Skip to main content

Securing Software against Physical Attacks

Publications

Coco: Co-Design and Co-Verification of Masked Software Implementations on CPUs

Author(s): Barbara Gigerl, Vedad Hadzic, Robert Primas, Stefan Mangard, Roderick Bloem
Published in: Proceedings of the 30th USENIX Security Symposium, 2021

The Evolution of Transient-Execution Attacks

Author(s): Claudio Canella, Khaled N. Khasawneh, Daniel Gruss
Published in: Proceedings of the 2020 on Great Lakes Symposium on VLSI, 2020, Page(s) 163-168
DOI: 10.1145/3386263.3407583

A Fast and Compact RISC-V Accelerator for Ascon and Friends

Author(s): Stefan Steinegger*, Robert Primas
Published in: Smart Card Research and Advanced Applications - 19th International Conference, CARDIS 2020, Revised Selected Papers, Issue 19th International Conference, CARDIS 2020, Revised Selected Papers, 2020, Page(s) 53-67
DOI: 10.1007/978-3-030-68487-7_4

ZombieLoad: Cross-Privilege-Boundary Data Sampling

Author(s): Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, Daniel Gruss
Published in: CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, Issue Proceedings of the 2019 ACM SIGSAC, 2019, Page(s) 753-768

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

Author(s): Pascal Nasahl, Robert Schilling, Mario Werner, Stefan Mangard
Published in: ACM ASIACCS 2021, 2021

KASLR: Break It, Fix It, Repeat

Author(s): Claudio Canella, Michael Schwarz, Martin Haubenwallner, Martin Schwarzl, Daniel Gruss
Published in: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, 2020, Page(s) 481-493
DOI: 10.1145/3320269.3384747

Systematic Analysis of Randomization-based Protected Cache Architectures

Author(s): Antoon Purnal, Lukas Giner, Daniel Gruß, Ingrid Verbauwhede
Published in: 42th IEEE Symposium on Security and Privacy, 2021

ConTExT: A Generic Approach for Mitigating Spectre

Author(s): Michael Schwarz, Moritz Lipp, Claudio Alberto Canella, Robert Schilling, Florian Kargl, Daniel Gruß
Published in: Network and Distributed System Security Symposium 2020, 2020

CrypTag: Thwarting Physical and Logical Memory Vulnerabilities using Cryptographically Colored Memory

Author(s): Pascal Nasahl, Robert Schilling, Mario Werner, Jan Hoogerbrugge, Marcel Medwed, Stefan Mangard
Published in: ACM ASIACCS 202, 2021

An Algebraic Attack on Ciphers with Low-Degree Round Functions: Application to Full MiMC

Author(s): Maria Eichlseder and Lorenzo Grassi and Reinhard Lüftenegger and Morten Øygarden and Christian Rechberger and Markus Schofnegger and Qingju Wang
Published in: IACR-ASIACRYPT-2020, 2020, Page(s) 477-506
DOI: 10.1007/978-3-030-64837-4_16

Evolution of Defenses against Transient-Execution Attacks

Author(s): Claudio Canella, Sai Manoj Pudukotai Dinakarrao, Daniel Gruss, Khaled N. Khasawneh
Published in: Proceedings of the 2020 on Great Lakes Symposium on VLSI, 2020, Page(s) 169-174
DOI: 10.1145/3386263.3407584

Ciminion: Symmetric Encryption Based on Toffoli-Gates over Large Finite Fields

Author(s): Christoph Erwin Dobraunig, Lorenzo Grassi, Anna Guinet , Daniël Kuijsters
Published in: Eurocrypt 2021, 2021

Concealing Secrets in Embedded Processors Designs

Author(s): Hannes Gross, Manuel Jelinek, Stefan Mangard, Thomas Unterluggauer, Mario Werner
Published in: CARDIS 2016, 2017, Page(s) 89-104
DOI: 10.1007/978-3-319-54669-8_6

High speed ASIC implementations of leakage-resilient cryptography

Author(s): Robert Schilling, Thomas Unterluggauer, Stefan Mangard, Frank K. Gurkaynak, Michael Muehlberghuber, Luca Benini
Published in: 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2018, Page(s) 1259-1264
DOI: 10.23919/DATE.2018.8342208

