Navigation

Jonas Röckl, M. Sc.

Security Researcher

Department of Computer Science
Chair of Computer Science 1 (IT Security Infrastructures)

Room: Room 12.136
Martensstr. 3
91058 Erlangen

I studied computer science at FAU Erlangen-Nürnberg and ETH Zürich.
I hold a M.Sc. (with distinction) from FAU Erlangen-Nürnberg.
Currently, I am a PhD candidate in Tilo‘s system security and software protection group.
My research interests are focused on IT security, software isolation, systems programming, virtualization techniques, and cloud computing.

Open Theses (Bachelor / Master) and Projects

If you are enrolled as a computer science student at FAU, I can directly supervise your thesis. Note that not all available open theses may be publicly advertised. You can always write a kind email containing some information about you to jonas.roeckl@fau.de and we’ll chat for available options.

Preferable Type: Bachelor Thesis, it may be possible to convert to a Master Thesis or Master Project

Virtualization on the level of the OS (‘containerization’, ‘Docker’) has emerged as a popular application delivery model for both cloud computing and embedded platforms. Compared to system-level virtualization (‘Virtual Machines’), containers are considered to be less secure as a significant subset of the host’s system call interface with over 300 system calls is exposed to the container. Therefore, an exploitable vulnerability in the host OS may be enough to compromise the entire host system.

Nowadays, every nuance of a compromise between system virtualization and OS-level virtualization is researched. On the one hand, there are specialized hypervisors for so-called MicroVMs (e.g. Firecracker [1]) claiming to be almost as lightweight as containers. On the other hand, approaches like gVisor [2] implement an OS kernel in the userspace of the host. The system calls of a container are then redirected and processed by the user-level kernel, narrowing down the attack surface to significantly fewer system calls.

While benchmarks were conducted for the AMD64 architecture [3][4], there is a lack of comparable studies for the ARMv8-A architecture. The performance results of the AMD64 benchmarks cannot be transferred to ARMv8-A because of differences in the hardware support for system virtualization in particular and the architecture’s exception model in general [5]. Thus, this thesis aims to conduct a comparative performance evaluation of user-level OS kernels and MicroVMs on recent ARMv8-A hardware.

Prerequisites:

  • Proficient use of the Linux command line is required
  • Basic understanding of system virtualization techniques
  • Some experience with build systems (make, cmake) and using compilers is helpful
  • Experience with Docker is helpful
  • Willingness to learn and read source code and literature
  • Ability to read publications in the English language

[1] https://github.com/firecracker-microvm/firecracker

[2] https://gvisor.dev/

[3] Caraza-Harter, Tyler, and Michael M. Swift. “Blending containers and virtual machines: a study of firecracker and gVisor.” Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments. 2020.

[4] Young, Ethan G., et al. “The true cost of containing: A gVisor case study.” 11th {USENIX} Workshop on Hot Topics in Cloud Computing (HotCloud 19). 2019.

[5] https://developer.arm.com/documentation/102412/0100/Privilege-and-Exception-levels

Preferable Type: Bachelor Thesis, it may be possible to convert to a Master Thesis or Master Project

The attack surface of a network stack is non-trivial, yet the network stack is often to be found in the kernel-space of contemporary general-purpose operating systems like Linux. However, one can move the complete network stack including the drivers to the user space by relying on techniques like VFIO. Over the last years, userspace drivers for AMD64-based machines targeting high-throughput NICs have been implemented [1] in various programming languages, including Rust [2]. From a security perspective, a Rust-based network stack is particularly interesting. This is because Rust is a memory-safe language, which can render some potential attack vectors (e.g. buffer and heap overflow) impossible. The goal of this thesis is the implementation of a NIC driver on the ARMv8-A architecture in userspace to research the similarities and differences of user-level network drivers on AMD64. Finally, the performance of user-level network drivers on ARMv8-A is evaluated.

Prerequisites:

  • Proficient use of the Linux command line is required
  • Basic understanding of the Rust programming language (or willingness to learn)
  • Basic understanding of system virtualization techniques and VFIO (or willingness to learn)
  • Basic understanding of OS development, drivers, and kernels (or willingness to learn)
  • Experience with network protocol development is helpful

[1] Emmerich, Paul, et al. “User space network drivers.” 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). IEEE, 2019.

