German IT security conference
RuhrSec is the non-profit security conference at the Ruhr University Bochum. As one of the organizers of the famous lecture called HackPra, we are hosting a high-quality and low-priced security conference in the heart of Bochum near the river Ruhr. We provide awesome academic and industry talks from smart international speakers, the typical Ruhr University feeling and the highly recommended HackPra social event .
All profits from the conference ticket income will be donated to the local Gänseblümchen NRW e.V. for an assistance to support children with cancer. Please look at the program guide and grab your ticket.
Call for Presentations
In RuhrSec's second edition we have a call for presentations (CFP). We are looking for outstanding IT security topics. Please submit your proposal to the RuhrSec programme committee until the 15th of January 2017. We have an ongoing acceptance process, your chance is higher if you submit as early as possible. Your talk must have a length of 45 minutes including Q&A and it has to be in English.
Each speaker gets a free two-day conference ticket, an invitation to the speakers dinner on Wednesday, and a travel reimbursement up to a limit of EUR 800 (economy).
Easychair RuhrSec 2017 submission form
Training: Tuesday–Wednesday, 02.-03.05.17
Systematically Breaking and Fixing Single Sign-On, Vladislav Mladenov
|08:00 – 09:00||Registration and Biscuits/Coffee|
|09:00 – 13:00||Training|
|13:00 – 14:00||Tuesday/Wednesday: Lunch – Burger & More|
|14:00 – 18:00||Training|
|18:00 – 21:00||Tuesday: Premium RuhrSec Dinner, Wednesday: Speakers Dinner|
Conference: Thursday, 04.05.17
|08:00 – 09:00||Registration and Biscuits/Coffee|
|09:00 – 09:15||Opening, Marcus Niemietz|
|09:15 – 10:00||Keynote: How to Build Hardware Trojans, Prof. Dr. Christof Paar|
|10:00 – 10:30||Coffee Break|
|10:30 – 11:15||TBA|
|11:15 – 12:00||TBA|
|12:00 – 13:30||Lunch|
|13:30 – 14:15||TBA|
|14:15 – 15:00||TBA|
|15:00 – 15:30||Coffee Break|
|15:30 – 16:15||Using microarchitectural design to break KASLR and more, Anders Fogh|
|16:15 – 17:00||The (In)Security of Autmotive Remote Keyless Entry Systems (revisited), Dr. David Oswald|
|17:00 – Open End||Social Event (incl. Dinner)|
Conference: Friday, 05.05.17
|08:45 – 09:15||Biscuits/Coffee|
|09:15 – 10:00||Keynote 2: Applied Crypto, Prof Dr. Kenny Paterson|
|10:00 – 10:30||Coffee Break|
|10:30 – 11:15||Breaking PPTP VPNs via RADIUS Encryption, Prof. Dr. Tibor Jager|
|11:15 – 12:00||TBA|
|12:00 – 13:30||Lunch|
|13:30 – 14:15||TBA|
|14:15 – 15:00||TBA|
|15:00 – 15:30||Coffee Break|
|15:30 – 16:15||TBA|
|16:15 – 17:00||TBA|
|17:00 – 17:15||Closing|
Talks & Trainings
Dr. Mario Heiderich
(Cure53) – Training
Training. Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil
- First Segment
- The very Basics
- HTTP / Encoding
- Character Sets
- CSRF en detail
- Cross Site-Scripting
- DOM Clobbering
- Drag&Drop / Copy&Paste
- Legacy Features
- Second Segment
- HTML5 Attacks & Vectors
- Mutation XSS / mXSS
- Scriptless Attacks
- SOP Bypasses
- Filter Bypasses
- Optimizing your Payload
What to bring? Laptop, ideally a VM with several browsers (MSIE, FF, Chrome)
Prerequisites. Basic knowledge on HTTP, HTML and Scripting, fascination for weird technical behaviors and a love for crazy code
Who Should Attend? Penetration testers, security engineers, security developers, technical people interested in browser and client-side web-security
What to expect? A very technical, very intense, in-depth course starting from the very basics (HTTP, Charsets, Strings) and going up to advanced client-side attacks. Small focus on exploitation but huge focus on how to get there.Execute script where no one ever executes script before.