Another Flip in the Wall of Rowhammer Defenses

Author(s): Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom
Published in: 39th IEEE Symposium on Security and Privacy 2018, 2017

An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order

Author(s): Hannes Gross, Stefan Mangard, Thomas Korak
Published in: CT-RSA, 2017, Page(s) 95-112
DOI: 10.1007/978-3-319-52153-4_6

Formal Verification of Masked Hardware Implementations in the Presence of Glitches

Author(s): Roderick Bloem, Hannes Gross, Rinat Iusupov, Bettina Könighofer, Stefan Mangard, Johannes Winter
Published in: Eurocrypt 2018, 2018, Page(s) 321-353
DOI: 10.1007/978-3-319-78375-8_11

KASLR is Dead

Author(s): Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard
Published in: ESSoS'17, 2017, Page(s) 161-176
DOI: 10.1007/978-3-319-62105-0_11

JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks

Author(s): Michael Schwarz Moritz Lipp Daniel Gruss
Published in: NDSS 2018, 2018

Higher-Order Side-Channel Protected Implementations of KECCAK

Author(s): Hannes Gross, David Schaffenrath, Stefan Mangard
Published in: 2017 Euromicro Conference on Digital System Design (DSD), 2017, Page(s) 205-212
DOI: 10.1109/DSD.2017.21

Multi-core data analytics SoC with a flexible 1.76 Gbit/s AES-XTS cryptographic accelerator in 65 nm CMOS

Author(s): Frank K. Gürkaynak, Robert Schilling, Michael Muehlberghuber, Francesco Conti, Stefan Mangard, Luca Benini
Published in: Proceedings of the Fourth Workshop on Cryptography and Security in Computing Systems - CS2 '17, 2017, Page(s) 19-24
DOI: 10.1145/3031836.3031840

ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android

Author(s): Spreitzer, R., Kirchengast, F., Gruss, D., Mangard, S.
Published in: AsiaCCS 2018, 2018

Malware guard extension

Author(s): Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard
Published in: DIMVA'17, 2017, Page(s) 3-24
DOI: 10.1007/978-3-319-60876-1_1

Leakage Bounds for Gaussian Side Channels

Author(s): Thomas Unterluggauer, Thomas Korak, Stefan Mangard, Robert Schilling, Luca Benini, Frank K. Gürkaynak, Michael Muehlberghuber
Published in: CARDIS 2018, 2018

SCAnDroid: Automated Side-Channel Analysis of Android APIs

Author(s): Spreitzer, R., Palfinger, G., Mangard, S.
Published in: WISEC 2018, 2018

Securing conditional branches in the presence of fault attacks

Author(s): Robert Schilling, Mario Werner, Stefan Mangard
Published in: 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2018, Page(s) 1586-1591
DOI: 10.23919/DATE.2018.8342268

Reconciling d+1 Masking in Hardware and Software

Author(s): Groß, H., Mangard, S.
Published in: CHES 2017, 2017

Side-channel plaintext-recovery attacks on leakage-resilient encryption

Author(s): Thomas Unterluggauer, Mario Werner, Stefan Mangard
Published in: Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017, 2017, Page(s) 1318-1323
DOI: 10.23919/DATE.2017.7927197

Single Trace Attack Against RSA Key Generation in Intel SGX SSL

Author(s): Weiser, S., Spreitzer, R., Bodner, L.
Published in: AsiaCCS 2018, 2018

Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives

Author(s): Thomas Unterluggauer, Mario Werner, Stefan Mangard
Published in: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17, 2017, Page(s) 690-702
DOI: 10.1145/3052973.3052985

Transparent memory encryption and authentication

Author(s): Mario Werner, Thomas Unterluggauer, Robert Schilling, David Schaffenrath, Stefan Mangard
Published in: 2017 27th International Conference on Field Programmable Logic and Applications (FPL), 2017, Page(s) 1-6
DOI: 10.23919/FPL.2017.8056797

KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks.

