QSP Labs
The Quality and Security Program Tirol invites to the upcoming Lab:
Secure Internet Communication
César Bernardini, Software Engineer, Barracuda GmbH
Harald Grossauer, Team Leader, Barracuda GmbH
29.03.2019, 14:00-18:00
30.03.2019, 9:00-17:00
3W03 Seminar Room, ICT Building (2nd floor), Technikerstraße 21a, Innsbruck
Transport Layer Security (TLS) is responsible for transmitting data in a secure and confidential way over an unsecured
network. It is the de-facto standard for secured communication in the Internet.
This workshop deals with the technical
background of the cryptographic algorithms used in TLS as well as the existing attacks. First, the asymmetric
cryptographic algorithms for establishing a TLS session are addressed. TLS supports asymmetric cryptographic algorithms
for the authentication of the communicating parties and the secure key-exchange between them. If the algorithms are
poorly chosen already this first phase of establishing a secured communication channel can be attacked. The concepts
of Perfect Forward Secrecy and Elliptic Curve Cryptography are presented and explained in this context. Second, key
exchange in TLS and authentication examples are covered. The exchanged keys are used for the symmetric encryption of the
secure data exchange, which follows in a second phase. Even with securely exchanged keys a number of realistic attacks
on the encrypted data exchange exist. Recent examples are BEAST, CRIME, BREACH and the Padding Oracle Attack Lucky 13.
The workshop explains the mentioned attacks and presents strategies to prevent them.
The active participation of students is appreciated. A virtual work-environment will be provided for each student
containing all necessary files and tools to participate in the live hands-on exercises. This workshop will to provide a
profound knowledge and understanding of the algorithms used in TLS in order to circumvent the known pitfalls and
weaknesses.
Language: English
Structure: Presentation, exercises with laptops
Required Skills: Basic knowledge of network technologies and cryptography, no programming skills necessary, Linux User Basics, Basic knowledge of a programming language (exercises)
Required Equipment: Laptop required
Maximal number of participants: 25
Dr. César Bernardini professional focus lies on the research and development of secure network protocols. Since 2017 he
works with Barracuda Network AG and develops products for secure Internet communciation. This involves the design and
development of network protocols for the Barracuda CloudGen Firewall.
Before joining Barracuda Networks, Dr. Bernardini pursued his PhD diploma at INRIA in collaboration with the University
of Lorraine (France) in the field of Future Internet Architectures. Later on, he worked as a Postdoc in the field of secure
communications for Future Internet Architectures in the University of Trento (Italy), University of Innsbruck (Austria) and
Aalto University (Finland) During these years he acquired valuable experience with professional software design and
development.
Further, Dr. Bernardini did projects in collaboration with local startups in Innsbruck and worked as a lecturer at the
University of Lorraine.
Dr. Harald Grossauer earned a MSc in Theoretical Physics and a PhD in Computer Science, both at the University of Innsbruck.
As a postdoc he worked in a research group for Inverse Problems and Mathematical Image Processing. Afterwards he spent
almost four years in different roles in various financial institutions.
In 2013 he joined Barracuda Networks, where he is responsible for layer 7 protocol analysis, inspection of SSL/TLS traffic
and intrusion prevention.