What not to expect? A trainer with bad hair. The trainer has excellent hair which is in remarkably great shape. Also don't expect the standard XSS attack 101. This course goes beyond the limits and shows attacks known to few if ever.
About the trainer. Dr.-Ing. Mario Heiderich, handsome heart-breaker, bon-vivant and (as he loves to call himself) "security researcher" is from Berlin, likes everything between lesser- and greater-than, leads the small yet exquisite pen-test company called Cure53 and pesters peaceful attendees on various 5th tier conferences with his hastily assembled powerpoint-slides. Mario also did his PhD in Bochum, the most beautiful city of Germany if not the entire world. The Pneumoconiosis he caught during these days will always remind him of those golden times.
(Ruhr University Bochum) – Training
Training. Systematically Breaking and Fixing Single Sign-On
Abstract. Single Sign-On belongs to the group of the most important Internet technologies. However, in recent years, it has been shown that these technologies are target of serious attacks. As part of our research we systematically analyzed different Single Sign-On protocols like SAML, OpenID, OAuth, and OpenID Connect and came up with a large range of attacks partially or totally breaking the security of these protocols. On the example of OpenID Connect, the last standardized SSO protocol used by companies like Google and PayPal, we came up with 15 different attacks resulting in Broken-End-User authentication, information leakage, Server-Side-Request-Forgery (SSRF) and Denial-of-Service (DoS).
In this training we will give an overview of the Single Sign-On authentication scheme in general and will present insights into three most used protocols: SAML, OAuth and OpenID Connect. Participants will get the opportunity to carry out manually the introduced attacks in a prepared environment. In addition, existing tools facilitating the analysis of Single Sign-On will be introduced. Finally, we will show techniques strengthening the SSO authentication scheme and mitigating the attacks for each protocol.
- First Segment
- Basics: HTTP and Single Sign-On
- Basics: HTTP attacks
- Basics: SAML
- SAML: Attacks on Service Providers
- SAML: Attacks on Identity Providers
- SAML: Countermeasures and Additional Security Features
- Second Segment
- Basics: OAuth 2.0
- OAuth 2.0: Attacks on Service Providers
- OAuth 2.0: Attacks on Identity Providers
- Basics: OpenID Connect
- OpenID Connect: Single-Phase attacks
- OpenID Connect: Cross-Phase attacks
- OAuth and OpenID Connect: Countermeasures and Additional Security Features
What to bring? Laptop, VirtualBox, BurpSuite
Prerequisites. Basic knowledge on HTTP and HTML
Who Should Attend? Penetration testers, security engineers and security developers.
What to expect? Very technical and in-depth course regarding the security of modern Single Sign-On protocols like SAML, OAuth and OpenID Connect. You will learn how to recognize Single Sign-On protocols, how to systematically analyze them. You will get a good overview of the current technologies, known attacks and mitigation techniques.
A quick peek on a small subset of attacsk you will cope with can be found in his OWASP AppSec EU 2016 presentation: YouTube.
What not to expect? Simple and standard attack techniques. This course goes deep into the world of SSO attacks.
About the trainer. Vladislav Mladenov is a PhD Student at the Ruhr University Bochum, and a freelance penetration tester. He is interested in the security of XML-based services. Additionally, he investigates different Single Sign-On protocols like OAuth, OpenID, OpenID Connect and SAML. Other topics of interest are Identity Management and Cloud Computing.
Prof. Dr. Christof Paar
(Ruhr University Bochum) – Talk, Keynote
Talk. How to Build Hardware Trojans
Biography. Christof Paar has the Chair for Embedded Security at Ruhr University Bochum, Germany, and is research professor at the University of Massachusetts Amherst. He co-founded CHES (Cryptographic Hardware and Embedded Systems), the leading international conference on applied cryptography. Christof's research interests include efficient crypto implementations, hardware security, and security analysis of real-world systems. He also works on applications of embedded security, e.g., in cars or consumer devices. He holds an ERC Advanced Grant in hardware security and is spokesperson for two doctoral research schools, UbiCrypt and SecHuman. Christof has over 180 peer-reviewed publications and he is co-author of the textbook Understanding Cryptography (Springer, 2009). He is Fellow of the IEEE and has given invited talks at MIT, Yale, Stanford, IBM Labs and Intel. Christof co-founded ESCRYPT GmbH, a leading system provider for automotive security. Escrypt is now part of Bosch.