[2] https://github.com/ixy-languages/ixy.rs

Preferable Type: Bachelor Thesis / Master Thesis

Remote Attestation [1] is a widespread technique to prove to an entity the trustworthiness of a peer. By relying on remote attestation, a software company is able to identify unauthorized changes of software, including adversaries tampering with the software. Based on cryptographic operations, a so-called “chain of trust” assures the integrity of the system’s components. Usually, the root of trust is implemented in hardware, e.g. by relying on a TPM [2] or DICE [3]. However, a hardware root-of-trust can be extended in software in order to realize powerful remote attestation guarantees. For example, Huber et al. propose DICE++ [4], which allows secure identity re-association between updates of early-boot components. This thesis aims at the conception, implementation, and evaluation of advanced remote attestation techniques for an ARMv8-A development platform. A minimal boot loader for ARMv8-A is to be developed using the Rust programming language, providing the framework for advanced remote attestation features. Building upon, a chain of trust is set up and remote attestation techniques are implemented.

Prerequisites:

  • Proficient use of the Linux command line is required
  • Very good understanding of low-level systems programming techniques
  • Basic understanding of the Rust programming language (or willingness to learn)
  • Basic understanding of cryptographic protocols
  • Willingness to learn and read source code and literature

[1] https://tools.ietf.org/id/draft-birkholz-rats-architecture-03.html

[2] https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.16.pdf

[3] https://trustedcomputinggroup.org/work-groups/dice-architectures/

[4] Manuel Huber, Stefan Hristozov, Simon Ott, Vasil Sarafov, and Marcus Peinado. 2020. The Lazarus Effect: Healing Compromised Devices in the Internet of Small Things. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS ’20). Association for Computing Machinery, New York, NY, USA, 6–19. DOI:https://doi.org/10.1145/3320269.3384723

Preferable Type: Bachelor Thesis / Master Thesis

Secure boot [1] is a widespread technique to prevent the loading of malicious code (e.g. rootkits) at high levels of system privilege during the system boot process. By relying on cryptographic operations, a bootloader or the operating system is only booted if the integrity of the binary can be proven in advance. Otherwise, the system halts and manual intervention is necessary. This thesis aims at the extension of secure boot. The boot process is confirmed by a third party before the device is allowed to continue with the boot process, similar to [2]. In contrast to remote attestation [3], the device is not allowed to continue with the boot process without a prior acknowledgment of a third party. However, for communication with a third party, a network stack is required. The attack surface of a network stack is not trivial. Therefore, the network stack has to be adequately isolated. This thesis aims at the conception, implementation, and evaluation of such a system for an ARMv8-A development platform.

Prerequisites:

  • Proficient use of the Linux command line is required
  • Very good understanding of low-level systems programming techniques
  • Basic understanding of the Rust programming language (or willingness to learn)
  • Basic understanding of cryptographic protocols
  • Willingness to learn and read source code and literature

[1] https://wiki.debian.org/SecureBoot

[2] M. Xu et al., “Dominance as a New Trusted Computing Primitive for the Internet of Things,” 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2019, pp. 1415-1430, doi: 10.1109/SP.2019.00084.

[3] https://en.wikipedia.org/wiki/Trusted_Computing#Remote_attestation

A list of further open theses at the IT security infrastructures lab can be found here.

Vacancies

If you are interested in IT security, systems programming, virtualization techniques, or cloud computing, we may be able to offer you a part-time position as wissenschaftliche Hilfskraft or wissenschaftliche Hilfskraft mit Bachelorabschluss. This, of course, depends on your individual skillset and experience.
For more information, write a friendly email to jonas.roeckl@fau.de.

Publications

2019

Email Signature, S/MIME

You can use the following S/MIME certificate to verify that an email was actually sent by me. More information on S/MIME can be found here.

