About

SBA Research

SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities

Decentralized Systems Group

The Decentralized Systems Group at SBA Research focuses on fundamental and applied research in the field of blockchain and distributed ledger technologies. Current projects explore, consensus mechanism, self-sovereign identities, and cross-chain interoperability mechanisms. To industry partners we offer technical workshops, feasibility studies, project consulting, and contract research.

A Glance Beyond the Hype

BLockchain P2P Network

Following the introduction of Bitcoin and the swift rise of cryptocurrencies, blockchain and distributed ledger technologies have received global attention not least from governments, industry and research institutions. While cryptocurrencies as distributed, trustless and self-governing systems aim to provide an alternative to traditional fiat currency structures, the underlying technologies have shown applicability to a wide range of domains beyond financial services. As such, we have witnessed first deployments of blockchain-based application prototypes facilitating, inter alia, transparent record keeping, auditable supply chain management and machine-to-machine communication of autonomous (IoT) agents.

However, a closer analysis of the current state of the technical concepts, implementations and tool support reveals these systems are bleeding edge technology and mainstream adoption is a long way ahead. Furthermore, there exists no one blockchain to be used as golden hammer for all use cases and problems, while secure and efficient inter-chain communication has yet to be developed.

Hence, thorough analysis of requirements, applicability and technical feasibility are of vital importance when deciding upon whether to replace/extend existing systems by/with blockchain-based solutions. Thereby, the core question is not whether "blockchain" is applicable but which of the existing approaches is most suitable.

Current Survey

Privacy Survey Raffle Mechanism

For those who completely filled out the questionnaire before 22.11.2021, we will apply the following mechanism. We will later notify the raffle mechanisms (if any) for those who fill out the form after 22.11.2021.

The selected Bitcoin block height is:
710311
Let’s assume:
R is the last digit of the respondent's Monero address and R+1 is one digit before the last.
C is the last digit of the coinbase output address of the selected Bitcoin block and C+1 is one digit before the last.
We pay those whose R=C.
If there are less than 20 respondents with R=C, we also pay those R=C+1, and then R=C+2, ... until the fund limit is reached.
If there are more than 20 respondents with R=C, we pay those R=C & R+1=“a”, and then R=C & R+1=“b”, ... until the fund limit is reached.

Research

Preprints

PDF

User-perceived privacy in blockchain

Simin Ghesmati, Walid Fdhila, Edgar Weippl

PDF

ETHDKG: Distributed Key Generation with Ethereum Smart Contracts

Philipp Schindler, Aljosha Judmayer, Nicholas Stifter, and Edgar Weippl
Cryptology ePrint Archive, Report 2019/985.

Publications

PDF

Opportunistic Algorithmic Double-Spending: How I learned to stop worrying and love the Fork

Nicholas Stifter, Aljosha Judmayer, Philipp Schindler, and Edgar Weippl
European Symposium on Research in Computer Security (ESORICS) 2022.

PDF

Challenges and Opportunities of Blockchain for Auditable Processes in the Healthcare Sector

Walid Fdhila, Nicholas Stifter, Aljosha Judmayer
Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum: BPM 2022

PDF

How much is the fork? Fast Probability and Profitability Calculation during Temporary Forks

Aljosha Judmayer, Nicholas Stifter, Philipp Schindler, and Edgar Weippl
Companion Proceedings of the Web Conference 2022

PDF

Estimating (Miner) Extractable Value is Hard, Let’s Go Shopping!

Aljosha Judmayer, Nicholas Stifter, Philipp Schindler, and Edgar Weippl
3rd Workshop on Coordination of Decentralized Finance (CoDecFin) 2022

PDF

Methods for decentralized identities: Evaluation and insights

Walid Fdhila, Nicholas Stifter, Kristian Kostal, Cihan Saglam, Markus Sabadello
Business Process Management: Blockchain and Robotic Process Automation Forum: BPM 2021

PDF

Unnecessary input heuristics and payjoin transactions

Simin Ghesmati, Andreas Kern, Aljosha Judmayer, Nicholas Stifter, Edgar Weippl
HCI International 2021-Posters: 23rd HCI International Conference, HCII 2021

