The Paderborn University research team has achieved a significant success in the prestigious Artifacts Competition and Impact Award at the ACSAC 2024 (Annual Computer Security Applications Conference): Their security framework TLS-Attacker achieved second place in the international competition, which honours innovative software artefacts with high scientific and industrial relevance.
ACSAC is one of the leading conferences in the field of IT security. Every year, the Artifacts Competition and Impact Award honours software frameworks and tools that enable significant advances in research and practice. Invited projects undergo a rigorous review by experts from academia and industry.
The TLS-Attacker is an open source framework for analysing and evaluating security protocols, in particular the Transport Layer Security (TLS) protocol, which plays an essential role in secure communication on the Internet. The tool has been developed in collaboration with Ruhr University Bochum, the Technology Innovation Institute Abu Dhabi and Hackmanit GmbH for over ten years and is used internationally to uncover vulnerabilities in encryption protocols. These include major protocol vulnerabilities such as Raccoon and ALPACA as well as various implementation errors, including padding oracles, which have affected numerous TLS libraries.
Felix Lange, Niklas Niere, Sven Hebrok, Juraj Somorovsky, Nico Heitmann and Maximilian Radoy are behind the development of the TLS attacker at Paderborn University. They have contributed significantly to the continuous improvement of the framework. Their tool has been recognised not only in science, but also in industry.
The joy about the award is correspondingly great. "From my point of view, this is the most important award I have received in my career. It is an incredible recognition of our years of work and the influence that the TLS Attacker has had in research and industry," explains Prof Dr Juraj Somorovsky, one of the leading minds behind the development of the framework.
With this success, Paderborn University emphasises its outstanding role in IT security research and shows that academic developments can provide decisive impetus for practical applications. Congratulations to the entire team!
