Welcome to the CROSSING Summer School on Sustainable Security & Privacy organized by TU Darmstadt, Germany, on September 9-13, 2019.
The CROSSING Summer School targets graduate students and postdocs interested in sustainable security and privacy. Lectures by renowned experts will provide insights into the foundations as well as state-of-the-art solutions and focus on an in-depth understanding of selected topics. There will be also room for discussions and networking between participants and lecturers.
The CROSSING Summer School on Sustainable Security & Privacy is a five-day event. It starts with the two-day CROSSING Conference which provides an overview on different aspects of sustainable security and privacy. An optional one-day social event follows, a hiking tour. The CROSSING Summer School ends with two additional days of in-depth technical talks given by internationally renowned speakers with many networking opportunities between researchers interested in the field of sustainable security and privacy.
In cooperation with IACR
CROSSING offers a limited number of stipends to those students unable to obtain funding to attend the Summer School. Stipends will cover the registration fee. Students in under-represented groups are especially encouraged to apply. The Technical University of Darmstadt aims to increase the proportion of women attending and therefore calls on women in particular to apply. Depending on availability we may also provide stipends for other researchers unable to obtain funding. More info »
|September 9-10, 2019
|CROSSING Conference sessions
18 speakers • Venue: darmstadtium
|September 11, 2019
|Social event: Hiking Tour “Hessische Bergstraße”
|September 12-13, 2019
8 speakers • Venue: Georg-Christoph-Lichtenberg-Haus
Registration fee: 200 EUR. No additional registration for the Conference is required.
|Monday, September 9
|8:00 am - 9:00 am
|Registration & Welcome
|9:00 am - 9:15 am
|Opening with Ahmad-Reza Sadeghi, Speaker CYSEC, TU Darmstadt, Johannes Buchmann, Speaker CROSSING, TU Darmstadt, und Mira Mezini, VP Research, TU Darmstadt
|9:15 am - 10:00 am
|Ross Anderson, University of Cambridge, UK
The sustainability of safety, security and privacy • Slides • Abstract »
Now that we’re putting software and network connections into cars and medical devices, we’ll have to patch vulnerabilities, as we do with phones. But we can’t let vendors stop patching them after three years, as they do with phones. So in May, the EU passed Directive 2019/771 on the sale of goods. This gives consumers the right to software updates for goods with digital elements, for the time period the consumer might reasonably expect. In this talk I’ll describe the background, including a study we did for the European Commission in 2016, and the likely future effects. As sustainable safety, security and privacy become a legal mandate, this will create real tension with existing business models and supply chains. It will also pose a grand challenge for computer scientists. What sort of tools and methodologies should you use to write software for a car that will go on sale in 2023, if you have to support security patches and safety upgrades till 2043?
|10:00 am - 10:45 am
|Dongyan Xu, Purdue University, USA
From Control Model to Control Program: A Cross-Layer Approach to Robotic Vehicle Security • Abstract »
Robotic autonomous vehicles operate in potentially hostile environments and are subject to disturbances, failures, and attacks. The core of a robotic vehicle is its real-time controller, which is responsible for controlling and steering the vehicle to fulfill missions. The controller, together with the physical vehicle, may become legacy systems over time and need to be retrofitted for attack/fault resiliency. In this talk, I will report our recent efforts in vetting and retrofitting robotic vehicle control programs. First, I will present a cross-layer framework for investigating robotic vehicle accidents caused by control model implementation bugs in the control program. Second, I will present a control-guided technique to proactively discover control parameter validation bugs in control program binaries. Finally, I will report our ongoing efforts in retrofitting control programs with reinforcement learning-based attack recovery capability. By presenting these efforts, I would like to advocate a multidisciplinary methodology – spanning cyber, control, and domain physics – for CPS security research.
|10:45 am - 11:15 am
|11:15 am - 12:00 pm
|Michele Mosca, University of Waterloo, Canada
Security in the Quantum Era • Abstract »
While it is too soon to know the full breadth of applications and implications of quantum computation, one thing is known: it will decimate the current public-key cryptography at the foundations of our information and communication systems. What does this mean for legacy systems? What about new systems and tools like blockchains and AI? How close are we to cryptographically relevant quantum computers?