PDF

RandRunner: Distributed Randomness fromTrapdoor VDFs with Strong Uniqueness

Philipp Schindler, Aljosha Judmayer, Markus Hittmeir, Nicholas Stifter, Edgar Weippl
Network and Distributed System Security Symposium (NDSS) 2021

PDF

Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods

Simin Ghesmati, Walid Fdhila, Edgar Weippl
International Conference on Business Process Management

PDF

SoK: How private is Bitcoin? Classification and Evaluation of Bitcoin Privacy Techniques

Simin Ghesmati, Walid Fdhila, Edgar Weippl
Proceedings of the 17th International Conference on Availability, Reliability and Security

PDF

Usability of Cryptocurrency Wallets Providing CoinJoin Transactions

Simin Ghesmati, Walid Fdhila, Edgar Weippl
Usable Security and Privacy (USEC) Symposium 2022

PDF

Pay to Win: Cheap, Cross-Chain Bribing Attacks on PoW Cryptocurrencies

Aljosha Judmayer, Nicholas Stifter, Alexei Zamyatin, Itay Tsabary, Ittay Eyal, Peter Gazi, Sarah Meiklejohn, and Edgar Weippl
5th Workshop on Trusted Smart Contracts. In Association with Financial Cryptography 2021

PDF

SoK: Algorithmic Incentive Manipulation Attacks on Permissionless PoW Cryptocurrencies

Aljosha Judmayer, Nicholas Stifter, Alexei Zamyatin, Itay Tsabary, Ittay Eyal, Peter Gazi, Sarah Meiklejohn, and Edgar Weippl
5th Workshop on Trusted Smart Contracts. In Association with Financial Cryptography 2021

PDF

HydRand: Efficient Continuous Distributed Randomness

Philipp Schindler, Aljosha Judmayer, Nicholas Stifter, and Edgar Weippl
Proceedings of IEEE Symposium on Security and Privacy (IEEE S&P), 2020.

PDF

A Deep Dive into Bitcoin Mining Pools: An Empirical Analysis of Mining Shares

Matteo Romiti, Aljosha Judmayer, Alexei Zamyatin, and Bernhard Haslhofer
The 2019 Workshop on the Economics of Information Security, 2019

PDF

XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets

Alexei Zamyatin and Dominik Harz and Joshua Lind and Panayiotis Panayiotou and Arthur Gervais and William J. Knottenbelt
Proceedings of IEEE Symposium on Security and Privacy (IEEE S&P), May 2019.

PDF

Distributed Key Generation with Ethereum Smart Contracts

Philipp Schindler, Aljosha Judmayer, Nicholas Stifter, and Edgar Weippl
CIW'19: 1st Cryptocurrency Implementers' Workshop 2019

PDF

Echoes of the Past: Recovering Blockchain Metrics From Merged Mining

Nicholas Stifter and Philipp Schindler and Aljosha Judmayer and Alexei Zamyatin and Andreas Kern and Edgar Weippl
Financial Cryptography and Data Security 2019

PDF

Uncle Traps: Harvesting Rewards in a Queue-based Ethereum Mining Pool

Werner S, Pritz P, Zamyatin A, Knottenbelt W
2th EAI International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS), 2019

PDF

Pitchforks in Cryptocurrencies: Enforcing rule changes through offensive forking- and consensus techniques (Short Paper)

Aljosha Judmayer and Nicholas Stifter and Philipp Schindler and Edgar Weippl
CBT'18: Proceedings of the International Workshop on Cryptocurrencies and Blockchain Technology

PDF

Proof-of-Blackouts? How Proof-of-Work Cryptocurrencies Could Affect Power Grids

Ullrich Johanna and Stifter Nicholas and Judmayer Aljosha and Dabrowski Adrian and Edgar Weippl
International Symposium on Research in Attacks, Intrusions, and Defenses 2018

PDF

Committing to Quantum Resistance: A Slow Defence for Bitcoin against a Fast Quantum Computing Attack

