(2017): X.509 User Certificate-based Two-Factor Authentication for Web Applications. Distributed Systems Laboratory, University of Konstanz (KN-2017-DISY-03), 2017.
(2017): MoDeNA: Enhancing User Security for Devices in Wireless Personal and Local Area Networks. Distributed Systems Laboratory, University of Konstanz (KN-2017-DISY-02), 2017.
(2017): HomeCA: Scalable Secure IoT Network Integration. Distributed Systems Laboratory, University of Konstanz (KN-2017-DISY-01), 2017.
DNSSEC — the security extensions to the trusty Domain Name System (DNS) upon which almost all Internet transactions rely — is often considered hard to set up. My own setup has been very dated, using complicated scripts which needed to run after every change to the zone file. There was time to change this. Modern versions of the BIND make this rather easy, as I found out. Continue reading DNSSEC made easy: Converting an existing DNS zone to Inline signing with BIND
Distributed Denial of Service, DDoS for short, is the shooting star in today’s Internet nightmare gallery. Here is a quick overview over what each and everyone of us can do to prevent his. And some hints at manufacturers and researchers. Continue reading DDoS: What we can do to prevent it
Open, standards-compliant and interoperable chat sounds like a boon. However, proprietary and closed systems (WhatsApp, Facebook chat, Google Hangouts, …) are often easier to deploy, as they are nicely integrated in existing ecosystems. The freshly-released JSXC 3.0 shows that this is not necessary. Continue reading Interoperable Chat in Your Web Browser: JSXC 3.0 released
This year, all owners of .ch domains need to switch from the DNS registry SWITCH to a new registrar. Getting an overview over these registrars is hard. Thankfully, Marc Wäckerlin has started the road to transparency with a price comparison of Swiss .ch domain registrars. Here, I extend his results with a survey of DNSSEC support. Continue reading DNSSEC for .ch domains
(2015): Boost DNS Privacy, Reliability, and Efficiency with opDNS Safe Query Elimination. In: NetSys 2015, Gesellschaft für Informatik, 2015.
(2015): JSXC: Adding Encrypted Chat with 3 Lines of Code. In: NetSys 2015, Gesellschaft für Informatik, 2015.
(2014): SIEGE: Service-Independent Enterprise-GradE protection against password scans. In: DFN-Mitteilungen, (87), pp. 40–46, 2014, ISSN: 0177-6894.