The path to designing and deploying new foundations is long and hard, though progress is being made. Will our cyber systems be ready in time? Will this be part of our technology lifecycle management (and lead to more robust systems), or crisis management (and lead to weaker systems)? What can we do now so we can safely reap the rewards of the quantum era?
|12:00 pm - 12:45 pm
|Benny Pinkas, Bar Ilan University, Israel
Private Intersection Analytics • Abstract »
Effective data analysis often depends on data that is known to different sources, including private data whose owners cannot disclose. The task at hand is to perform effective analysis of the data while preserving its privacy. This talk will describe efficient cryptographic protocols, some of them based on variants of private set intersection (PSI), that can be applied to perform private analysis of data.
|12:45 pm - 1:45 pm
|1:45 pm - 2:30 pm
|Moti Yung, Google Inc.
The Exodus of Secure Computations: From Theory to Core Business Deployment
|2:30 pm - 3:15 pm
|Gene Tsudik, University of California, Irvine, USA
Verified Proofs of Update, Reset and Erasure for Low-End Embedded Systems • Slides • Abstract »
Remote Attestation (RA) is a security service that enables a trusted verifier (Vrf) to measure current memory state of an untrusted remote prover (Prv). If correctly implemented, RA allows Vrf to remotely detect if Prv’s memory reflects a compromised state. However, RA by itself offers no means of remedying the situation once Prv is determined to be compromised. In this work we show how a secure RA architecture can be extended to enable important and useful security services for low-end embedded devices. In particular, we extend the formally verified RA architecture, VRASED, to implement provably secure software update, erasure, and systemwide resets. When (serially) composed, these features guarantee to Vrf that a remote Prv has been updated to a functional and malware-free state, and was properly initialized after such process. These services are provably secure against an adversary (represented by malware) that compromises Prv and exerts full control of its software state. Our results demonstrate that such services incur minimal additional overhead, making them practical even for the lowest-end embedded devices.
|3:15 pm - 3:45 pm
|3:45 pm - 4:30 pm
|Srdjan Capkun, ETH Zürich, Switzerland
Secure Positioning: From GPS to IoT • Abstract »
In this talk I will review security issues in today’s navigation and close-range positioning systems. I will discuss why GNS systems like GPS are hard to fully secure and will present novel solutions that can be used to improve the robustness of GNS systems to attacks. I will then show how a different design of a positioning system can enable secure positioning, but also that this requires solving a set of relevant physical- and logical- layer challenges. I will present a design and implementation of a fully integrated IR UWB secure distance measurement (distance bounding) system that solves these challenges and enables secure distance measurement and secure positioning in IoT applications. Finally, I will place these efforts in the context of an upcoming IEEE 802.15.4z secure distance measurement standard.
|4:30 pm - 5:15 pm
|Nele Mentens, KU Leuven, Belgium
Security on Plastics: Fake or Real? • Slides • Abstract »
Electronic devices on plastic foil, also referred to as flexible electronics, are making their way into mainstream applications. In the near future, flexible electronic labels can be embedded in smart blisters, but also used as mainstream technology for flexible medical patches. A key technology for flexible electronics is based on thin-film transistors, which have the potential to be manufactured at low cost, making them an ideal candidate for these applications. Yet, up to now, no-one is taking digital security into account in the design of flexible electronics. In this talk, the first cryptographic core on plastic foil is presented. Two main research challenges arise. The first challenge is related to the reliability of the circuit, which typically decreases when the circuit area increases. By integrating cryptographic modules, we explore the limits of the technology, since the smallest lightweight block ciphers feature a larger area than the largest digital circuit on flex foil reported up to now. The second challenge is related to key hiding. The relatively large features on the chip and the fact that electronic chips on plastics are used as bare dies, i.e. they are not packaged, make it easy to read out the value of the stored secret key. Because there is no dedicated non-volatile memory technology yet, existing methods for writing data to the flexible chip after fabrication are based on wire cutting with a laser or inkjet printing. With these techniques, however, it is extremely easy to “see” the value of the secret key under a microscope. We propose a novel solution that allows us to invisibly program the key after fabrication.
