Universität Hamburg - der Forschung, der Lehre, der Bildung, zur Homepage
Security and Privacy
Department of InformaticsSecurity and Privacy

Foto: UHH/Denstorf

Security and Privacy

Dr. Karl-Peter Fuchs

Dr. Karl-Peter Fuchs left the working group SVS in 2015.

About

Karl-Peter Fuchs is reasearch and teaching assistant at the University of Hamburg in the working group Security in Distributed Systems since 2011, supervised by Prof. Dr. Hannes Federrath. Previously he was reasearch and teaching assistant at the University of Regensburg in the working group Information Security Management after his study of Information Science and Business Informatics.

Research interests

Karl-Peter's main research interests are privacy-enhancing technologies, security in distributed systems, network security and low-latency anonymous communication systems. He is also interested in usability and techniques for performance and security assessment of privacy-enhancing technologies, especially mix-based systems.

Karl-Peter started the open source and open research project gMix, a software framework for mix implementations and evaluation tools targeted at researchers who want to evaluate new ideas and developers interested in building pratical mix systems. The gMix framework bridges theory and practice in anonymous communication research.

Selected publications

ESORICS 2014 [PDF]: EncDNS: A Lightweight Privacy-Preserving Name Resolution Service: Paper about the design an evaluation of a novel lightweight privacy-preserving name resolution service for the Domain Name System. EncDNS encapsulates encrypted messages in standards-compliant DNS messages. User privacy is protected by exploiting the fact that a conventional DNS resolver provides sender anonymity against the EncDNS server. Unlike traditional privacy-preserving techniques like mixes or onion routing, which introduce considerable delays due to routing messages over multiple hops, the EncDNS architecture introduces only one additional server in order to achieve a suvicient level of protection against realistic adversaries. A joint work with D. Hermann, J. Lindemann and H. Federrath.

ARES 2013 [PDF]: Laribus: Privacy-Preserving Detection of Fake SSL Certificates with a Social P2P Notary Network: A P2P network for the detection of local MITM attacks on SSL/TLS. The Laribus network is based on a Social Network graph which allows users to form Notary Groups that improve both privacy and availability. It combines ideas from various related work and integrates several well-known techniques, such as secret sharing, ring signatures, layered encryption, range queries and a DHT to achieve privacy-aware queries, scalability and decentralization. Nominated for best paper. A joint work with A. Micheloni, D. Hermann and H. Federrath.

IFIP SEC 2013 [PDF]: Generating Realistic Application Workloads for Mix-Based Systems for Controllable, Repeatable and Usable Experimentation: Introduction of two complementary models that allow to extract characteristics from trace files recorded in real world networks and replay them in a simulation. The general goal of the paper was to adapt the state of the art solutions for web traffic generation from the network research community to the field of PETs. A joint work with D. Hermann and H. Federrath.

ESORICS 2012 [PDF]: Introducing the gMix Open Source Framework for Mix Implementations: Introduction to the software framework and open source project gMix. The gMix framework bridges theory and practice in anonymous communication research. It allows to compose mixes out of plug-ins and provides tools that allow for more realistic empirical, emulation-based evaluations than previous approaches. A joint work with D. Hermann and H. Federrath.

ESORICS 2011 [PDF]: Privacy-Preserving DNS: Analysis of Broadcast, Range Queries and Mix-based Protection Methods: A proposal for a dedicated DNS Anonymity Service that enables unobservable DNS lookups at reasonable bandwidth cost. The DNS Anonymity Service improves both privacy and performance compared to previous work. A joint work with H. Federrath, D. Hermann and C. Piosecny.

Further Publications and Talks

Teaching

Karl-Peter has (co-)taught the following courses, seminars and tutorials:

University of Hamburg

  • Practical Aspects of IT Security (Master-Projekt Praxis der IT-Sicherheit)
  • Master Project IT Security (Masterprojekt IT-Sicherheit)
  • Distributed Systems and Information Security, tutorial (Verteilte Systeme und Informationssicherheit)
  • Foundations of Systems Software, tutorial (Grundlagen der Systemsoftware)
  • Seminar Privacy Enhancing Technologies (Seminar Technischer Datenschutz)
  • Seminar Foundations of IT Security (Proseminar Grundlagen der IT-Sicherheit)
  • Seminar Security of Complex Information Systems (Sicherheit von komplexen Informatik-Systemen)
  • Practical Lab IT Security (Praktikum IT-Sicherheit)

University of Regensburg

  • Practical Aspects of IT Security (Praxis der IT-Sicherheit)
  • Multilateral Security in Distributed Systems, tutorial (Mehrseitige Sicherheit in verteilten Systemen)
  • Seminar IT Security (Seminar IT-Sicherheit)
  • Project IT Security (Projektseminar IT-Sicherheit)