Author(s): Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard
Published in: NDSS Symposium 2018, 2018
DOI: 10.14722/ndss.2018.23002

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Author(s): Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard
Published in: Proceedings of the 2018 on Asia Conference on Computer and Communications Security - ASIACCS '18, 2018, Page(s) 587-600
DOI: 10.1145/3196494.3196508

Meltdown

Author(s): Lipp, Moritz; Schwarz, Michael; Gruss, Daniel; Prescher, Thomas; Haas, Werner; Mangard, Stefan; Kocher, Paul; Genkin, Daniel; Yarom, Yuval; Hamburg, Mike
Published in: 27th USENIX Security Symposium, Issue 2, 2018

Sponge-Based Control-Flow Protection for IoT Devices

Author(s): Mario Werner, Thomas Unterluggauer, David Schaffenrath, Stefan Mangard
Published in: 2018 IEEE European Symposium on Security and Privacy (EuroS&P), 2018, Page(s) 214-226
DOI: 10.1109/eurosp.2018.00023

Pointing in the Right Direction - Securing Memory Accesses in a Faulty World

Author(s): Schilling, Robert; Werner, Mario; Nasahl, Pascal; Mangard, Stefan
Published in: ACSAC 2018, Issue 2, 2018

Generic Low-Latency Masking in Hardware

Author(s): Gross, H., Iusupov, R., & Bloem, R.
Published in: CHES 2018, 2018
DOI: 10.13154/tches.v2018.i2.1-21

JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits

Author(s): Michael Schwarz, Florian Lackner, Daniel Gruss
Published in: NDSS 2019, 2019

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Author(s): Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Stefan Mangard, Florian Mendel, Robert Primas
Published in: ASIACRYPT 2018, 2018

SGXJail: Defeating Enclave Malware via Confinement

Author(s): Samuel Weiser, Luca Mayr, Michael Schwarz, Daniel Gruss
Published in: 22nd International Symposium on Research in Attacks, Intrusions and Defenses ({RAID} 2019), 2019

Protecting RISC-V Processors against Physical Attacks

Author(s): Mario Werner, Robert Schilling, Thomas Unterluggauer, Stefan Mangard
Published in: 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2019, Page(s) 1136-1141
DOI: 10.23919/date.2019.8714811

A Systematic Evaluation of Transient Execution Attacks and Defenses

Author(s): Claudio Canella, Jo Van Bulck, Michael Schwarz , Moritz Lipp , Benjamin von Berg , Philipp Ortner , Frank Piessens , Dmitry Evtyushkin, Daniel Gruss
Published in: USENIX Security 2019, 2019

ScatterCache: Thwarting Cache Attacks via Cache Set Randomization

Author(s): Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard
Published in: USENIX Security 2019, 2019

Specfuscator: Evaluating Branch Removal as a Spectre Mitigation

Author(s): Martin Schwarzl, Claudio Alberto Canella, Daniel Gruss, Michael Schwarz
Published in: Financial Cryptography and Data Security 2021 - Virtual conference, 2021

Nethammer: Inducing Rowhammer Faults through Network Requests

Author(s): Moritz Lipp, Michael Schwarz, Lukas Raab, Lukas Lamster, Misiker Tadesse Aga, Clementine Maurice, Daniel Gruss
Published in: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 2020, Page(s) 710-719
DOI: 10.1109/eurospw51379.2020.00102

Donky: Domain Keys – Efficient In-Process Isolation for RISC-V and x86

Author(s): David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruß
Published in: Proceedings of the 29th USENIX Security Symposium 2020, 2020, Page(s) 1677-1694

Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors

Author(s): Moritz Lipp, Vedad Hažić, Michael Schwarz, Arthur Perais, Clémentine Maurice, Daniel Gruss
Published in: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, 2020, Page(s) 813-825
DOI: 10.1145/3320269.3384746

ConTExT: Leakage-Free Transient Execution

Author(s): Schwarz, Michael; Schilling, Robert; Kargl, Florian; Lipp, Moritz; Canella, Claudio; Gruss, Daniel
Published in: NDSS 2020, Issue NDSS 2020, 2020

