Dipl.-Inform., M.Sc. Information Security Henrich C. Pöhls

Contact Details

PGP-Key / Local Copy
PGP-Fingerprint: 13a2 45ed 4fdc 2a66 f99e 1e29 e98e 021a 937a f4f2

Tel: +49-851-509-3217
Fax: +49-851-509-3212
Room: 136 (ITZ)

Office Address

University of Passau
Innstrasse 43
94032 Passau
Germany

Page contains Microformat markup.

Address information can be converted into vCard.
Valid HTML 4.0 with CSS.

Research Interest

Redactable & Sanitizable Signatures,
Legal implications of Digital Signatures (EU Electronic Signature Legislation),
Privacy Enhancing Technology (PET) and Data Protection with respect to Authenticity and (Structural) Integrity Protection of the contained Information,
Security of Internet-Of-things (IoT),
SupplyChain- / SOA- / BusinessProcess-Security,
Digitally Signed Microformatted Content and
Tree-Based Structured Document Formats (XML-Based).
Additional interests:
- Web-Services, "Web 2.0"
- Wireless Communications (WLAN, Bluetooth, RFID, etc.)
- TLS, PKI, and Certificates
- Networked Smartcards

Publications

H. C. Pöhls, S. Peters, K. Samelin, J. Posegga and H. de Meer. Malleable Signatures for Resource Constrained Platforms. In Proc. of the 7th Workshop in Information Security Theory and Practice (WISTP 2013), Springer-Verlag, 2013. This is an preliminary version of the original publication. The original publication will be available at www.springerlink.com (to appear) pdf...
H. C. Pöhls. Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity. In Proc. of the 7th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013), Springer-Verlag, 2013. The original publication will be available at www.springerlink.com (to appear) pdf...
C. Brzuska, H. C. Pöhls and K. Samelin. Non-Interactive Public Accountability for Sanitizable Signatures. In Proc. of the 9th European PKI Workshop: Research and Applications (EuroPKI 2012), Springer-Verlag, 2012. This is an extended and revised version of the original publication. The original publication will be available at www.springerlink.com (to appear) pdf... bibtex ...
I. Askoxylakis, H. C. Pöhls and J. Posegga, Ed. Proc. of the 6th IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems (WISTP 2012). doi... bibtex ...
F. Höhne, H. C. Pöhls and K. Samelin. Rechtsfolgen editierbarer Signaturen. In Datenschutz und Datenrecht (DuD), Volume 36 (6): 485-491, 2012. pdf... bibtex ...
H. C. Pöhls, K. Samelin, J. Posegga and H. de Meer. Flexible Redactable Signature Schemes for Trees --- Extended Security Model and Construction. In Proc. of the International Conference on Security and Cryptography (SECRYPT 2012), pages 113-125, SciTePress, 2012. pdf... bibtex ...
H. C. Pöhls and F. Höhne. Sticky Signatures: Legal Advantages of Redactable Signatures and Credentials in the Food Supply Chain. In Proc. of the 5th Interdisciplinary Conference on Current Issues in IT Security 2012, Dunker & Humblot, Berlin, 2012. bibtex ...
K. Samelin, H. C. Pöhls, A. Bilzhause, J. Posegga and H. de Meer. On Structural Signatures for Tree Structured Data. In Proc. of the 10th International Conference on Applied Cryptography and Network Security (ACNS 2012), Springer, 2012. This is an extended and revised version of the original publication. The original publication is available at www.springerlink.com doi... pdf... bibtex ...
K. Samelin, H. C. Pöhls, A. Bilzhause, J. Posegga and H. de Meer. Redactable Signatures for Independent Removal of Structure and Content. In Proc. of the 8th International Conference on Information Security Practice and Experience (ISPEC 2012), Springer, 2012. pdf... bibtex ...
H. C. Pöhls and F. Höhne. The Role of Data Integrity in EU Digital Signature Legislation - Achieving Statutory Trust for Sanitizable Signature Schemes. In Proc. of 7th International Workshop on Security and Trust Management (STM 2011), pages 175-192, Springer, 2012. pdf... bibtex ...