Stewart I, Illie D, Zamyatin A, Werner S, Torshizi M, Knottenbelt W
Royal Society Open Science 2018/5/180410; DOI: 10.1098/rsos.180410, Published 20 June 2018

PDF

(Short Paper) A Wild Velvet Fork Appears! Inclusive Blockchain Protocol Changes in Practice (2018)

Zamyatin Alexei, Stifter Nicholas, Judmayer Aljosha, Schindler Philipp, Weippl Edgar, Knottenbelt William
5th Workshop on Bitcoin and Blockchain Research at Financial Cryptography and Data Security 2018

PDF

Merged Mining: Curse or Cure? (2017)

Aljosha Judmayer and Alexei Zamyatin and Nicholas Stifter and Artemios G. Voyiatzis and Edgar R. Weippl
CBT'17: Proceedings of the International Workshop on Cryptocurrencies and Blockchain Technology

PDF

Swimming with Fishes and Sharks: Beneath the Surface of Queue-based Ethereum Mining Pools (2017)

Alexei Zamyatin and K. Wolter and S. Werner and C.E.A. Mulligan and P.G. Harrison and W.J. Knottenbelt
25th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 2017)

Link

Blocks and Chains: Introduction to Bitcoin, Cryptocurrencies, and Their Consensus Mechanisms (2017)

Aljosha Judmayer and Nicholas Stifter and Katharina Krombholz and Edgar R. Weippl
Synthesis Lectures on Information Security, Privacy, and Trust

Link

Condensed Cryptographic Currencies Crash Course (C5) (2016)

Aljosha Judmayer and Edgar R. Weippl
2016 ACM SIGSAC Conference on Computer and Communications Security

PDF

Cryptographic Currencies Crash Course (C4): Tutorial (2016)

Aljosha Judmayer and Edgar R. Weippl
25th International Conference on World Wide Web (WWW 2016)

Link

Für bare Münze? NutzerInnenerfahrungen mit Sicherheit und Datenschutz bei Bitcoin (2016)

Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl
Sicherheit 2016: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.

PDF

The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy (2016)

Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl
International Conference on Financial Cryptography and Data Security (FC)

Articles

Link

Bitcoin – Cryptocurrencies and Alternative Applications

Aljosha Judmayer and Alexei Zamyatin and Nicholas Stifter and Edgar Weippl
ERCIM News 110 (2017)

Link

A Holistic Approach to Smart Contract Security

Nicholas Stifter and Aljosha Judmayer and Edgar Weippl
ERCIM News 110 (2017)

Blocks & Chains Bibliography

We also actively maintain an archive, containing publications and various online resources in the field of cryptocurrencies and distributed ledger technologies, commonly referred to as "blockchains" in the Blocks & Chains Bibliography.

Team

Profile: Aljosha Judmayer

Aljosha Judmayer
Researcher

Profile: Nicholas Stifter

Nicholas Stifter
Researcher

Profile: Walid Fdhila

Walid Fdhila
Senior Researcher

Profile: Simin Ghesmati

Simin Ghesmati
Researcher

Profile: Edgar Weippl

Edgar Weippl
Research Director

Alumni

Profile: Alexei Zamyatin

Alexei Zamyatin
Researcher

Profile: Philipp Schindler

Philipp Schindler
Researcher

Profile: Andreas Kern

Andreas Kern
Researcher

Profile: Alexei Zamyatin

Alexei Zamyatin

is security analyst and researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: 5485B999
  • PGP Fingerprint: 2F5F E92D CDAC 15B0 84A6 9FE9 9018 A958 5485 B999

Research Interest

His research focuses on the security, sustainability and scalability of proof-of-work blockchains, as well as on cross-blockchain information and asset exchange. Recent work also includes empirical analysis of blockchain data, evaluation of fairness in mining pools and modeling of miner behavior.

Short Bio

Alexei received a master’s degree in Software Engineering and Internet Computing and a bachelor’s degree in Software and Information Engineering at the Vienna University of Technology. He is currently working towards his Ph.D. degree on the analysis, modeling and extension of proof-of-work blockchain protocols at the Imperial College London.

