Recent Publications

More Publications

(2019). Adversary Models for Mobile Device Authentication.

(2018). Investigating the impact of network security on the line current differential protection system. The Journal of Engineering.


(2018). Design, Implementation, and Evaluation of Secure Communication for Line Current Differential Protection Systems over Packet Switched Networks. International Journal of Critical Infrastructure Protection.


(2018). Mobile Match-on-Card Authentication Using Offline-Simplified Models with Gait and Face Biometrics. IEEE Transactions on Mobile Computing.


(2018). Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems.


(2018). Wie sicher ist die schöne, neue und vernetzte Welt?. Automatisierung: Wechselwirkung mit Kunst, Wissenschaft und Gesellschaft.

(2017). Smartphone-based Gait Recognition: From Authentication to Imitation. IEEE Transactions on Mobile Computing (IEEE TMC).


(2017). ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices. IEEE Transactions on Mobile Computing (IEEE TMC).


(2016). Accelerometer based Gait Recognition using Adapted Gaussian Mixture Models. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016).


Presentations & Talks

Recent Posts

More Posts

Disclaimer This web page is written primarily in English, but uses German words originating from the Austrian law. There seems to be little point in artificially translating these terms when they are special definitions of a law written in German. I have tried to explain the terms when I first use them - if something is unclear, feel free to send me an email. Introduction Since the beginning of 2000, the Austrian government has begun introducing its digital signature scheme in form for the so called “Bürgerkarte”.


How to set up an OpenWRT router/gateway as an IPsec/L2TP gateway for Andoid and iPhone clients The only “reasonable” (that is, not counting PPTP due to its known security issues) VPN protocol supported by default on non-rooted / non-jailbroken Android / iPhone phones as clients is the combination of IPsec and L2TP. Most probably, this was chosen due to its out-of-the-box support by newer Windows clients and MacOS/X as well.


Introduction After (again) suffering under KMail’s recent sluggishness when dealing with my email spool and general Eclipse slowness when run with many plugins (such as the excellent Android ADT or the still-to-mature Scala plugin), I decided that the best update for my Lenovo Thinkpad X201s laptop would be a solid state disk (SSD). Some preliminary web article research yielded the Crucial C300 256GB as one candidate with near top-level performance and reasonable pricing.


USB sticks become increasingly common to carry around. When one keeps confidential data on such an USB medium, it should be protected against loss (and it should also be possible to use it for transferring files to and from an untrusted machine, just for convenience). An encrypted container that is usable under Windows XP, (Vista, ) Windows 7, and Linux as a virtual drive is a good way to do that.


Introduction After some work on getting the Austrian Bürgerkarte to work under Linux, I have now decided to acquire some know-how about using more general smart cards under Linux. After some quick research, the Aladdin smart cards seem to be supported fairly well, so I ordered a bunch of different types. This page details how to make them work (my principal systems are running Debian or Ubuntu, but most should be applicable to any Linux distribution).



A selection of personal research and development projects I worked on either alone or as the main contributor. Larger academic projects I managed are linked to their respective web sites.


Context authentication

[Finished Jan. 2008] Research into context-based device-to-device authentication.

Context prediction

[Finished Nov. 2004] PhD project on predicting mobile user context


[Finished Sept. 2014] Open source Ubiquitous Authentication Toolkit


[Finished Jan. 2008] Relative spatial positioning


[Finished] Enabling IPv6 address privacy on Android devices.

Gibraltar firewall

[Finished/closed] A Linux firewall/UTM distribution with read-only root file system.

JKU Tor exit node

[Running] High-bandwidth Tor exit node at JKU/INS for research on use of anonymization

Josef Ressel Center u'smile

[Finished Sept. 2017] Research Center for User-friendly Secure Mobile Environments

Android Exploit Framework

[Finished] Android on-device permanent root exploit framework


[Finished/stopped] A personal Dropbox replacement based on Git

Private Notes

[Finished] Cross-platform end-to-end encrypted note-taking app


[Finished] Package to support building Linux live-booting CDs

Squid filter patches

[Finished] Filtering patches for Squid proxy