H. C. Pöhls, A. Bilzhause, K. Samelin and J. Posegga. Sanitizable Signed Privacy Preferences for Social Networks. In Proc. of GI Workshop on Privacy and Identity Management for Communities - Communities for Privacy and Identity Management (DICCDI 2011), GI, 2011. pdf... bibtex ...
H. C. Pöhls, K. Samelin and J. Posegga. Sanitizable Signatures in XML Signature - Performance, Mixing Properties, and Revisiting the Property of Transparency. In Proc. of 9th International Conference on Applied Cryptography and Network Security (ACNS 2011), Springer, 2011. pdf... bibtex ...
H. C. Pöhls. Why Showing one TLS Certificate is not enough? Towards a Browser Feedback for Multiple TLS Certificate Verifications. In Proc. of GI Sicherheit 2010 - Gesellschaft für Informatik, GI, 2010. pdf... bibtex ...
F. Höhne and H. C. Pöhls. Staatliche Schutzpflichten für die IT-Infrastruktur. In Proc. of D-A-CH Security 2010, 2010. bibtex ...
F. Höhne and H. C. Pöhls. Grund und Grenzen staatlicher Schutzpflichten für die IT-Infrastruktur. In Tagungsband der 11. Herbstakademie der Deutschen Stiftung für Recht und Informatik (DSRI): Digitale Evolution - Herausforderungen für das Informations- und Medienrecht, OlWIR Oldenburger Verlag für Wirtschaft, Informatik und Recht, 2010. bibtex ...
R. Herkenhöner, M. Jensen, H. C. Pöhls and H. de Meer. Towards Automated Processing of the Right of Access in Inter-Organizational Web Service Compositions. In IEEE 2010 International Workshop on WebService and Business Process Security (WSBPS 2010), IEEE, 2010. doi... pdf... bibtex ...
B. Braun and H. C. Pöhls. Authenticity: The missing link in the social semantic web. In INFORMATIK 2008 Beherrschbare Systeme - dank Informatik, Digitale Soziale Netze 2008, Lecture Notes in Informatics (LNI), Springer, 2008. doi... pdf... bibtex ...
H. C. Pöhls. Verifiable and Revocable Expression of Consent to Processing of Aggregated Personal Data. In Proc. of Information and Communications Security (ICICS) 2008, pages 279-293, Springer, 2008. doi... pdf... bibtex ...
H. C. Pöhls. ConCert: Content Revocation using Certificates. In GI Sicherheit 2008 - Gesellschaft für Informatik, pages 149-162, GI, 2008. pdf... bibtex ...
H. C. Pöhls and L. Westphal. Die "Untiefen" der neuen XML-basierten Dokumentenformate. In 15. DFN CERT Workshop Sicherheit in vernetzten Systemen, 2008. pdf... bibtex ...
H. C. Pöhls and J. Posegga. Smartcard Firewalls Revisited. In Proc. 7th Intern. Conf. on Smart Card Research and Applications, pages 179-191, Springer Verlag, 2006. pdf... bibtex ...

Technical Reports

H. de Meer, M. Liedel, H. C. Pöhls and J. Posegga. Indistinguishability of One-Way Accumulators. Technical Report of Faculty of Computer Science and Mathematics (FIM), University of Passau, Number MIP-1210, 2012.
K. Samelin, H. C. Pöhls, J. Posegga and H. de Meer. Redactable vs. Sanitizable Signatures. Technical Report of Faculty of Computer Science and Mathematics (FIM), University of Passau, Number MIP-1208, 2012.
H. C. Pöhls, K. Samelin, J. Posegga and H. de Meer. Transparent Mergeable Redactable Signatures with Signer Commitment and Applications. Technical Report of Faculty of Computer Science and Mathematics (FIM), University of Passau, Number MIP-1206, 2012. pdf... bibtex ...
H. C. Pöhls, K. Samelin, J. Posegga and H. de Meer. Length-Hiding Redactable Signatures from One-Way Accumulators in O(n). Technical Report of Faculty of Computer Science and Mathematics (FIM), University of Passau, Number MIP-1201, 2012. pdf... bibtex ...
H. C. Pöhls. Authenticity and Revocation of Web Content using Signed Microformats and PKI. Technical Report of University of Hamburg, Department of Informatics, Number B-276-07, 2007. pdf... bibtex ...