Prof. Dr. Kenny Paterson
(Royal Holloway, University of London) – Talk, Keynote
Talk. Applied Crypto
Biography. I obtained a B.Sc. in 1990 from the University of Glasgow and a Ph.D. from the University of London in 1993, both in Mathematics. I was then a Royal Society Fellow at Institute for Signal and Information Processing at the Swiss Federal Institute of Technology, Zurich, from 1993 to 1994. After that, I was a Lloyd's of London Tercentenary Foundation Research Fellow at Royal Holloway, University of London from 1994 to 1996.
In 1996, I joined Hewlett-Packard Laboratories Bristol, becoming a project manager in 1999.
I then joined the Information Security Group at Royal Holloway in 2001, becoming a Reader in 2002 and Professor in 2004. From March 2010 to May 2015, I was an EPSRC Leadership Fellow working on a project entitled Cryptography: Bridging Theory and Practice. In May 2015, I reverted to being a Professor of Information Security.
My research over the last decade has mostly been in the area of Cryptography, with a strong emphasis being on the analysis of deployed cryptographic systems and the development of provably secure solutions to real-world cryptographic problems. I co-founded the Real World Cryptography series of workshops to support the development of this broad area and to strengthen the links between academia and industry. I am co-chair of the IRTF's research group on Cryptography, CFRG. This group is working to provide expert advice to the IETF in an effort to strengthen the Internet's core security protocols.
My research on the security of TLS (the Lucky 13 attack on CBC-mode encryption in TLS and attacks on RC4) received significant media attention, helped to drive the widespread adoption of TLS 1.2 with its support for modern encryption schemes, and was an important factor in the TLS Working Group's decision to abandon legacy encryption mechanisms in TLS 1.3.
I am lucky to have been the recipient of several prizes and awards for my research. These include a Google Distinguished Paper Award for my joint work with Nadhem AlFardan presenting plaintext recovery attacks against DTLS published at NDSS 2012; an Applied Networking Research Prize from the IRTF for my work with Nadhem AlFardan on the Lucky 13 attack; and an Award for Outstanding Research in Privacy Enhancing Technologies for my work with Mihir Bellare and Phil Rogaway on the Security of symmetric encryption against mass surveillance published at CRYPTO 2014.
Other career highlights include being selected as Programme Chair for EUROCRYPT 2011, and being an invited speaker at ASIACRYPT 2014.
Prof. Dr. Tibor Jager
(University Paderborn) – Talk
(GDATA Advanced Analytics) – Talk
Talk. Using microarchitectural design to break KASLR and more
Abstract. Typically, hackers focus on software bugs to find vulnerabilities in the trust model of computers. In this talk, however, we'll focus on, how the micro architectural design of computers and how they enable an attacker to breach trust boundaries. Specifically, we'll focus on how an attacker with no special privileges can gain insights into the kernel and how these insights can enable further breaches of security. We will focus on the x86-64 architecture. Unlike software bugs, micro architectural design issues have applications across operating systems and are independent of easily fixable software bugs. In modern operating systems the security model is enforced by the kernel. The kernel itself runs in a processor supported and protected state often called supervisor or kernel mode. Thus the kernel itself is protected from introspection and attack by hardware. We will present a method that'll allow for fast and reliable introspection into the memory hierarchy in the kernel based on undocumented CPU behavior and show how attackers could make use of this information to mount attacks on the kernel and consequently of the entire security model of modern computers. Making a map of memory and breaking KASLR Modern operating systems use a number of methods to prevent an attacker from running unauthorized code in kernel mode. They range from requiring user-privileges to load drivers, over driver signing to hardware enabled features preventing execution in memory marked as data such as DEP (Data Execution Prevention) or more resonantly SMEP that prevents execution of user allocated code with kernel level privileges. Often used bypasses modify either page tables or use so called code reuse attacks. Either way an attacker needs to know where the code or page tables are located. To further complicate an attack modern operating system is equipped with "Kernel Address Space Randomized Layout" (KASLR) that randomizes the location of important system memory.