|5:15 pm - 6:00 pm
|Robert Broberg, Cisco/University of Pennsylvania, USA
NISQ - Near Impact on Silicon of Quantum Research in the next 3 to 5 years • Slides • Abstract »
Recent advances in the development of CMOS compatible devices to enable Quantum Computing have potential impact by orders of magnitude to current optical and electrical interconnects in the data center and metropolitan area networks. To build large scale quantum computers photons are viewed as the best candidate to transfer quantum state beyond intra-chip level communication. We will review the state of current materials used for single photon detectors and sources based on plasmonics and nanowires discussing the technology, power and speed of these devices and expected evolution. We will then review existing SerDes and transceiver technology in the context of Claude Shannon’s theory of communication and discuss the progression these technologies which was first limited by theorem 11 and is now reaching limits defined by theorem 18. We will show how new photonic devices developed for quantum technology will change the parameters currently used in theorem 11 leading to increased bandwidth and decreased power consumption. We will introduce Holevo’s theorem and discuss how continuous variable encoding, limited by theorem 18, can provide yet another path to increase bandwidth by multiple orders of magnitude with expected quantum devices.
|Tuesday, September 10
|8:00 am - 9:00 am
|Registration & Welcome
|9:00 am - 9:45 am
|Engin Kirda, North Eastern University, USA
Using AI to Detect Advanced Threats – Done Right • Abstract »
As every researcher knows, using AI in security products is the latest craze. The security industry is now promising us that AI will solve all security problems, and will save the world. In this talk, I will put on my both academic and industrial hats on (as a professor and the co-founder of a security company) and will discuss how we use ML techniques at Lastline to detect breaches and advanced threats. I will also talk about the common pitfalls and shortcomings of a lot of industrial solutions in the field.
|9:45 am - 10:30 am
|Mathias Payer, EPFL, Switzerland
Fuzzing Low-level Code • Slides • Abstract »
In an eternal war in memory, state corruption plagues systems since the dawn of computing. Despite the rise of strong mitigations such as stack cookies, ASLR, DEP, or most recently Control-Flow Integrity, exploits are still prevalent as none of these defenses offers complete protection. This situation calls for program testing techniques that discover reachable vulnerabilities before the attacker. Finding and fixing bugs is the only way to protect against all exploitation.
We develop fuzzing techniques that follow an adversarial approach, focusing on the exposed attack surface and exploring potentially reachable vulnerabilities.
In this talk we will discuss two aspects of fuzzing hard to reach code: (i) learning what code is exposed to attacker-controlled input and (ii) testing drivers that interact with exposed peripherals.
First, we assess the threat surface by characterizing the potential computational power that a vulnerability gives. In a multi-step process we follow the flow of information an synthesize potential attacker payloads to learn how exposed certain code sequences are. Second, by providing a custom-tailored emulation environment we create mock Trojan devices that allow fuzzing the peripheral/driver interface. In these projects we develop new techniques to test different kinds of hard to reach code and exposed large amounts of vulnerabilities.
|10:30 am - 11:00 am
|11:00 am - 11:45 am
|Rosario Cammarota & Anand Rajan, Intel Corporation
Security for Emerging Paradigms & Private AI Systems • Abstract »
This talk will provide an overview of the key security research challenges and opportunities for a set of important emerging paradigms (e.g. IoT, 5G, Blockchain, AI, PQC). The remainder of the talk will then focus on Private AI Systems.
Advances in users’ data privacy laws create pressures and pain points for both service users and service providers. On the one hand, the user wants (or would feel comfortable if) its data can be processed without being exposed to the service providers. For this, cryptographic technologies such as homomorphic encryption, masking, multi-party computation, to name a few, can be used to protect users’ data. On the other hand, a service provider wants to keep its service’s secret sauce (the AI models) secured and private from the cloud infrastructure and possible threats emanating from it. For this, technologies such as trusted execution can be used to protect the service providers’ AI models. Deploying AI systems in a scenario where a service provider, the cloud infrastructure and a service user are distinct and mutually distrusted entities is a problem that has received little attention in the past. In this talk, we cover possible AI system profiles to address this problem, their advantages, and limitations.
|11:45 am - 12:30 pm
|Farinaz Koushanfar, University of California, San Diego, USA
Privacy-preserving Machine Learning
|12:30 pm - 1:30 pm
|1:30 pm - 2:15 pm
|Yossi Oren, Ben-Gurion University of the Negev, Israel
Side Channel Attacks and Human Secrets • Slides
|2:15 pm - 3:00 pm
|Yongdae Kim, KAIST, South Korea
LTE Hacking • Slides
|3:00 pm - 3:30 pm
|3:30 pm - 4:15 pm
|Lejla Batina, Radboud University, Netherlands
SCA strikes back: attacking neural networks via physical leakage… and the other way around • Abstract »
Recently, the potential of machine and consequently deep learning on side-channel analysis was discovered and confirmed even on protected cryptographic implementations. The success of those experiments has led to deep learning techniques becoming a mainstream component in side-channel leakage evaluations.