Serial Number 24:70:66:93:2E:6C:43:76:04:DA:23:40
SHA1 Fingerprint 27:B8:BD:7B:EE:9B:56:23:6A:31:31:5B:AC:AF:CE:69:1F:4C:FB:81
SHA256 Fingerprint 2A:E7:48:0B:A1:2E:2D:B3:E4:0A:7E:6A:31:9E:03:6D:94:EA:6E:25:94:0A:C5:77:B7:9A:F1:61:36:85:A0:2A
Issuer DFN-Verein Global Issuing CA > DFN-Verein Certification Authority 2 > T-TeleSec GlobalRoot Class 2

-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIMJHBmky5sQ3YE2iNAMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx
MDMxNjE3MjEwOVoXDTI0MDMxNTE3MjEwOVowgacxCzAJBgNVBAYTAkRFMQ8wDQYD
VQQIDAZCYXllcm4xETAPBgNVBAcMCEVybGFuZ2VuMTwwOgYDVQQKDDNGcmllZHJp
Y2gtQWxleGFuZGVyLVVuaXZlcnNpdGFldCBFcmxhbmdlbi1OdWVybmJlcmcxDzAN
BgNVBAQMBlJvZWNrbDEOMAwGA1UEKgwFSm9uYXMxFTATBgNVBAMMDEpvbmFzIFJv
ZWNrbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5KTRtlNqK/Jfpw
znP1KJ7jTqIkoRpyRSL9SyAEjQnQXMxFJ4RWnMcGekHnhACrILGfg895ipmWxFWp
XOL5pGo8rOvUR0Si4J5Eti7ZnkCwwm9Jd6sPRwlBDNaJf6HJrysmV59DD03W/T6v
D5UOHPDlWl6A97uGnFYbc0OjOHodq3B6oXNBsVbBCt35QFBurVJrL9ncXmE+OVVm
I3c4Pm94fLvQUWUxkeJV/0eAD27yuvw7h8s2qZpqmOl/AM5IjDtsMGDzsT5oIrWT
PGquC2IY1GmLuhlkRzbwMuwdQeWxSYME1bgxX3Pk74We+wgVqaHkFlEiWwNuy8gB
kBT9lEMCAwEAAaOCAkwwggJIMD4GA1UdIAQ3MDUwDwYNKwYBBAGBrSGCLAEBBDAQ
Bg4rBgEEAYGtIYIsAQEECDAQBg4rBgEEAYGtIYIsAgEECDAJBgNVHRMEAjAAMA4G
A1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYD
VR0OBBYEFGeMxTFpLyaPGaqDjBUo0jLTu0TlMB8GA1UdIwQYMBaAFGs6mIv58lOJ
2uCtsjIeCR/oqjt0MB4GA1UdEQQXMBWBE2pvbmFzLnJvZWNrbEBmYXUuZGUwgY0G
A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2Et
Z2xvYmFsLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMD+gPaA7hjlodHRwOi8vY2RwMi5w
Y2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwgdsG
CCsGAQUFBwEBBIHOMIHLMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZu
LmRlL09DU1AtU2VydmVyL09DU1AwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAxLnBj
YS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQw
SQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2Jh
bC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEBAEHp
ianYKVlMoVkBRYSBVnZbcxKjml52iuCMFPwLIUdvg+87zk7mWWAya1me8L9IQwW6
toO+27rd2y7jYwyHKOJkSBFYn2fyqtUZjesP0O+8o5Ou4Yu6exeuIKA8Y57ao/EN
U10Q+qeNvsSxV4aMIbZPTJ+ziyYgSlOG7XEt31NHHDZ3AKmrzVawWHM3gocPoCim
tiqmX8zLfEKXhXHlLtri56AThKJRCikdZ9aBj4dJHc5NL3Ra+anCozIKdkyhC9RY
RGwwMGJ7STqtd3FpI4I+FxWG7fh77X5LFOWT6Qi4xjfXDXCqe8vWK3yn0gjye2wF
dBW3VsLCmzSFFKbcAoc=
