Name: Prof. Dr. Johannes Bauer
Age: 40 years
Current residence: Region Mannheim/Heidelberg, Germany
Email: My email address
I prefer encrypted communication:
  • My GnuPG public key. My key ID is f6ff8fa3, the key fingerprint 6f95ad475aec5feb71c4c640fcbd146df6ff8fa3. Valid until 2026-12-06, i.e. for about 3 years.
Note: HTML mail is directly forwarded to /dev/null.
Education: Ph.D. in Computer Science
Current occupation: Working at Cooperative State University Mannheim (DHBW Mannheim) in Mannheim, Germany for about 2 years
References:
Technical competencies:
  • In-depth security knowledge about applied cryptography, vulnerability assessment of hardware and software, Transport Layer Security (TLS), Public Key Infrastructure (PKI; e.g., X.509 certificate hierarchies, CV-certificates, OCSP, CRL), cryptographic hardware engines and custom hardware security modules (HSM, TPM), ASN.1, PKCS#15 smart cards, PKCS#11 interfaces, custom security-enabled MCUs and secure boot on Linux (e.g., dm-integrity, dm-verity), TrustZone implementation of HSMs in ARM trusted execution environment (OP-TEE), side channel analysis (timing attacks or differential power analysis), state-of-the-art crypto (e.g. TLSv1.3, Argon2, Curve25519, Ed448, ChaCha20-Poly1305, etc.)
  • RFID transponder analysis and implementation (primarily 13.56 MHz based), in particular with the MIFARE family (Classic, Plus, DESFire EV1) as well as experience of implementing Java applets using JCop on SmartMX
  • Penetration testing expertise with all the usual fun toys: Rapid7 Metasploit, IDA Pro, Nessus, Ghidra, Wireshark, ettercap, ratched, mitmproxy, nmap, aircrack-ng, etc.
  • Software development on Linux in C (system development, kernel development on x86_64, i686 and Cortex-A8, MCU programming)
  • Software development in Python
  • Software development on Linux in C++ (system development and MCU programming)
  • Software development in ECMAScript 6
  • Extensive embedded development experience (AVR and ARM Cortex-M0/3/4/7 on "bare" hardware, ARM Cortex-A7/53/72/8 using embedded Linux)
  • Administration of Linux infrastructure: bash, Apache, BIND, NFS, PostgreSQL, WireGuard, OpenVPN, OpenSSL, openssh, stunnel, iptables, QoS/tc, Postfix, Dovecot, uwsgi
  • Scripting language know-how (e.g. bash, awk)
  • Computer algebra systems SageMath and Maple
A picture that shows me

Curriculum Vitae

6'2022- Freelance security consulting for various customers (e.g., threat and risk analyses, cryptographic implementation evaluation and support, etc.)
1'2022- Employment as Professor of Computer Science at Cooperative State University Mannheim (DHBW Mannheim)
4'2018-12'2021 Employment as Principal Designated Engineer for the cyber security standards ETSI EN 303645 and UL MCV 1376 and IEC62443 (2-4, 3-3, 4-1, 4-2) at Underwriters Laboratories in Stuttgart
4'2016-3'2018 Employment as Product Security Officer (Senior Security Consultant) at Robert Bosch Smart Home GmbH in Stuttgart-Vaihingen
4'2012-11'2016 External Ph.D. student at the Department of Computer Science 1 (IT Security Infrastructure) of the Friedrich-Alexander-Universität Erlangen-Nürnberg. Graduation as Ph.D. of Computer Science with dissertation "On Inexpensive Methods for Improving Security of Embedded Systems — Kostengünstige Maßnahmen zur Erhöhung der Sicherheit eingebetteter Systeme". Supervisors Prof. Dr.-Ing. Felix Freiling and Prof. Dr.-Ing. habil Falko Dressler.
9'2009-4'2016 Employment as Software Developer and Security Consultant at Bosch Software Innovations GmbH in Immenstaad am Bodensee
8'2009 Exmatriculation from Universität Erlangen-Nürnberg. Graduation as "Diplom Informatiker (Univ.)" (M.Sc of Computer Science)
3'2009-8'2009 Work on diploma thesis with the topic of Constraint-Based Reverse Engineering and its Applications in Astrophysics
4'2008-4'2009 Work at the Department of Computer Science 7 at FAU (Department of Computer Networks and Communication Systems) as research assistant (HiWi). Working on the MonkIT Projekt for efficient, distributed monitoring, attack detection and event correlation. Instructor for exercise classes of the course Network Security (NetSec) in winter semester of 2008/2009
3'2007-9'2007 Work at the Department of Computer Science 4 of the FAU (Department of Operating Systems/Distributed Systems) as research assistant (HiWi). Instructor for exercise classes of the courses Software Systems 1 and SPIC: System Development in C)
9'2006-9'2007 Study thesis at the Department of Computer Science 4 of the FAU (Department of Operating Systems/Distributed Systems), working on KESO, a distributed multi-JVM for embedded systems. Main focus of the work (and title of the study thesis) is "An OSEK/VDX Compatible System API for Linux"
5'2006-8'2006 Work at the Department of Computer Science 4 of the FAU (Department of Operating Systems/Distributed Systems) as research assistant (HiWi). Instructor for exercise classes of the course Software Systems 1)
3'2006 Completion of the book "OpenVPN - Grundlagen, Konfiguration, Praxis" (OpenVPN - Basics, Configuration, In Practice) together with A. Liebscher and K. Thielking-Riechert
2005-2009 Main studies (Hauptstudium) of computer science at FAU Erlangen-Nürnberg, graduation as "Dipl. Inf Univ." (M.Sc.)
2003-2005 Basic studies (Grundstudium) of computer science at FAU Erlangen-Nürnberg, graduation with "Vordiplom"
2002-2003 Community service in the geriatric hospital Helios Klinik, Berching
2000-2002 Last two high school years (12th and 13th grade) and graduation with "allgemeiner Hochschulreife" at Willibald Gluck Gymnasium, Neumarkt i.d.Opf., Germany
1999-2000 11th grade of high school as an exchange student. Junior year at Mehlville Senior High School in St. Louis, Missouri, USA. Active work in the local facultative Robotics class, sponsored by NASA Langley and DaimlerChrysler. Role in the team as Chief of Programming and Chief of Electronics. Participation with our robot in the local and international competitions held by FIRST
1993-1999 High school 5th-10th grade