Profile: Aljosha Judmayer

Aljosha Judmayer

is security analyst and researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: E687AADD
  • Fingerprint: 4016 59DB D4E0 A908 FCDF 7BFB A40D 40AC E687 AADD

Research Interest

His research focuses on cryptocurrencies and their underlying technologies and consensus mechanisms.

Short Bio

Aljosha Judmayer is security analyst and researcher at SBA Research. His research focuses on cryptocurrencies and their underlying technologies and consensus mechanisms. He received an M.Sc. in Software Engineering and Internet Computing from TU Wien. Currently he is working towards his Ph.D. degree on foundations and applications of distributed ledger technologies (i.e., blockchains). His research interests include network security, resilience aspects of distributed systems, and systems security.

Profile: Nicholas Stifter

Nicholas Stifter

is security analyst and researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: 433997A9
  • PGP Fingerprint: 10C6 4FD1 19B1 B399 4A2B 6D7B 5EB9 556A 4339 97A9

Research Interest

His research focuses on the security and sustainability as well as fundamental principles of block chain technologies and smart contracts.

Short Bio

Nicholas Stifter received a master’s degree in Computer Science Management with distinction and a bachelor’s degree in Software Engineering from Vienna University of Technology. He is currently working towards a Ph.D. on security and maintainability aspects of block chain technologies and smart contracts and his research interests include Nakamoto consensus, distributed agreement protocols and computing education for distributed systems topics.

Profile: Philipp Schindler

Philipp Schindler

is researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: A3F85BD7
  • PGP Fingerprint: 7131 B65C DF07 AEEF FB6E DA28 3CA6 F065 A3F8 5BD7

Research Interest

His current research focuses on the area of blockchain technologies and their underlying principles. He has a particular interest on the topics of scalability, privacy and consensus algorithms.

Short Bio

Philipp Schindler received his master’s degree in Software Engineering & Internet Computing from the Vienna University of Technology with distinction. Along side his studies he gathered 2 years of experience working as informatics teacher and IT system administrator. In 2015/2016 he was accepted for the university’s high potential program TUtheTOP. In his studies and during the work on his master thesis he focuses on the areas of software engineering, IT security and blockchain technologies.

Profile: Andreas Kern

Andreas Kern

is researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: 91AB3DF6B0629CDF
  • PGP Fingerprint: 6353 3278 D34F 82AB 91F2 43FD 91AB 3DF6 B062 9CDF

Research Interest

His current research focuses on the area of blockchain technologies and their underlying principles. He has a particular interest on the topics of Payment Channels and Simulation of Bitcoin networks.

Short Bio

Andreas Kern is working on his bachelor’s degree in Software Engineering & Internet Computing from the Vienna University of Technology. Along side his studies he gathered several years of experience working in StartUps with functional and non-functional languages. Since 2011 he is also a member of Bitcoin Austria, a non-profit organization with the purpose of informing the public about Bitcoin and act as a point of contact for news outlets and government agencies.

Profile: Simin Ghesmati

Simin Ghesmati

is researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88

Research Interest

Simin’s research interest focuses on Blockchain privacy.

Short Bio

Currently, Simin is working on Blockchain privacy techniques and their usability as her PhD thesis at TU Wien. Previously, Simin worked as a standard expert, developing standards in the field of IT security. She also worked as a project manager in Tarbiat Modares University. Simin received her master’s degree in IT Engineering from Tarbiat Modares University.

Profile: Georg Merzdovnik

Georg Merzdovnik

is researcher at SBA Research.
  • E-Mail
  • Phone: +43 (1) 505 36 88
  • PGP ID: 0x2788B752
  • PGP Fingerprint: 96C2 15D2 2E42 4135 B492 3BF3 63BD 06FD 2788 B752

Research Interest

His research interests focus on software protection techniques as well as hardware and mobile security.

Short Bio

He received a bachelor’s degree in Computer Engineering and a master’s degree in Software Engineering and Internet Computing from the TU Wien with a special emphasis on IT security. He is currently teaching graduate and undergraduate courses on computer security at the TU Wien and the University of Applied Sciences St. Pölten.