Conversely, recent work has shown that neural networks can be reversed engineered by the side-channel attacker, i.e., the adversary using physical leakage such as timing and EM. This makes neural nets an interesting target as in some applications such as security evaluation, HD maps for autonomous vehicles etc. optimized networks are considered an IP.
This talk will survey this interplay of deep learning and side-channel analysis and its impact on security.
|4:15 pm - 5:00 pm
|Frank Krüger, George Mason University, USA
Toward a Model of Trust Drawn from Neuroscience, Psychology, and Economics • Slides • Abstract »
Trust pervades nearly every social aspect of our daily lives, and its disruption is a significant factor in mental illness. Research in the field of neuroeconomics has gained a deeper understanding of the neuropsychoeconomic (NPE) underpinnings of trust by combining complementary methodologies from neuroscience, psychology, and economics. However, a coherent model of trust that integrates separate findings under a conceptual framework is still lacking. In this presentation, I will sketch out an integrative NPE model that explains how the interactions of psychoeconomic components engage domain-general large-scale brain networks in shaping trust behavior over time. Further, I will point out the caveats of current research approaches and outline open questions that can help guide future transdisciplinary investigations for a better understanding of the neuropsychology of trust.
|5:00 pm - 5:45 pm
|Carmela Troncoso, EPFL Lausanne, Switzerland
Privacy Engineering • Abstract »
In this talk we revisit privacy engineering methodologies and show that not those, not the PETs designed at top conferences are thought to be deployed in an Agile manner nor in a service-oriented world (which is 90% of the software development these days). As such, they are very hard to deploy in practice. We identify the problems and propose future avenues of research to tackle them.
|5:45 pm - 6:30 pm
|Wednesday, September 11
|Meeting point at bus stop darmstadtium
|11:00 am - 11:45 am
|Bus transfer to Heppenheim
|11:45 am - 5:00 pm
|Hiking Tour “Hessische Bergstraße”
|5:00 pm - 7:00 pm
|Stop at Staatspark Fürstenlager
|7:15 pm - 8:00 pm
|Bus transfer to darmstadtium
|Thursday, September 12
|8:00 am - 9:00 am
|Registration & Welcome
|9:00 am - 9:15 am
|9:15 am - 10:15 am
|Wenyuan Xu, Zhejiang University, China
A Sound Story – Analog Security of Cyber-Physical Systems • Abstract »
Much security research focuses on protecting the digitalized information, e.g., securing communication via cryptographic methods. Nevertheless, hardware implementation and its internal signal conditioning path could undermine the otherwise secure mechanisms, e.g., attackers can extract secret keys via side channels. As the emerging cyber-physical systems depend on sensors to make automated decisions, it is critical to examine analog cybersecurity, i.e., analyzing the integrity and dependability of information prior to its digitalization. Such a problem is especially important in cyber-physical systems because they depend on sensors to make automated decisions. In this talk, we illustrate a few analog signal injection attacks that utilize the built-in hardware vulnerabilities of various commodity sensing systems as well as proposing the defense strategies. Our work calls to question the wisdom of allowing microprocessors and embedded systems to blindly trust that hardware abstractions alone will ensure the integrity of sensor outputs.
|10:15 am - 10:30 am
|10:30 am - 11:30 am
|Lejla Batina, Radboud University, The Netherlands
Side-channel attacks in the wild: recent advances and countermeasures • Slides • Abstract »
Physical attacks are a continuous and present threat for embedded devices. In this talk I will survey relevant issues with side-channel and fault attacks on embedded crypto implementation and adequate countermeasures. I will also present some recent attacks on real-world implementations that could be used in IoT devices and in particular some attacks on Elliptic Curve Cryptography (ECC) implementations.
|11:30 am - 12:30 pm
|Stjepan Picek, TU Delft, The Netherlands
Machine Learning and Implementation Attacks • Slides • Abstract »
Recent years showed that machine learning techniques can be a powerful paradigm for implementation attacks, especially profiling side-channel attacks (SCAs). Still, despite all the success, we are limited in our understanding when and how to select appropriate machine learning techniques. Additionally, the results we can obtain are empirical and valid for specific cases where generalization is often difficult. In this talk, we discuss several well-known machine learning techniques, the results obtained, and their limitations. Next, we concentrate on deep learning techniques and potential benefits such techniques can bring to SCA, with an emphasis on real-world scenarios. In the last part of the talk, we discuss how various AI techniques can be used for fault injection attacks.
