Engineering

Cryptography-based security solutions and cryptographic primitives can only support trust if sound implementations exist and users and developers are supported in integrating them into their applications. Thus, the goal of this project area is to develop methods and technologies that allow for secure implementation of cryptography and enable users and developers who may not be cryptography experts in properly applying cryptography.

E2 - Secure Refinement of Cryptographic Algorithms

Cryptographic algorithms often become insecure because vulnerabilities are introduced while refining these algorithms to implementations. Side-channels, like differences in running time of a program depending on secrets, constitute an infamous class of implementation-level vulnerabilities. Our overall objective is to improve the trustworthiness of cryptography on the level of implementations, and, in particular, to detect and mitigate side-channel vulnerabilities. The results will include novel program analyses, a security analysis tool, accompanying soundness results and guidelines for implementing cryptographic algorithms securely.

Researchers

Alexandra Weber

Modeling and Analysis of Information Systems

Interests:

  • Formal methods.
  • Semantics.
  • Program analysis.
  • Software security.
  • Interactive theorem proving.

Yuri Dantas

Modeling and Analysis of Information Systems

Interests:

  • Security Information.
  • Computer Networks.

Johannes Schickel

Modeling and Analysis of Information Systems

Interests:

  • Static program analysis.
  • Software security.
  • Side-channel attacks.
  • Secure coding.
  • Programming languages.
  • Decompilation.

CROSSING Publications E2

Additional Attributes

Type

Towards Accelerated Usage Control based on Access Correlations

Richard Gay, Jinwei Hu, Heiko Mantel, Johannes Schickel
In: NordSec2017 - Nordic Conference on Secure IT Systems, November 2017
Springer
[Online-Edition: nordsec2017.cs.ut.ee/]
[Inproceedings]

Bounding the cache-side-channel leakage of lattice-based signature schemes using program semantics

Nina Bindel, Johannes Buchmann, Juliane Krämer, Heiko Mantel, Johannes Schickel, Alexandra Weber
In: The 10th International Symposium on Foundations & Practice of Security, October 2017
Springer
[Online-Edition: fps2017.loria.fr/]
[Inproceedings]

AVR Processors as a Platform for Language-Based Security

Florian Dewald, Heiko Mantel, Alexandra Weber
In: ESORICS - Proceedings of the 22nd European Symposium on Research in Computer Security, September 2017
Springer
[Inproceedings]

A Systematic Study of Cache Side Channels across AES Implementations

Heiko Mantel, Alexandra Weber, Boris Köpf
In: ESSoS 2017 - 9th International Symposium on Engineering Secure Software and Systems, July 2017
Springer
[Online-Edition: https://distrinet.cs.kuleuven.be/events/essos/2017/]
[Inproceedings]

Slow TCAM Exhaustion DDoS Attack

Túlio Pascoal, Yuri Dantas, Iguatemi Fonseca, Vivek Nigam
In: IFIP SEC 2017 - 32nd International Conference on ICT Systems Security and Privacy Protection, March 2017
Springer
[Inproceedings]

An Experimental Study of a Bucketing Approach

Yuri Dantas, Tobias Hamann, Heiko Mantel, Johannes Schickel
In: Quantitative Aspects of Programming Languages and Systems, March 2017
[Online-Edition: qapl17.doc.ic.ac.uk/]
[Inproceedings]

SFB 1119 - Contact


Contact E2

Heiko Mantel
TU Darmstadt
Department of Computer Science
Modeling and Analysis of Information Systems
Hochschulstraße 10
64289 Darmstadt

Marc Fischlin
Technische Universität Darmstadt
Fachbereich Informatik
Kryptographie & Komplexitätstheorie
Mornewegstrasse 30
64293 Darmstadt

 

Funded by

A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang