Alexandra Dirksen

Alexandra Dirksen is a PhD Candidate since May 2018 and is currently working in the field of Web PKI, Protocol Security and Large Scale Adversaries.
She is further interested in Applied Cryptography and Distributed Systems.

Room IZ 209A

a.dirksen[at]tu-bs.de

@z4lem

+49 531/391-2270

STUDENT PROJECTS

If you're interested in one of my project calls or any of my other fields of interest, feel free to contact me.
You can find my Lego specific project calls on the LegoLab's website.

In order to build web application with client-side encryption from the ground up we proposed a new methodology that uses enhanced web browser capabilities (CryptoMembranes).
Within the scope of this project, one of the following two topics can be worked on as a Bachelor's Thesis:

Prototyping Browser Extension

To substantiate the underlying idea of CryptoMembranes, it needs to be prototyped as a browser extension in order to demonstrate its practicability with legacy browsers.
This project requires JavaScript programming experience.

Certificate Transparency (CT) aims to remedy certificate-based threats on the web, by making the issuance and existence of SSL certificates open to scrutiny by domain owners/users and CAs.
However, even by utilizing CT the certificate issuance process still suffers from several security and privacy issues. We are working on a protocol extension for CT, to mitigate most of those issues.

The goal of this project is the development and evaluation of a new software for CT logs, according to our new protocol's flow and security goals.
The estimated steps in this project are:

Analysis of the CT ecosystem it's state of the art log software and the new protocol's flow
Developing and extending a log software, which integrates the new flow and respects the security goals
Performing and evaluating experiments, executed on a HPC cluster

This topic is suitable as a Master's project, which is ideally followed by a Master's Thesis (or, depending on the student's skills, only one of both).
In addition it requires experience with a performant programming language.

Websites that allow user log-in or external file access integrate specially developed protocols for this purpose. Well-known examples are the OpenID Connect and oAuth 2.0 protocols.
Due to their complexity and the number of different end points, such protocols are often susceptible to security issues on different levels (code based/ protocol flow/ misconfiguration).

The aim of the project is to build up a test suite (AuthLab) which can simulate such protocol flows. (E.g. during the module Praktikum IT Security 2)
This suite can then be used in the context of research and teaching to conduct experiments with known security issues or to investigate potential new weaknesses.

This topic offers a wide range of possibilities for a final thesis that builds on this project.

PUBLICATIONS

LogPicker: Strengthening Certificate Transparency Against Covert Adversaries.
Alexandra Dirksen, David Klein, Robert Michael, Tilman Stehr, Konrad Rieck and Martin Johns.
Proceedings on Privacy Enhancing Technologies (PETS'21)

Towards Enabling Secure Web-based Cloud Services using Client-side Encryption
Martin Johns, Alexandra Dirksen
Proceedings of ACM Workshop on Cloud Computing Security (CCSW’20) [BIB]

TALKS

LogPicker: Strengthening Certificate Transparency against Covert Adversaries
- PETS'21, Gather.town (virtual)

Towards enabling Secure Web-Based Cloud Services using Client-Side Encryption
- CCSW'21, Gather.town (virtual) [Slides]

A Blockchain Picture Book [Video]
- 35C3, 29.12.2018, Leipzig, Germany
- DMZ Europe, 08.11.2018, Stuttgart, Germany

SUPERVISED THESES

Master's Thesis by Tilman Stehr

Certificate Transparency (CT) is an extension to the web’s PKI that allows insight into the issuance of
TLS certificates by introducing public append-only logs, in which all certificates must be included.
Currently, CT can be circumvented by an attacker controlling a CA and several CT logs. We present
an attacker model for this attacker and derive security goals from it. Additionally, we derive design
goals from a review of related work.
We introduce LogPicker, which improves CT’s security by involving multiple logs in the logging of a
certificate. The logs use a distributed randomness protocol to unpredictably chose the log that is to
include the certificate. They generate proof of LogPicker’s execution with an aggregate signature
scheme.
An analysis LogPicker and related protocols to determine the probability of correctness depending
on the number of logs and the trust in each log is presented. The analysis shows that LogPicker can
significantly improve trust in the web’s PKI. Tests with a prototype implementation indicate that
LogPicker has reasonable performance, scalability, and failure tolerance.
We conclude that LogPicker constitutes a useful addition to CT that can be realistically implemented.
Further research into LogPicker is recommended, we suggest formal verification of the protocol
and expansion of the prototype implementation.

TEACHING ASSISTANT

Year	Semester	Name
2021	WS	Anwendungssicherheit (Seminar)
		TEAM: MTG Scanner, Lego@Space²
2020	SS	Anwendungssicherheit (Seminar)
		SEP: IAS_CONTENT0
2019	WS	Anwendungssicherheit (Seminar)
		Projektarbeit: Lego@Space
2018	WS	Anwendungssicherheit (Seminar)

FURTHER RESPONSIBILITY

Furthermore I am in charge of the LegoLab.

Alexandra Dirksen

STUDENT PROJECTS

Prototyping Browser Extension

PUBLICATIONS

TALKS

SUPERVISED THESES

Master's Thesis by Tilman Stehr

TEACHING ASSISTANT

FURTHER RESPONSIBILITY

Für alle

Für Studierende

Interne Tools

Kontakt