Selected Talks

H. C. Pöhls. No Integrity, thanks --- Verifiable Explicit Consented Undecidability of Integrity. Talk at the Conference on Information Security Conference 2012 (ISC'12), Passau, Germany, 2012. pdf...
H. C. Pöhls. Authenticity and Confidentiality - A ''one-night stand'' in TLS?. Talk at the OWASP säker applikationsutveckling at internetdagarna 2011, Stockholm, Sweden, 2011.
H. C. Pöhls. Integrity Protection for Authorized Changes - Sanitizable Signatures with Transparency or Detectability. Talk at the KTH Royal Institiute of Technology - School of Computer Science and Communication (CSC), Stockholm, Sweden, 2011.
H. C. Pöhls. The State of XML Digital Signatures. Talk at the OWASP AppSec Brazil 2010, Campinas, Brazil, 2010. pdf...
H. C. Pöhls. BitFlip: Determine a Data's Signature Coverage from within the Application. Talk at the OWASP AppSec Research 2010, Stockholm, Sweden, 2010. video(flv)... pdf...
H. C. Pöhls. Digital Signatures and Context-Loss - How Digital Signatures might facilitate Data Protection Claims in SOA. Talk at the hgi-Seminar at the University of Bochum, Bochum, Germany, 2009.
H. C. Pöhls. Authenticity for Web Content - Why the web's transport security era must end?. Talk at the 3rd Workshop on Multimedia, Distributed and Pervasive Systems (MDPS), Passau, Germany, 2009. pdf...
H. C. Pöhls. Verifiable and Revocable Expression of Consent to Processing of Aggregated Personal Data. Talk at the 10th International Conference on Information and Communications Security (ICICS) 2008, Birmingham, UK, 2008. pdf...
D. Schreckling and H. C. Pöhls. Data Driven and Data Centric Security. Talk at the 3rd CREATE-NET Workshop, Cavalese, Italy, 2006.

Further Activities

Reviewer for program committees / secondary reviewer:
SECRYPT 2013, WISTP 2013, Information Security Technical Report (ISTR), Crisis 2012, ABPSM 2011, WSNSCM 2011, IEEE Pervasive Computing, SECRYPT 2011, IPTComm 2010, SECRYPT 2010, TrustBus 2010, SPCC 2010,TrustBus 2009, WOSIS 2009, SecureComm 2007, WOSIS 2007, WISTP 2007, Computer Networks - Special Issue on Smartcards, KiVS 2007, AmI.d 2006, CARDIS 2006, Internation Journal of Information Security (IJIS), TSPUC 2006, SEC 2006, ISAS 2005, TSPUC 2005, IEEE Security & Privacy, MCTA 2005, SPC 2005, EURESCOM Summit 2005, CCS 2004
Program committee:
Open Identity Summit 2013 (OID'13),
Workshop in Information Security Theory and Practice (WISTP'12),
Workshop GI INFORMATIK 2011 "Datenschutz und Identitätsmanagement für Communities - Communities für Datenschutz und Identitätsmanagement" (DICCDI'11)

