On Thursday, 10.11.2022, the winners of the 9th German IT Security Award were selected in Bochum. The first prize, endowed with 100,000 euros, was awarded to the concept “Simply Secure: A Toolbox for the Automated Creation of Protected Hardware” by HGI scientists David Knichel, Amir Moradi, Nicolai Müller and Pascal Sasdrich. Second place went to the team “Morphing Attack Detection (MAD)” by Christoph Busch, Christian Rathgeb, Ulrich Scherhag, Daniel Fischer, Siri Lorenz and Juan Tapia. They were awarded 40,000 euros for their work. The concept “Carbyne Stack – An Open Source Secure Multiparty Computation Cloud Platform” by Sven Trieflinger, Sebastian Becker, Vadim Raskin, Volker Suschke, Vincent Rieder, Jared Weinfurtner and Hanna Modica was awarded 20,000 euros for third place. The German IT Security Award has been presented by the Horst Görtz Foundation since 2006 and is one of the most prestigious awards in the industry.

“The prize winners have developed convincing and innovative solutions at a high level for an important IT security problem, and have presented a convincing plan on how they intend to make these innovations accessible to the market, thus to the real world,” said Prof. Michael Waidner (ATHENE), chairman of the jury, explaining the decision for the prize winners. The plaque, designed by artist Reinhard Doubrawa, was presented at the event centre of the Ruhr University Bochum. “We are really surprised,” said award winner Prof. Amir Moradi happily after receiving the award. “Especially for the doctoral students, who are still at the beginning of their research careers, this is a complete success. I am very proud of the whole team.”

Simple security for hardware elements
With their concept, the winners want to contribute to the security of hardware circuits. Security-relevant hardware is used in almost all devices that make up our digital everyday life. For example, the EC card is equipped with a chip based on cryptographic hardware. Criminals can gain access to sensitive data on the card by using a so-called side-channel attack, through which they can obtain information on cryptographic keys in order to ultimately break them. “Designing side-channel resistant circuits requires a lot of expertise, time and money,” Waidner explains in his laudation. “Most circuits, therefore, do not use side-channel resistance. The award winners developed a series of tools with which circuits can be efficiently analysed and verified with regard to their security against side-channel attacks on the one hand, and with which they can be made resistant to side-channel attacks in a fully automated way on the other hand,” says Waidner. The team is making these tools available via Git Hub for research and teaching purposes and should help developers in companies to easily design secure hardware circuits in the future.

Detection methods for morphing attacks
The concept “Morphing Attack Detection (MAD)” of the second place winning team focuses on so-called morphing attacks. These are increasingly used by criminals to manipulate passports as documents for identification control: They morph an image in order to apply for a passport with it – and thus have created a false identity. In automated facial recognition, such as that used at airports, these morph passports often go unnoticed. “Morphing Attack Detection (MAD)” is a detection method that uses a combination of features from textures, noise patterns or geometries in a photo to identify these morph passports.
The project “Carbyne Stack – An Open Source Secure Multiparty Computation Cloud Platform” builds on cloud-native technologies that enable end-to-end encryption of data through secure multiparty computation. Companies can use the service to securely outsource computation with sensitive data.

A total of 54 submissions

A total of 54 concepts from scientists and IT security experts from all over Germany were submitted for the award. The ten finalists presented their concepts in a poster session during the event before the jury finally announced the winners.
On the occasion of the award ceremony of the 9th German IT Security Award, the patron of the event, Nancy Faeser, Federal Minister of the Interior and Home Affairs, addressed the guests in a video message. “The threat situation in cyberspace is growing every day,” the minister warned in her address. A multifaceted view of IT security is needed, especially against the backdrop of the changing times and hybrid threats. Scientists contribute to this by building bridges between innovations and research, as well as industry and start-ups.

Interior Minister Faeser wants to strengthen cybersecurity research

In her message, Faeser found clear words on the political strategy of the Federal Government: “We must and want to strengthen cybersecurity research. We want to further strengthen digital sovereignty through good and close cooperation between applications and research and also secure it in the future.” In this spirit, the Federal Minister of the Interior warmly congratulated the winners.

The German IT Security Award pursues the goal of particularly promoting IT security concepts and solutions “made in Germany” and thus contributing to strengthening the innovative power of the German economy. “I would like to see a clever idea for IT security in Germany that enables companies to stay one step ahead of the hackers,” said Horst Görtz, who had travelled especially to the award ceremony. He is convinced that IT security in Germany is highly developed. “But IT security is only as good as those who use it,” he added.

Bitkom cybersecurity innovation conference with exciting discussions

In the run-up to the award ceremony, the industry association Bitkom had organised the 2nd Cybersecurity Innovation Conference in cooperation with Fraunhofer SIT I ATHENE, Digital Hub and Ruhr University Bochum, Horst Görtz Institute for IT Security and Cube 5. At the digital conference in the morning, participants were able to follow exciting panels on IT security topics online. Among others, Dr. Markus Richter, State Secretary at the Federal Ministry of the Interior and for Home Affairs and Federal Government Commissioner for Information Technology (CIO Bund) spoke. In the afternoon programme, which was broadcast live from Bochum, Rainer Baumgart (Secunet), Prof. Angela Sasse (HGI), Thomas Caspers (BSI) and General Setzer (CISO BW) discussed the topic of “Innovation in and for Germany as a cyber security location”.