange!Visit STAR