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgIMJHBmky5sQ3YE2iNAMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVzIERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4tUEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIxMDMxNjE3MjEwOVoXDTI0MDMxNTE3MjEwOVowgacxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm4xETAPBgNVBAcMCEVybGFuZ2VuMTwwOgYDVQQKDDNGcmllZHJpY2gtQWxleGFuZGVyLVVuaXZlcnNpdGFldCBFcmxhbmdlbi1OdWVybmJlcmcxDzANBgNVBAQMBlJvZWNrbDEOMAwGA1UEKgwFSm9uYXMxFTATBgNVBAMMDEpvbmFzIFJvZWNrbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5KTRtlNqK/JfpwznP1KJ7jTqIkoRpyRSL9SyAEjQnQXMxFJ4RWnMcGekHnhACrILGfg895ipmWxFWpXOL5pGo8rOvUR0Si4J5Eti7ZnkCwwm9Jd6sPRwlBDNaJf6HJrysmV59DD03W/T6vD5UOHPDlWl6A97uGnFYbc0OjOHodq3B6oXNBsVbBCt35QFBurVJrL9ncXmE+OVVmI3c4Pm94fLvQUWUxkeJV/0eAD27yuvw7h8s2qZpqmOl/AM5IjDtsMGDzsT5oIrWTPGquC2IY1GmLuhlkRzbwMuwdQeWxSYME1bgxX3Pk74We+wgVqaHkFlEiWwNuy8gBkBT9lEMCAwEAAaOCAkwwggJIMD4GA1UdIAQ3MDUwDwYNKwYBBAGBrSGCLAEBBDAQBg4rBgEEAYGtIYIsAQEECDAQBg4rBgEEAYGtIYIsAgEECDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFGeMxTFpLyaPGaqDjBUo0jLTu0TlMB8GA1UdIwQYMBaAFGs6mIv58lOJ2uCtsjIeCR/oqjt0MB4GA1UdEQQXMBWBE2pvbmFzLnJvZWNrbEBmYXUuZGUwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMD+gPaA7hjlodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwgdsGCCsGAQUFBwEBBIHOMIHLMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZuLmRlL09DU1AtU2VydmVyL09DU1AwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEBAEHpianYKVlMoVkBRYSBVnZbcxKjml52iuCMFPwLIUdvg+87zk7mWWAya1me8L9IQwW6toO+27rd2y7jYwyHKOJkSBFYn2fyqtUZjesP0O+8o5Ou4Yu6exeuIKA8Y57ao/ENU10Q+qeNvsSxV4aMIbZPTJ+ziyYgSlOG7XEt31NHHDZ3AKmrzVawWHM3gocPoCimtiqmX8zLfEKXhXHlLtri56AThKJRCikdZ9aBj4dJHc5NL3Ra+anCozIKdkyhC9RYRGwwMGJ7STqtd3FpI4I+FxWG7fh77X5LFOWT6Qi4xjfXDXCqe8vWK3yn0gjye2wFdBW3VsLCmzSFFKbcAoc=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIHG2O60B4sPTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMCREUxRTBDBgNVBAoTPFZlcmVpbiB6dXIgRm9lcmRlcnVuZyBlaW5lcyBEZXV0c2NoZW4gRm9yc2NodW5nc25ldHplcyBlLiBWLjEQMA4GA1UECxMHREZOLVBLSTEtMCsGA1UEAxMkREZOLVZlcmVpbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTE2MDUyNDExMzg0MFoXDTMxMDIyMjIzNTk1OVowgY0xCzAJBgNVBAYTAkRFMUUwQwYDVQQKDDxWZXJlaW4genVyIEZvZXJkZXJ1bmcgZWluZXMgRGV1dHNjaGVuIEZvcnNjaHVuZ3NuZXR6ZXMgZS4gVi4xEDAOBgNVBAsMB0RGTi1QS0kxJTAjBgNVBAMMHERGTi1WZXJlaW4gR2xvYmFsIElzc3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdO3kcR94fhsvGadcQnjnX2aIw23IcBX8pX0to8a0Z1kzhaxuxC3+hq+B7i4vYLc5uiDoQ7lflHn8EUTbrunBtY6C+li5A4dGDTGY9HGRp5ZukrXKuaDlRh3nMF9OuL11jcUs5eutCp5eQaQW/kP+kQHC9A+e/nhiIH5+ZiE0OR41IX2WZENLZKkntwbktHZ8SyxXTP38eVC86rpNXp354ytVK4hrl7UF9U1/Isyr1ijCs7RcFJD+2oAsH/U0amgNSoDac3iSHZeTn+seWcyQUzdDoG2ieGFmudn730Qp4PIdLsDfPU8o6OBDzy0dtjGQ9PFpFSrrKgHy48+enTEzNAgMBAAGjggIFMIICATASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjApBgNVHSAEIjAgMA0GCysGAQQBga0hgiweMA8GDSsGAQQBga0hgiwBAQQwHQYDVR0OBBYEFGs6mIv58lOJ2uCtsjIeCR/oqjt0MB8GA1UdIwQYMBaAFJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwgd0GCCsGAQUFBwEBBIHQMIHNMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZuLmRlL09DU1AtU2VydmVyL09DU1AwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAgXhFpE6kfw5V8Amxaj54zGg1qRzzlZ4/8/jfazh3iSyNta0+x/KUzaAGrrrMqLGtMwi2JIZiNkx4blDw1W5gjU9SMUOXRnXwYuRuZlHBQjFnUOVJ5zkey5/KhkjeCBT/FUsrZpugOJ8Azv2n69F/Vy3ITF/cEBGXPpYEAlyEqCk5bJT8EJIGe57u2Ea0G7UDDDjZ3LCpP3EGC7IDBzPCjUhjJSU8entXbveKBTjvuKCuL/TbB9VbhBjBqbhLzmyQGoLkuT36d/HSHzMCv1PndvncJiVBby+mG/qkE5D6fH7ZC2Bd7L/KQaBh+xFJKdioLXUV2EoY6hbvVTQiGhONBg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIJAOML1fivJdmBMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMgR21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwcVC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjAeFw0xNjAyMjIxMzM4MjJaFw0zMTAyMjIyMzU5NTlaMIGVMQswCQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVzIERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4tUEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLYNf/ZqFBzdL6h5eKc6uZTepnOVqhYIBHFU6MlbLlz87TV0uNzvhWbBVVdgfqRv3IA0VjPnDUq1SAsSOcvjcoqQn/BV0YD8SYmTezIPZmeBeHwp0OzEoy5xadrg6NKXkHACBU3BVfSpbXeLY008F0tZ3pv8B3Teq9WQfgWi9sPKUA3DW9ZQ2PfzJt8lpqS2IB7qw4NFlFNkkF2njKam1bwIFrEczSPKiL+HEayjvigN0WtGd6izbqTpEpPbNRXK2oDL6dNOPRDReDdcQ5HrCUCxLx1WmOJfS4PSu/wI7DHjulv1UQqyquF5deM87I8/QJB+MChjFGawHFEAwRx1npAgMBAAGjggF0MIIBcDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJPj2DIm2tXxSqWRSuDqS+KiDM/hMB8GA1UdIwQYMBaAFL9ZIDYAeaCgImuM1fJh0rgsy4JKMBIGA1UdEwEB/wQIMAYBAf8CAQIwMwYDVR0gBCwwKjAPBg0rBgEEAYGtIYIsAQEEMA0GCysGAQQBga0hgiweMAgGBmeBDAECAjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vcGtpMDMzNi50ZWxlc2VjLmRlL3JsL1RlbGVTZWNfR2xvYmFsUm9vdF9DbGFzc18yLmNybDCBhgYIKwYBBQUHAQEEejB4MCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDAzMzYudGVsZXNlYy5kZS9vY3NwcjBIBggrBgEFBQcwAoY8aHR0cDovL3BraTAzMzYudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19HbG9iYWxSb290X0NsYXNzXzIuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCHC/8+AptlyFYt1juamItxT9q6Kaoh+UYu9bKkD64ROHk4sw50unZdnugYgpZi20wz6N35at8yvSxMR2BVf+d0a7Qsg9h5a7a3TVALZge17bOXrerufzDmmf0i4nJNPoRb7vnPmep/11I5LqyYAER+aTu/de7QCzsazeX3DyJsR4T2pUeg/dAaNH2t0j13s+70103/w+jlkk9ZPpBHEEqwhVjAb3/4ru0IQp4e1N8ULk2PvJ6Uw+ft9hj4PEnnJqinNtgs3iLNi4LY2XjiVRKjO4dEthEL1QxSr2mMDwbf0KJTi1eYe8/9ByT0/L3D/UqSApcb8re2z2WKGqK1chk5
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUdAqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiCFoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6IavqjnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZwI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhyNsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPACuvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVwIEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlPBSeOE6Fuwg==
-----END CERTIFICATE-----

Email Encryption, PGP

The following public key can be used to encrypt confidential emails that are sent to me.
More information on PGP can be found here. Information in German can be found here.

Fingerprint 5AFA 40DC 98F5 7C56 F5BF ED6B 36AB 8EAD EAF7 6EE9

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGBHzZ4BEADoiYoWb6iHjljQjAbpRbw/+6RhEdi1nRRVGSHXTTiplkAzvnim
1kTKW17XOxjnfGCvI66yfUZBl4OLTbXgNAPtA76fjRRk6dN9tl2uKPN/r59CDxmU
2CnFWrrJ64Ja3REVCYMy71/5sddw8fuWMznqBKzIVGBBPXsv3YGoV9EvbyUApi9p
zG4uwqE9GIioFL5f+SCcf9KupOoP0D5ueUgDpkDXIfPa5JewAqx7mVDS0STrnpGq
Xk6Gn5J2rz17SU+Kz81CYkDJ+qzpVXJDPSkbrI4RFatwP0XHSklUwPCVkM3U6i5/
BJrXEfPdpF1tHDXVSt2paPuNsJ+A0JzQujXvc7N+SVRi6KCJin5/YP8X2pE4oKB6
O8q7vCNyulp03n/HHDrhjWkhBKB8r5p7sn2YM8AnPHKNGig5PFxDZ6deL3p/ahvR
iVZrMVKWuCaWUW2GwSPX3cJoHDTU6vahuI4AUnuZJTousNvpU84MUeh3Pv637NN4
rx/p0OKYgkwWZeuDUxVZ20tor/LNxl9UEvmWntaH/4Jj+XCiV1m/44/wZbyWHu1l
sUFMhjokNQ+aLs+7JpG34VuxD43H7AOKBKRIj3ilv1tq32xz8468W9b9Gmek9XGO
McmEfF5IK2/njkVTRBBMcGkaQQeZv266ulRmwJEh9YR7mViaSFxgVAC7aQARAQAB
tCJKb25hcyBSw7Zja2wgPGpvbmFzLnJvZWNrbEBmYXUuZGU+iQJUBBMBCgA+FiEE
WvpA3Jj1fFb1v+1rNquOrer3bukFAmBHzZ4CGwMFCQlmAYAFCwkIBwIGFQoJCAsC
BBYCAwECHgECF4AACgkQNquOrer3bumIUA/+LAByEcEvxmpHB8kwyXPRqzR64a/Q
sa/TyDMt5wRidvvksfJL0AVsHRfLoUjShf0qQQgvPVmbh7329VseqFaTk9YpD3aq
Zkiu4UE7PLqJuahVAbWAjswuUi/r5ZI1M8QMr9qxU0q29vYU4Tiq1BiBUQpcOKcS
AZZx+wv3tb39hfwEup1zlv7JUJ5JmrKzzw8WSbaCEvm05kgYbnYyr7AYZZNqKC2N
49VIAb4lcs9CQK3TyVzUKWgjX+4M55Q6kRiIYeEV+f7YN6/xMrZmKkntBGNGyxNf
sRMqRO1QRozrT9teHiR39rev9xKw56mKOfuW0+HleIVh7ok1olcWtbtZOmE8hkCo
hwz7iPZ1SKDQIlsU+wGG5wf/gB1A+wjq+fGLbdt87MWK3tD+GqeTfTWB24iMFBsD
sGSuZgOQVggsGwHi6IMgd96X5DPV/MqA/CQPgF5KFzul29pJYrP6ccrUA9Rai1+T
hoy5o+ZlsKlvBbqWqcD3o+pXnts/V8JArmfPhL82O8oqdOyGgMc6c9s35fJSRKj5