NetSpectre: Read Arbitrary Memory over Network

Author(s): Michael Schwarz, Martin Schwarzl, Moritz Lipp, Jon Masters, Daniel Gruss
Published in: Computer Security – ESORICS 2019 - 24th European Symposium on Research in Computer Security, Luxembourg, September 23–27, 2019, Proceedings, Part I, Issue 11735, 2019, Page(s) 279-299
DOI: 10.1007/978-3-030-29959-0_14

Small Faults Grow Up - Verification of Error Masking Robustness in Arithmetically Encoded Programs

Author(s): Anja F. Karl, Robert Schilling, Roderick Bloem, Stefan Mangard
Published in: Verification, Model Checking, and Abstract Interpretation - 20th International Conference, VMCAI 2019, Cascais, Portugal, January 13–15, 2019, Proceedings, Issue 11388, 2019, Page(s) 183-204
DOI: 10.1007/978-3-030-11245-5_9

Fault Attacks on Nonce-Based Authenticated Encryption: Application to Keyak and Ketje

Author(s): Christoph Dobraunig, Stefan Mangard, Florian Mendel, Robert Primas
Published in: Selected Areas in Cryptography – SAC 2018 - 25th International Conference, Calgary, AB, Canada, August 15–17, 2018, Revised Selected Papers, Issue 11349, 2019, Page(s) 257-277
DOI: 10.1007/978-3-030-10970-7_12

Practical Enclave Malware with Intel SGX

Author(s): Michael Schwarz, Samuel Weiser, Daniel Gruss
Published in: Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings, Issue 11543, 2019, Page(s) 177-196
DOI: 10.1007/978-3-030-22038-9_9

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

Author(s): Tim Beyne, Anne Canteaut, Itai Dinur, Maria Eichlseder, Gregor Leander, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, Yu Sasaki, Yosuke Todo, Friedrich Wiemer
Published in: Advances in Cryptology – CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III, Issue 12172, 2020, Page(s) 299-328
DOI: 10.1007/978-3-030-56877-1_11

Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble

Author(s): Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Frank Piessens, Daniel Gruss
Published in: IEEE Security & Privacy, Issue 18/5, 2020, Page(s) 28-37, ISSN 1540-7993
DOI: 10.1109/msec.2020.2990495

ISAP – Towards Side-Channel Secure Authenticated Encryption

Author(s): Dobraunig, Christoph; Eichlseder, Maria; Mangard, Stefan; Mendel, Florian; Unterluggauer, Thomas
Published in: IACR Transactions on Symmetric Cryptology, Issue 1, 2017, ISSN 2519-173X
DOI: 10.13154/tosc.v2017.i1.80-105

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

Author(s): Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard
Published in: IEEE Communications Surveys & Tutorials, Issue 20/1, 2018, Page(s) 465-488, ISSN 1553-877X
DOI: 10.1109/COMST.2017.2779824

MEAS: memory encryption and authentication secure against side-channel attacks

Author(s): Thomas Unterluggauer, Mario Werner, Stefan Mangard
Published in: Journal of Cryptographic Engineering, 2018, ISSN 2190-8508
DOI: 10.1007/s13389-018-0180-2

A unified masking approach

Author(s): Hannes Gross, Stefan Mangard
Published in: Journal of Cryptographic Engineering, 2018, ISSN 2190-8508
DOI: 10.1007/s13389-018-0184-y

SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography

Author(s): Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Stefan Mangard, Florian Mendel, Robert Primas
Published in: IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3), 2018, ISSN 2569-2925

Tightness of the Suffix Keyed Sponge Bound

Author(s): Christoph Dobraunig, Bart Mennink
Published in: IACR Transactions on Symmetric Cryptology, 2020, Page(s) 195-212, ISSN 2519-173X
DOI: 10.46586/tosc.v2020.i4.195-212

Automating Seccomp Filter Generation for Linux Applications

Author(s): Claudio Canella, Mario Werner, Daniel Gruss, Michael Schwarz
Published in: 2020

Spectre Attacks: Exploiting Speculative Execution

Author(s): Kocher, Paul; Genkin, Daniel; Gruss, Daniel; Haas, Werner; Hamburg, Mike; Lipp, Moritz; Mangard, Stefan; Prescher, Thomas; Schwarz, Michael; Yarom, Yuval
Published in: spectreattack.com, Issue 3, 2018