Profile: Edgar Weippl

Edgar Weippl

is research director of SBA Research and Associate Professor (Privatdozent) at the TU Wien.
  • E-Mail
  • Phone: +43 (1) 505 36 88

Research Interest

His research focuses on applied concepts of IT-security and e-learning.

Short Bio

After graduating with a Ph.D. from the TU Wien, Edgar worked in a research startup for two years. He then spent one year teaching as an Assistant Professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant in New York, NY and Albany, NY, and in Frankfurt, Germany. In 2004 he joined the TU Wien and founded the research center SBA Research together with A Min Tjoa and Markus Klemen. Edgar R. Weippl (CISSP, CISA, CISM, CRISC, CSSLP, CMC) is member of the editorial board of Computers & Security (COSE), organizes the ARES conference and is General Chair of SACMAT 2015, PC Chair of Esorics 2015, General Chair of ACM CCS 2016, and PC Chair of ACM SACMAT 2017.

Profile: Walid Fdhila

Walid Fdhila

is a senior researcher at SBA Research and leads the Decentralized Systems Research Group. He is also senior research fellow at the Faculty of Computer Science, at the University of Vienna.
  • E-Mail
  • Phone: +43 (1) 505 36 88

Research Interest

Walid’s interests include fundamental and applied research on Blockchain, service computing, business process management and modeling, process compliance, change management and distributed computing.

Short Bio

Walid received his PhD in Computer Science from the University of Nancy, France (now University of Lorraine). He was a member of SCORE research group at the LORIA -INRIA research center (now COAST research group). He was also a teaching assistant at one of the leading French engineering Grandes Écoles – Mines Nancy – and at Polytech Nancy. Walid received his master’s degree with distinction in distributed systems and communication networks from the University of Lorraine, France.

Profile: Yvonne Poul

Yvonne Poul

lead digital innovation and start-up collaboration
  • E-Mail
  • Phone: +43 (1) 505 36 88
Yvonne leads the digital innovation and startup collaboration division, which is currently being built. She is head of the event- and congress management department of SBA Research and organized several IT security – conferences and events (e.g. CCS 2016, ARES Conference, SACMAT 2015, ESORICS 2015, DBSec’14 – full list )

Short Bio

She is currently working towards an MBA in Entrepreneurship & Innovation from the WU and TU Vienna. She received a bachelor’s degree in Tourism Management from the University of Applied Sciences Zittau / Görlitz in 2013.

Teaching

Education is a core activity of SBA Research, and complements and supports our core, research-intensive activities. We aim at providing high-quality of education in postgraduate and undergraduate studies as well as secondary education, continuing education and in trainings. SBA Research is strongly affiliated with the Institute of Software Technology and Interactive Systems of TU Wien.

Bsc | MSc| PhD – Supervision

We currently offer BSc, MSc and PhD Thesis supervision, inter alia, on the following topics:
  • MEV (Miner Extractable Value) and transaction ordering
  • Empirical analyses of smart contract platforms and their components
  • SSI (Self-Sovereign Identity)
  • P2P networking aspects of cryptocurrencies
  • (Cryptocurrency) consensus protocol scalability simulations
  • Alternative consensus/mining methods
  • Alternative applications and designs of blockchain-based consensus systems
  • Cryptocurrency wallet security and usability
  • Altcoin evaluation and categorisation
  • Cross-chain interoperability
  • Privacy vs transparency in cryptocurrencies
We also welcome self-proposed topics!

Students interested to do an internship or pursue a thesis (B.Sc., DI, M.Sc., or Ph.D.) are kindly advised to contact us via E-Mail.

Blocks & Chains Workshops

We also offer a series of workshops on selected topics, including:
  • Introduction to cryptocurrencies and the concepts of blockchain and distributed ledger technologies.
  • Smart Contracts
  • Blockchain interlinking and payment channels
  • Technical perspectives for privacy and selective transparency
More information will follow soon.