TAcfoYWMKGgXl3mstdvgHQXRVMhzC/kmKCxhwlZ0ZFg6eFTnV4TQBxpUk9yeEoER
bGYjzrgdNlPMcmfrdlGAAJmfumpo6Qd+mV9EEW0ishscUzahI/eCGnpiJsM3AsEp
0tQ3snHLHsmXy0W5Ag0EYEfNngEQAMCHznfxLbWKSbKfLNqupNoCRlxI9L+MjRkT
P1FLnLFdPK0ypoaWrFARFEYdbMNEWpUVCTJXWeK6cifwoJlP6OTbSW/qON2dRS4Q
8xRWcyaCrUB9v8CHs/MFfkdW+wSdxkHTQZjww842rrjwgfKWyhLbHQ2E4ivX2qXu
DpvjLrTtASUvWy9ogaZA9Lfjel/4J0PxbSjc7+qkeyn7z2eC8xZCD0jt7QzwJQ5L
/1p3ttYS28l5YjFMf1GTJ9g5pMwD0fWDvCLqqnSji6v2QhbM3vyGy2tOAP63d4Qa
jp7yNC2R4YQ3AGnoGkApF8RqEKYlrtOVVI8hGao+JmqfvT5M4AwDWKdWmBJrkcuK
1/sN4bjmlf0THPjtnCYkKsjc3ieCpJMRS6nmPF7XQRblj3NAoSKM2OychVrZEk1o
PdhK0lq3/guhk1jH63A6OpgapBOcP0RchEtIe/v5s7B1d7ELzudVmPbpfLPQLUt4
0o9ru9CJOGzgRcmAMY+t9jlX8W9INJB/J6BHVwJKVCJahWmH/L3MK3Q8WYj3hi/g
WdHvsfGMZrJ+fWifGZbFT8cpVr6McIrZZx042mlDMN3mmMPJo88sf/zuGEqSC/8K
7U4pJ5a5kLcO7OqxIzcPLpgXJ52MpHobEIiyZufBGGczjWJmObwEwkdrARZE6QHX
rZTFJ+31ABEBAAGJAjwEGAEKACYWIQRa+kDcmPV8VvW/7Ws2q46t6vdu6QUCYEfN
ngIbDAUJCWYBgAAKCRA2q46t6vdu6d1AEADLqPyUciLCkvMtFfiuAz0LFt4kbbyt
qfUORB3Kgu/0QDLwfpw4ywKNL1zhPBchCae6PR96b6AD6WfumkFeaPFVi81gaHbW
yrcFHN0GcOQOozWMrQD1l/8LdaNsIQKn7J+dVaxmOOm0RwjHVsxg6EOBw5KU91I4
hdR0i/RxTi7kPjPEWmueB+12gUnAU2Ghcmn+XYLewRoN2f1Tmxsaf+DI4nsqb17J
Q4H/Qyu7ZIrpbgBrDpvGAtwD1mswEgd6gXFahZD1q4vEC2mKlPomsEe+Gssx1iJV
QaG5PyvjgTcigrhb+zn6pexsmOIHSjhZ8TGPxjKkLcypXOAznnLjbltY+mySOlZu
Behyr3yNtacoQ9NcprPM4zpafXWAr7OKGTQdwlCLFVLBtGrTSv2S2C5snvUNta3M
Dnrda8sXchp/YxvLtv2XEsUszhDdwsmcz+vNa3MQ9BPXSYzShTTzAySXlQcraHFG
+vZj4G2HwaGseLLW7l6hJDVCc5HNXcaVnQpmCos3BRUgUpTDZ/PnPufjhZYwIJ3B
aR01WgkOcnEWTq+G3yRab3ieD3MlfOPYYqJPQYSyooKYgfnstRFX5QsRkoZU3Hmp
I653THSF5Z8QCCCwViKEbos+1q1Fxos/RPz5F4nluKrT5OW+veP5awiDJWnfbGfG
NRDEXepwnm+uog==
=wbUK
-----END PGP PUBLIC KEY BLOCK-----