Katja Assaf

Contact

Phone: +49 331 5509-575
E-Mail: katja.assaf ... hpi.de
Room: C-1.6

Research Interests

  • Cybersecurity and Cryptography
  • Cybersecurity in Railway Systems
  • Digital and Anonymous Credentials

Publications

  • Tarek Galal, Valeria Tisch, Katja Assaf, and Andreas Polze. From Paper Trails to Trust on Tracks: Adding Public Transparency to Railways via zk-SNARKs. In ZKDAPPS Workshop of the International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 2025.
    × 
    @inproceedings{galal2025,
        author = "Galal, Tarek and Tisch, Valeria and Assaf, Katja and Polze, Andreas",
        title = "{From Paper Trails to Trust on Tracks: Adding Public Transparency to Railways via zk-SNARKs}",
        booktitle = "ZKDAPPS Workshop of the International Conference on Blockchain and Cryptocurrency (ICBC)",
        pages = "",
        year = "2025",
        organization = "IEEE",
        tags = "katja.assaf,andreas.polze"
    }
  • Clemens Tiedt, Katja Assaf, Robert Schmid, Lukas Pirl, and Andreas Polze. A Safety-Critical Object Controller with Inherited Trust. In ISORC 2025. May 2025.
    × 
    @inproceedings{tiedt2025simplex,
        author = "Tiedt, Clemens and Assaf, Katja and Schmid, Robert and Pirl, Lukas and Polze, Andreas",
        booktitle = "ISORC 2025",
        title = "{A Safety-Critical Object Controller with Inherited Trust}",
        month = "May",
        year = "2025",
        tags = "clemens.tiedt,katja.assaf,robert.schmid,lukas.pirl,andreas.polze"
    }
  • Robert Schmid, Katja Assaf, Clemens Tiedt, Frederic Reiter, Dirk Friedenberger, and Andreas Polze. Managing Complexity in Safety-critical Railway Signaling Systems using Simplex Architectures. In ISORC 2024. May 2024.
    × 
    @inproceedings{schmid2024simplex,
        author = "Schmid, Robert and Assaf, Katja and Tiedt, Clemens and Reiter, Frederic and Friedenberger, Dirk and Polze, Andreas",
        title = "{Managing Complexity in Safety-critical Railway Signaling Systems using Simplex Architectures}",
        booktitle = "ISORC 2024",
        month = "May",
        year = "2024",
        tags = "katja.assaf,robert.schmid,clemens.tiedt,frederic.reiter,dirk.friedenberger,andreas.polze"
    }
  • Katja Assaf. Anonymous Credentials And Self-Sovereign Identity - An Initial Assessment. In Workshop of the International Conference on Advanced Information Networking and Applications (WAINA). Springer, 2024.
    × 
    @inproceedings{assaf2024acandssi,
        author = "Assaf, Katja",
        title = "{Anonymous Credentials And Self-Sovereign Identity - An Initial Assessment}",
        booktitle = "Workshop of the International Conference on Advanced Information Networking and Applications (WAINA)",
        pages = "",
        year = "2024",
        organization = "Springer",
        tags = "katja.assaf"
    }
  • Katja Assaf, Alexander Mühle, Daniel Köhler, and Christoph Meinel. Prison Break: From Proprietary Data Sources to SSI Verifiable Credentials. In International Conference on Advanced Information Networking and Applications (AINA), 355–366. Springer, 2023. [ PDF | ]
    × 
    @inproceedings{assaf2023prison,
        author = {Assaf, Katja and M{\"u}hle, Alexander and K{\"o}hler, Daniel and Meinel, Christoph},
        title = "{Prison Break: From Proprietary Data Sources to SSI Verifiable Credentials}",
        booktitle = "International Conference on Advanced Information Networking and Applications (AINA)",
        pages = "355--366",
        year = "2023",
        organization = "Springer",
        pdf = "https://osm.hpi.de/publications/downloads/assaf2023prisonbreak.pdf",
        tags = "katja.assaf"
    }
  • Alexander Mühle, Katja Assaf, Daniel Köhler, and Christoph Meinel. Requirements of a Digital Education Credential System. In 2023 IEEE Global Engineering Education Conference (EDUCON), 1–10. IEEE, 2023.
    × 
    @inproceedings{muhle2023requirements,
        author = {M{\"u}hle, Alexander and Assaf, Katja and K{\"o}hler, Daniel and Meinel, Christoph},
        title = "{Requirements of a Digital Education Credential System}",
        booktitle = "2023 IEEE Global Engineering Education Conference (EDUCON)",
        pages = "1--10",
        year = "2023",
        organization = "IEEE",
        tags = "katja.assaf"
    }
  • Alexander Mühle, Katja Assaf, and Christoph Meinel. One to Bind Them: Binding Verifiable Credentials to User Attributes. In International Conference on Security and Cryptography (SECRYPT). 2023. [ PDF | ]
    × 
    @inproceedings{Mhle2023OneTB,
        author = {M{\"u}hle, Alexander and Assaf, Katja and Meinel, Christoph},
        title = "{One to Bind Them: Binding Verifiable Credentials to User Attributes}",
        booktitle = "International Conference on Security and Cryptography (SECRYPT)",
        year = "2023",
        pdf = "https://www.researchgate.net/publication/372348771\_One\_to\_Bind\_Them\_Binding\_Verifiable\_Credentials\_to\_User\_Attributes\#fullTextFileContent",
        tags = "katja.assaf"
    }
  • Francisco Daza Pastrana, Francois Hausman, and Katja Stumpp. Railway cybersecurity: comprehensive and standardized approach to security risk assessment. In Proceedings of the 8th Transport Research Arena (TRA). 04 2020.
    × 
    @inproceedings{inproceedings,
        author = "Daza Pastrana, Francisco and Hausman, Francois and Stumpp, Katja",
        year = "2020",
        month = "04",
        pages = "",
        title = "Railway cybersecurity: Comprehensive and standardized approach to security risk assessment",
        booktitle = "Proceedings of the 8th Transport Research Arena (TRA)",
        tags = "katja.assaf"
    }