|12:30 pm - 1:30 pm
|1:30 pm - 2:30 pm
|Matthias Hollick, TU Darmstadt
The State of Wireless Security: Screwing-up Sustainably instead of Sustainable Security • Slides • Abstract »
Wireless technology enables untethered communications of billions of devices such as smartphones, sensors and actors in smart environments, wearables and medical implants, etc. Yet the history of wireless protocol security is abysmal: security flaws have been repeatedly discovered in the most important wireless standards: Bluetooth, Wi-Fi (WEP, WPA2, WPS), cellular (GSM, UMTS, LTE). Security fixes were often deployed late or to subsets of the affected systems or even postponed to the next technology generation. As a result, the ‘lifeline’ of most modern information and communications systems is at the same time one of its weakest spots and open for proximity/adjacent network attacks.
In this talk, I will discuss the (in)security of key wireless standards such as Wi-Fi and Bluetooth and introduce corresponding tools for advanced security research in this field developed in my team. I will demonstrate how Wi-Fi firmware modifications can transform off-the-shelf smartphones into versatile, programmable tools for networking and security research, and will present advanced attacks against the availability of Wi-Fi or Bluetooth communications as well as countermeasures against such advanced attacks. I will further show how Wi-Fi can be used to inconspicuously exfiltrate data from networks with very high data rates, without the ability to detect this exfiltration with off-the-shelf intrusion detection systems or regular Wi-Fi devices. This is followed by a discussion on the security of proprietary wireless protocols within the Apple ecosystem.
The talk concludes by discussing on how to break this vicious circle of poor security solutions within wireless communication systems and reach a state of adequate and sustainable security.
|2:30 pm - 3:30 pm
|Alexandra Dmitrienko, Universität Würzburg, Germany
Intel SGX: The Promises and Pitfalls of Hardware-Assisted Security • Slides • Abstract »
In this talk, we will revisit the promises made by hardware-assisted security architectures and overview research efforts in made the last few years on attacks against Intel SGX and proposed countermeasures, including our own work. In particular, we will largely focus on side-channel attacks, the major threat to SGX’s architecture today, as they appeared to be extremely effective in extracting enclave’s secrets, such as cryptographic keys and private application data. These attacks undermine key security guarantees provided by enclaved execution, such as confidentiality of enclaved data and attestation of the integrity of execution, and urge academia and industry to come up with countermeasures. In the second part of the talk, we will walk the audience through defense techniques that emerged so far and range from specialized solutions aiming at fixing a particular problem to generic protections that can require hardware support or rely on software only.
|3:30 pm - 4:00 pm
|4:00 pm - 5:00 pm
|Jean Paul Degabriele, TU Darmstadt
The Security of Onion Encryption in Tor • Abstract »
Tor is a primary tool for maintaining anonymity online. It provides a low-latency, circuit-based, bidirectional secure channel between two parties through a network of onion routers, with the aim of obscuring exactly who is talking to whom, even to adversaries controlling part of the network. Tor relies heavily on cryptographic techniques, yet its onion encryption scheme is susceptible to tagging attacks and traffic-correlation attacks.
In this talk, I will describe how onion encryption in Tor works and how the above attacks undermine its security. I will then present a security definition for capturing the security goal of an onion encryption scheme like the one used in Tor. The Tor Project has been actively looking to replace its onion encryption scheme in order to defend against tagging attacks and has put forth a new proposal for a new onion encryption scheme. I will conclude with a short description of the proposed scheme and our security analysis of this scheme.
|5:00 pm - 6:15 pm
|6:15 pm - 6:30 pm
|6:30 pm - 9:30 pm
|Friday, September 13
|8:00 am - 9:00 am
|Registration & Welcome
|9:00 am - 10:00 am
|Christian Reuter, TU Darmstadt
Sustainable Security? Dual-Use and Dilemmas for Cybersecurity, Peace and Technology Assessment • Abstract »
Dual-use in information technology is a pressing issue: how can we prevent, control or manage the risk of a harmful application of IT? How can dual-use awareness and regulation help to mitigate the risks to peace and security on the national and international level? As the cyberspace has been declared a military domain, IT is of increasing importance for civil and military infrastructures. How can researchers, developers and decision makers make sure that IT is not misused to cause harm? How can they be sure that privacy is respected and data is not misused? For nuclear, biological and chemical technologies this has been discussed as the dual-use problem. This chapter illustrates the approaches towards different dual-use concepts, how to conduct technology assessment and provides insight in the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.