We'll present a fast and reliable method to map where the kernel has mapped pages in the kernel mode area. Further, we'll present a method for locating specific kernel modules thus by passing KASLR and paving the way for classic privileged elevation attacks. Neither method requires any special privileges and they even run from a sandboxed environment. Also relevant is that our methods are more flexible than traditional software information leaks, since they leak information on the entire memory hierarchy. The core idea of the work is that the prefetch instructions leaks information about the caches that are related to translating a virtual address into a physical address. Also significant is that the prefetch instruction is unprivileged and does not cause exceptions nor does it have any privilege verification. Thus it can be used on any address in the address space. Physical to virtual address conversion A number of micro-architectural attacks is possible on modern computers. The Row hammer is probably the most famous of these attacks. But attacks methodologies such as cache side channel attacks have proven to be able to exfiltrate private data, such as private keys, across trust boundaries. These two attack methodologies have in common that they require information about how virtual memory is mapped to physical memory. Both methodologies have thus far either used the "/proc/PID/pagemap" which is now accessible only with administrator privileges or by using approximations. We will discuss a method where an unprivileged user is able to reconstruct this mapping. This goes a long way towards making the row hammer attack a practical attack vector and can be a valuable assistance in doing cache side channel attacks. Again we use the prefetch's instructions lack of privilege checking, but instead of using the timing that it leaks we now use the instructions ability to load CPU caches and that timing of memory access instructions depend heavily on the cache state. Finally, we will shortly outline a possible defense.
Biography. Anders Fogh has led numerous low level engineering efforts in the past 11 years. Prior to that he worked at VOB GmbH and Pinnacle System where he was responsible for major developments in video and CD/DVD recording software. Since 1993 he has been an avid malware hobbyist and has reverse engineering experience with operating systems from DOS to present day OSs as well as devices ranging from DVD players to USB sticks. He holds a master's degree in economics from the University of Aarhus. He was the first to suggest a software solution to the row hammer bug and spoke at Black Hat 2015 with Nishat Herath on the topic of using performance counters for security out comes.
Talk. Breaking PPTP VPNs via RADIUS Encryption
Abstract. We describe an efficient cross-protocol attack, which enables an attacker to learn the VPN session key shared between a victim client and a VPN endpoint. The attack recovers the key which is used to encrypt and authenticate VPN traffic. It leverages a weakness of the RADIUS protocol executed between VPN endpoint and RADIUS server, and allows an "insider" attacker to read the VPN traffic of other users or to escalate its own priviledges with significantly smaller effort than previously known attacks on MS-CHAPv2.
Biography. Tibor Jager teaches IT security and cryptography at Paderborn University. His research interests include applied and theoretical cryptography, with emphasis on the design and security analysis of digital signatures, public-key encryption schemes, and protocols, as well as practical attacks and countermeasures. He contributed to the discovery of security weaknesses in and practical attacks on major cryptographic standards and software libraries, including TLS, EAP-TLS, the W3C XML Encryption standard, and JSON Web Encryption/Web Signature.
Dr. David Oswald
(Kasper & Oswald) – Talk
Talk. The (In)Security of Autmotive Remote Keyless Entry Systems revisited
Abstract. Remote keyless entry (RKE) systems, usually based on so-called rolling codes, are the most widespread way of (un)locking vehicle doors, opening the trunk, and disarming the alarm system. RKE is based on the unidirectional transmission of an (increasing) counter value, authenticated by means of symmetric cryptography. There are two major ways of attacking RKE systems: (i) by exploiting vulnerable key distribution schemes, and (ii) by making use of cryptographical weaknesses in the employed ciphers. In this talk, we will give practical example for both cases (based on our Usenix Security 2016 paper). First, we show that the RKE system used by the VW group (Audi, Seat, Skoda, Volkswagen) was based on only a handful global keys over the past 20 years. By extracting these keys from ECU firmware, an adversary is able to clone the owner's remote control from a distance of up to 100m, using a single rolling code. Second, we present novel attacks on the Hitag2 RKE scheme (employed by Alfa Romeo, Peugeot, Lancia, Opel, Renault, and Ford among others). Based on black-box reverse-engineering of the protocol, we devise a new cryptanalytical attack on Hitag2 for full key recovery, requiring four to eight rolling codes and negligible computation. Finally, our talk also includes a brief survey of the state of automotive security in general, a discussion of the responsible disclosure process, and recommendations for designing more secure RKE systems.
