• Datei-Recovery von SSDs: Systematische Untersuchung

Bei SSDs werden gelöschte Dateien automatisch von der SSD (aufgrund des TRIM Kommandos) endgültig vernichtet. Es soll eine Testumgebung erstellt werden, mit der systematisch untersucht werden kann, wie lange noch Dateien wiederhergestellt werden könnten:

• Verschiedene Dateisysteme (NTFS, XFS, BRTFS, EXT)
• Verschiedene Betriebssysteme Windows, Linux
• Verschiedene "Belastungen": 100% CPU, 0% CPU, 100% Laufwerk (Lesen), 100% Laufwerk (Schreiben), 0% Laufwerk
• Zeitdauer: wenige Sekunden, ein paar Minuten, 1 Stunde
• Laufwerk ist in PC oder bloß mit Strom versorgt, aber kein Bus angeschlossen

Systematischen Test vorbereiten und programmieren (Scripts) und für mehrere SSDs durchführen und Ergebnisse darstellen.

Kontakt: Michael Sonntag

• Basis-Idee (wäre aber noch zu erweitern/ausarbeiten): Bei Tor können aus dem Schlüssel für Hidden Services weitere Schlüssel abgeleitet werden.

Das wird schon beim Directory benützt. Entwurf eines Systems, dass in (abhängig von einem geheimen Startwert) in "zufälligen" Abständen neue Schlüssel generiert. Wenn man dieser Geheimen Wert kennt, kann man auch aus (nur!) dem öffentlichen Schlüssel die zugehörigen abgeleiteten öffentlichen Schlüssel berechnen. Dies würde ein "Hopping" bei Hidden Services erlauben. Implementieren, teste, überlegen wofür das verwendet werden kann, Vor- &Nachteile

Kontakt: Michael Sonntag

• SeFReDoSS: Secure Federated Regular Document Submission Service

Abstract: The problem statement is that regularly (e.g. every month, quarter, year, etc.), some service provider (banks, credit cards, mobile network operators, various utility providers, etc.) need to send updated information such as bills or statements. We propose that “callback URLs” are an appropriate way to deliver these updated information snippets with semantics similar to the well-understood paper letters. As one would register a postal mailing address with a provider, logging into their web interface to register the web equivalent does not compromise security.

This project should implement the concept described as a quick prototype using Nextcloud shares at https://www.mayrhofer.eu.org/post/secure-delivery-of-regular-information/, öffnet eine externe URL in einem neuen Fenster within the Digidow project prototype of "Personal Identity Agents" (PIAs). The goal is to implement PUT-only document submission URLs either within the existing PIA prototype or an associated micro-web-service that interfaces with a PIA. A user-accessible web interface is required to register new submission URLs for a new provider (e.g., by creating a new sub-URL) and their associated policy (e.g., to move incoming documents with timestamped filenames into configurable directories on the local filesystem). The implementation should be done in Rust.

Kontakt: Michael Roland

•  Mobile driving license reference implementation

Abstract: The goal of this project is to implement the current standard for mobile driving licenses (ISO/IEC 18013-5) on Android.

Kontakt: Michael Roland

• Comparison of DNS results for TOR exit node DNS queries against different providers

As seen by a recent incident at our TOR exit node, where the ISP DNS servers manipulated the outcome of certain DNS queries through a DNS filtering system, interception at the level of DNS results is a popular (though questionable) means to block unwanted web traffic.

In this bachelor's thesis, the outcome of presenting DNS queries performed by our TOR exit node to multiple different providers should be analyzed. Moreover, cases where deviating responses are observed should be further investigated. Interesting deviations would be primarily those caused by filtering/censorship.

Kontakt: Michael Roland

• Reconstructing internet video from a network trace

This should work for IP video telephony, but potentially also for other communications. The main task here is to handle missing parts, e.g. keeping the old picture or replacing it with "white/black screen". The sniffed traffic should then be playable and be accompanied by exact specifications what was found, and what/when there were "holes" filled.

Kontakt: Michael Sonntag