Hannes Hartenstein

Bio: Hannes Hartenstein is an academic researcher from Karlsruhe Institute of Technology. The author has contributed to research in topics: Vehicular ad hoc network & Wireless ad hoc network. The author has an hindex of 55, co-authored 234 publications receiving 14515 citations. Previous affiliations of Hannes Hartenstein include University of Mannheim & University of Freiburg.

Matrix Decomposition: Analysis of an Access Control Approach on Transaction-based DAGs without Finality

Abstract: The Matrix message-oriented middleware (see https://matrix.org) is gaining momentum as a basis for a decentralized, secure messaging system as shown, for example, by its deployment within the French government and by the Mozilla foundation. Thus, understanding the corresponding access control approach is important. This paper provides an ab- straction and an analysis of the access control approach followed by Matrix. We show that Matrix can be seen as a form of Distributed Ledger Technology (DLT) based on Transaction-based Directed Acyclic Graphs (TDAGs). TDAGs connect individual transactions to form a DAG, instead of collecting transactions in blocks as in blockchains. These TDAGs only provide causal order, eventual consistency, and no finality. However, unlike conventional DLTs, Matrix does not aim for a strict system-wide consensus. Thus, there is also no guarantee for a strict consensus on access rights. By de- composition of the Matrix approach, we show that a sound decen- tralized access control can be implemented for TDAGs in general, and for Matrix in particular, despite those weak guarantees. In ad- dition, we discovered security issues in popular implementations and emphasize the need for a formal verification of the employed conflict resolution mechanism.

On the Inverse Problem of Fractal Compression

Abstract: The inverse problem of fractal compression amounts to determining a contractive operator such that the corresponding fixed point approximates a given target function. The standard method based on the collage codingstrategy is known to represent a suboptimal method. Why does one not search for optimal fractal codes? We will prove that optimal fractal coding, when considered as a discrete optimization problem, constitutes an NP-hard problem, i.e., it cannot be solved in a practical amount of time. Nevertheless, when the fractal code parameters are allowed to vary continuously, we show that one is able to improve on collage coding by fine-tuning some of the fractal code parameters with the help of differentiate methods. The differentiability of the attractor as a function of its luminance parameters is established. We also comment on the approximating behavior of collage coding, state a lower bound for the optimal attractor error, and outline an annealing scheme for improved fractal coding.

Towards performance evaluation of conservative distributed discrete-event network simulations using second-order simulation

Abstract: Whether a given simulation model of a computer network will benefit from parallelization is difficult to determine in advance, complicated by the fact that hardware properties of the simulation execution environment can substantially affect the execution time of a given simulation. We describe SONSim, an approach to predict the execution time based on a simulation of an envisioned distributed network simulation (second-order simulation). SONSim takes into account both network model characteristics and hardware properties of the simulation execution environment. To show that a SONSim prototype is able to predict distributed performance with acceptable accuracy, we study three reference network simulation models differing fundamentally in topology and levels of model detail - simple topologies comprised of interconnected subnetworks, peer-to-peer networks and wireless networks. We evaluate the performance predictions for multiple configurations by comparing predictions for the three reference network models to execution time measurements of distributed simulations on physical hardware using both Ethernet and InfiniBand interconnects. In addition, utilizing the freedom to vary simulation hardware and model parameters in the second-order simulation, we demonstrate how SONSim can be used to identify general model characteristics that determine distributed simulation performance.

bwIDM – Federated Access to IT-Based Services at the Universities of the State of Baden-Württemberg

Abstract: The use and provisioning of services across organizations has not only gained momentum in the business web, but also in academic environments. For instance, in the state of Baden-Wurttemberg, national and state-funded cluster computing resources, operated by a single university, have to be accessible by the users of other universities as well. Two avoid that users have to create and maintain dedicated accounts at each organization, the concept of federated identity management (FIM) can be applied. FIM allows users to use a single identity at their home organization to access services that are operated by other organizations. In this paper, we survey major requirements that need to be considered when establishing such a federation and its technical platform. Furthermore, we show how the bwIDM project established a FIM platform for the state of Baden-Wurttemberg that matches the requirements and that is based on the Security Assertion Markup Language (SAML) standard. In particular, we outline bwIDMs approach on how to integrate non web-based services with SAML federations.

Random graphs

Abstract: We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

Spray and wait: an efficient routing scheme for intermittently connected mobile networks

Abstract: Intermittently connected mobile networks are sparse wireless networks where most of the time there does not exist a complete path from the source to the destination. These networks fall into the general category of Delay Tolerant Networks. There are many real networks that follow this paradigm, for example, wildlife tracking sensor networks, military networks, inter-planetary networks, etc. In this context, conventional routing schemes would fail.To deal with such networks researchers have suggested to use flooding-based routing schemes. While flooding-based schemes have a high probability of delivery, they waste a lot of energy and suffer from severe contention, which can significantly degrade their performance. Furthermore, proposed efforts to significantly reduce the overhead of flooding-based schemes have often be plagued by large delays. With this in mind, we introduce a new routing scheme, called Spray and Wait, that "sprays" a number of copies into the network, and then "waits" till one of these nodes meets the destination.Using theory and simulations we show that Spray and Wait outperforms all existing schemes with respect to both average message delivery delay and number of transmissions per message delivered; its overall performance is close to the optimal scheme. Furthermore, it is highly scalable retaining good performance under a large range of scenarios, unlike other schemes. Finally, it is simple to implement and to optimize in order to achieve given performance goals in practice.

Dedicated Short-Range Communications (DSRC) Standards in the United States

Abstract: Wireless vehicular communication has the potential to enable a host of new applications, the most important of which are a class of safety applications that can prevent collisions and save thousands of lives. The automotive industry is working to develop the dedicated short-range communication (DSRC) technology, for use in vehicle-to-vehicle and vehicle-to-roadside communication. The effectiveness of this technology is highly dependent on cooperative standards for interoperability. This paper explains the content and status of the DSRC standards being developed for deployment in the United States. Included in the discussion are the IEEE 802.11p amendment for wireless access in vehicular environments (WAVE), the IEEE 1609.2, 1609.3, and 1609.4 standards for Security, Network Services and Multi-Channel Operation, the SAE J2735 Message Set Dictionary, and the emerging SAE J2945.1 Communication Minimum Performance Requirements standard. The paper shows how these standards fit together to provide a comprehensive solution for DSRC. Most of the key standards are either recently published or expected to be completed in the coming year. A reader will gain a thorough understanding of DSRC technology for vehicular communication, including insights into why specific technical solutions are being adopted, and key challenges remaining for successful DSRC deployment. The U.S. Department of Transportation is planning to decide in 2013 whether to require DSRC equipment in new vehicles.

PORs: Proofs of Retrievability for Large Files

Abstract: In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.

Securing vehicular ad hoc networks

Abstract: Vehicular networks are very likely to be deployed in the coming years and thus become the most relevant form of mobile ad hoc networks. In this paper, we address the security of these networks. We provide a detailed threat analysis and devise an appropriate security architecture. We also describe some major design decisions still to be made, which in some cases have more than mere technical implications. We provide a set of security protocols, we show that they protect privacy and we analyze their robustness and efficiency.