Biography. David Oswald is a lecturer (assistant professor) in the Security and Privacy Group at the University of Birmingham, UK. His main field of research is the security of embedded systems in the real world. On the one hand, the focus is on attack methods that exploit weaknesses in the physical implementation of mathematically secure cryptographic algorithms. Those techniques include both (passive) side-channel analysis and (active) fault injection, as well as reverse engineering. On the other hand, David is working on the practical realization of security systems in embedded applications. He is co-founder of the Kasper & Oswald GmbH, offering innovative products and services for security engineering. His research on vulnerabilities of various wide-spread systems (e.g. DESFire RFID smartcards, Yubikey two-factor authentication tokens, electronic locks, and VW/Hitag2 RKE systems) has created awareness for the crucial importance of security among developers of embedded devices.
Training address: Blue Square Kortumstr. 90, (Entrance "Passage Voswinkel/Fotobox"), 44787 Bochum
Conference address: Veranstaltungszentrum, Ruhr-Universität Bochum, Universitätsstraße 150, 44801 Bochum
Google Maps: Link to the building
Directions: RuhrSec will be held at the Ruhr University Bochum (RUB). The conference location is directly located under the cafeteria/Mensa in our event center (German: Veranstaltungszentrum). You can find parking slots for your cars directly under the conference location (University Center/ Universität Mitte, parking deck P9). Otherwise you can use the train station (U35 - "Ruhr-Universität"). From the train station, it is a five minutes walk to get to the conference building.
Flight and Train Information
The closest airport is "Düsseldorf Flughafen" (DUS). From DUS, the shortest and fastest way to get to Bochum is via train. Please take the "Sky Train" from the airport to the railway station "Düsseldorf Flughafen". After that you should drive to "Bochum Hauptbahnhof" (aka. "Bochum Hbf."). From there we recommend to take a taxi driver to the conference center (about 10 Euro). Otherwise you can take the underground station (U-Bahn) train U35 to "Ruhr Universität Bochum".
- Please pay for the sky train (a few euros).
- To get your train tickets, you can use a ticket machine after the sky train. They allow you to choose English for the UI and you can pay (often) with your credit cards. Please also take money (Euro) with you if credit cards are not accepted. The ticket price should be something around €3 (SkyTrain) and €20 (train).
- Please do not forget to stamp your train ticket with one of the stamp machines. Otherwise it is not valid/used.
If you want to check out when your train will arrive you can use this web page: http://www.bahn.com/i/view/DEU/en/index.shtml
We do not offer any hotel room reservation service. From our experience, it is cheaper to use common hotel booking portals instead of booking the rooms directly at the hotel or with a reservation code.
Directly in the heart of Bochum and near the train station, we recommend two hotels:
Ibis has renewed their hotel a few years ago and it is, depending on the view, sufficient to spend a few nights in it. More luxury is given in the Mercure Hotel, which was a Park Inn hotel in the past. Both hotels are not far away from Bochum's famous Bermuda Dreieck (with a lot of good bars and German beer).
Anfahrt zum Veranstaltungszentrum
(German, pdf, 5.04 MB)
(German, JPG, 487.36 kB)
Conference location with way-description
(English, pdf, 1.39 MB)
Conference location with way-description - details
(English, pdf, 1.37 MB)
Next to their anti-virus products, G DATA is known as the evening sponsor of the Ruhr University's HackPra lecture. As it is in the case of HackPra, RuhrSec will have an awesome evening event too.
Every participant with a valid conference ticket is invited to be our guest at the social event. G Data provides awesome people, tasty food and high quality drinks. Feel free to join us and to talk with other security interested people, including the speakers.
Location: G DATA Academy, Königsallee 178, D-44799 Bochum
How to get there: After the conference we will go together to the location by using public transport systems. More information is given before the first conference keynote.
German way description: Download PDF
Time: After the first conference day (>=17:00 o'clock)
This event will be provided by our company Hackmanit. Our organisation team consists of Marcus Niemietz, Christian Mainka and Juraj Somorovsky. We are security researchers with a strong relationship to the Horst Görtz Institute for IT security.
In case that you have any questions regarding the conference: please contact us via mail:Email us
Universitätsstraße 150 (ID 2/469)
T: (+49)(0)234 / 45930961
(+49)(0)234 / 45930960