Selected Talks

  • Why Railway Is Safe But Not Secure at 37c3 (Hamburg, 2023) 1
  • Digital Credentials in 2028 - A reflection about the challenges we had to solve at eMadrid, UC3M (Madrid, 2023) 2
  • Ich bin |<47j4 - mehr müssen Sie nicht wissen (German) at Science Slam im Waschhaus (Potsdam, 2023) and at 1. Brandenburger Science Slam (Oranienburg, 2022) 3
  • Herausforderungen bei der Umsetzung Digitaler Bildungsnachweise im Hochschulbereich (German) at openHPI-Forum (Potsdam, 2021) 4
1.
^ https://media.ccc.de/v/37c3-11717-why_railway_is_safe_but_not_secure
2.
^ https://emadridnet.uc3m.es/en/2023/01/02/credenciales-digitales-en-2028-una-reflexion-sobre-los-retos-que-teniamos-que-resolver/
3.
^ https://youtu.be/NbmOACq4Das?si=cYR-dBpV1ucW7Wqy&t=3731
4.
^ https://www.tele-task.de/lecture/video/8857/

Co-Supervised Theses

  • Insecure but safe? - Analysis of an online door locking system (B.Sc., 2025)
  • Security of Legacy Systems through Box Security – Definition and Analysis (M.Sc., 2025)
  • The Simplex Architecture in Practice – Runtime Assurance for Safety-Critical Railway Systems (M.Sc., 2024)

Teaching Activities

  • WS24/25
    • Trends in OSM (Master Seminar)
  • SS24
    • Trends in OSM: Railway Security (Master Seminar)
  • WS23/24
    • Trends in OSM (Master Seminar)
    • Verteilte Verlässliche Eingebettete Systeme
  • SS23
    • Anonymous Credentials (Master Seminar)
    • Zusatzqualifikation Cybersecurity (openHPI)
  • WS22/23
    • Mathe I
    • Tatort Internet (openHPI)
  • WS21/22
    • Mathe I
    • User Authentication for a Digital Credential System (Master Project)
    • Hot Topics in Secure Identity Research (Master Seminar)
    • Malware (openHPI)

Biographical Sketch

  • since 2021: PhD Student / Researcher at Hasso Plattner Institute, University of Potsdam
  • 2017 - 2021: Product Solution Security Expert (PSSE) & Product Manager for an Identity and Access Management System (IAM)
  • until 2017: M.Sc. Mathematics at TU Berlin