Supervised Theses

Future:
- If you are looking for a thesis topic that falls within my area of interest, please contact me.
Ongoing:
- M.Sc. thesis about Policy-Driven Automatic Application of Malleable Signature
- M.Sc. thesis about Signature Validation Modelling and Analysis of Failures in Existing Processes
Finished:
- M.Sc. thesis: Sanitizable Signatures on Smart Cards - An Implementation on Java Card, Performance Evaluation and Analysis of Suitability for Selected Sanitizable Signature Schemes (by Stefan Peters)
- B.Sc. thesis: Certifed Allowed Content Usage - Towards Secondary Usage Control in the Web 2.0 (by Markus Doering)
- B.Sc. thesis: Bit Flip tests to find the signature's black-spots (by Matthias von Treuberg)
- B.Sc. thesis: Gesicherte Zusammenführung und Zuordnung von textuellen Inhalten zu Autoren am Beispiel von Google Wave (by Frederic Mücke)
- M.Sc. thesis: Sanitizing Signed XML-Documents (by Kai Samelin)
- B.Sc. thesis: Implementation of a signature- and a verification-component for verifiable signed content (by Timo Siegle)
- Diploma thesis: Information hiding in XML based documents (by L. Westphal)
- Diploma thesis: Implementing content revocation using microformats and certificate revocation as building blocks (by H. Niklaus)
- Bachelor thesis: Firewall on a Smartcard - A preview on a possible implementation (by F. Kessler & Z. Mados)

Projects

RESCUE IT: Leading Workpackage 5 (2010-2013)
BADO: Privacy Preserving Evaluation of Medical-Drug-Usage Data (2007)

Teaching @University of Passau

Summer term 2012
- Seminar: Real Life Security
Winter term 2011/12
- Seminar: Real Life Security
Summer term 2011
- Seminar: Real Life Security
Winter term 2010/11
- Seminar: IT Security unleashed
Summer term 2010
- Seminar: IT Security unleashed 2.0
Winter term 2009/10
- Seminar (IT-Security and IT-Security-Law): Interdisziplinäres Seminar zur Informationssicherheit unter Berücksichtigung juristischer Aspekte
- Praktikum: Sicherheits-Infrastrukturen
Summer term 2009
- Seminar: IT Security unleashed
- ProSeminar: Was Sie schon immer über IT-Sicherheit wissen wollten aber nie zu fragen wagten
Winter term 2008/09
- Praktikum: Sicherheits-Infrastrukturen
- Seminar: IT-Sicherheit

Teaching @University of Hamburg

Summer term 2008
- Project: Network Security
- Exam for GSS-Lecture
Winter term 2007/08
- Project: Software Security (Part I)
- Schnupperstudium Informatik (Projekt: Asymmetrische Verschlüsselung von Emails)
- Seminar: Sicherheit in mobilen und ubiquitären Systemen
- Oberseminar: Fortgeschrittene IT-Sicherheit
- Exercises for VIS-Lecture
Summer term 2007
- Project: Software Security (Part II)
- Seminar: IT Sicherheit
- Exercises for GSS-Lecture
Winter term 2006/07
- Project: Software Security (Part I)
- Schnupperstudium Informatik (Projekt: Asymmetrische Verschlüsselung am Beispiel SSL)
- Seminar: IT Sicherheit
- Oberseminar: Fortgeschrittene IT-Sicherheit
Summer term 2006
- Project: Software Security (Part II)
- Project: Network Security ("Netzwerksicherheit")
- Seminar: IT Sicherheit
Winter term 2005/06
- Exercises in Technische Informatik 3 (T3)
Summer term 2005
- Exercises for GBI-Lecture
- Seminar: Internet Sicherheit
- Exercises in Praktische Informatik 2 (P2)
Winter term 2004/05
- Project: Network Security ("Netzwerksicherheit")
- Projekt-Seminar: Aktuelle Probleme der IT- & Netzsicherheit - Security in wLANs
- Exercises in Praktische Informatik 1 (P1)
Summer term 2004
- Exercises in Praktische Informatik 2 (P2)
Winter term 2003/04
- Praktikum: Reverse Engineering

Short Bio

Impressum

Last modified: 07/05/2013 - 09:30:44 by hcp