State-Machine-Learning of IPsec IKE


Betreuer: Marcus Brinkmann, Dennis Felsch, Robert Merget

Beginn: Jederzeit

Weitere Details:


After the publication of the QUIC protocol and during the subsequent discussions on TLS 1.3, the IT security research community has made big advances in the understanding of real-world cryptographic handshake protocols. These advances both concern the interaction of cryptographic primitives, the state machines involved, and security requirements for implementations. However, most of this work was dedicated to TLS and related protocols like QUIC. Other handshake protocols like IPsec IKE could not yet profit from the advances made in the state-of-the art.

The goal of this thesis is to extract state machines of common IPsec implementations with our state machine learning tool and to find security issues based on the extracted state machines.


  • Erfolgreiche Teilnahme an den Netzsicherheit 1/2 Vorlesungen
  • Sehr gute Programmierkenntnisse in Java
  • Kenntnisse im Umgang mit Git und Maven sind von Vorteil, aber nicht notwendig