|10:00 am - 11:00 am
|Thomas Schneider, TU Darmstadt
Efficiently Protecting Data and Functions • Slides • Abstract »
Secure computation, also called secure function evaluation, allows to efficiently compute on private data while protecting the inputs to the computation. This has many applications such as private auctions, genomic privacy, or biometric identification. In some applications, even the computation that is performed on the private data should be hidden as it is intellectual property of a service provider. This is called private function evaluation and example applications include private credit checking or privately determining insurance tariffs. An efficient way to achieve private function evaluation is to securely evaluate a universal circuit which is a Boolean circuit which can be programmed to compute an arbitrary function up to a given size. In this talk, I will give an overview and examples of our research in the area of secure and private function evaluation with a focus on applications.
|11:00 am - 11:15 am
|11:15 am - 12:15 pm
|Georgios Nikolopoulos, FORTH, Greece and TU Darmstadt
Quantum-safe entity authentication with physical unclonable keys • Abstract »
Entity authentication is one of the main cryptographic tasks. The development of quantum-safe cloning-resistant entity authentication protocols (EAPs) is of particular importance for the field, and optical schemes are currently considered to be among the most prominent candidates. In such schemes authentication relies on the optical response of physical disordered keys that are materialized by optical multiple-scattering media.
In this talk I will discuss the main physical principles underlying the optical EAPs that have been presented in the literature so far, and I will address some of their fundamental aspects, including their security against various attacks. The talk is intended for non-specialised audience, students and postdocs.
|12:15 pm - 1:15 pm
|1:15 pm - 2:15 pm
|Marc Fischlin, TU Darmstadt
The TLS 1.3 Standard from a Cryptographic Point of View
|2:15 pm - 3:15 pm
|Christopher Liebchen, Google
Separating Chaff from the Wheat: On Security Isolation Technologies
|3:15 pm - 3:45 pm
|3:45 pm - 5:45 pm
|Lucas Davi, Universität Duisburg-Essen, Germany
From Control-Flow to Data-Oriented Exploits • Slides • Abstract »
Memory corruption attacks exploit program errors to alter program information such as function pointers and program variables maintained in memory. In the recent past, we have witnessed a variety of different attack strategies starting from classic code injection attacks to sophisticated return-oriented programming attacks that encapsulate malicious program actions inside a chain of existing and benign code sequences from shared libraries. The good news is that both academia and industry have significantly raised the bar for these attacks by proposing and implementing mitigation technologies such as control-flow integrity, code pointer integrity, and code and data layout randomization. However, the latest trend in exploitation moves from control-flow attacks to subtle data-oriented attacks. These attacks do not violate control-flow integrity but only alter program variables to trigger malicious program actions. In this lecture, we provide a detailed overview on the evolution of memory corruption attacks from control-flow to data-oriented attacks. In addition, we discuss defensive strategies and offer a hands-on lab for the development of sample exploits against vulnerable proof-of-concept applications.
Hands-on Lab on Runtime Attack
|5:45 pm - 6:00 pm
Social Event: Hiking Tour “Hessische Bergstraße”
The well-marked hiking trails in the Geopark Bergstraße-Odenwald, which lead to many interesting sights, allow you to get back to nature and discover the region on foot. Located between the university and science city of Darmstadt, characterised by its art nouveau influences, in the north and the romantic university city of Heidelberg in the south, the western slopes of the Odenwald are home to traces of over 2000 years of cultural and urban history. Castles and palaces, medieval noble courts, historic half-timbered houses and proud town halls, legendary villages lined up like pearls in a necklace, all bear witness to a colourful past. We will go from Heppenheim on a vineyard walk. The goal is the princely summer camp of Ludwig I, the first Grand Duke of Hesse and the Rhine in Bensheim-Auerbach.
Meeting point for the tour is 10:00 am at the bus stop next to darmstadtium. The bus brings us to Heppenheim, where we start our hiking tour in direction of Fürstenlager park in Bensheim-Auerbach. There we will stop in the mansion of the princely camp for a refreshment with local food & drinks. The return to Darmstadt is planned for 8:00 pm.
For the participation appropriate clothing and non-slip stable footwear is recommended.
Mandy Herberg, firstname.lastname@example.org