The goal of this project area is to provide cryptography-based security solutions that match all the necessary functional requirements to establish trust in new and next generation computing environments. Such solutions have been and will be indispensable to establish trust in the identities and properties of actors, in the soundness of their devices, and in the proper functioning and privacy-friendliness of services.

S2 -Attestation Protocols


Embedded and mobile systems are more and more used in security- and safety-critical applications. This generates an increasing need for enabling technologies to validate and verify the integrity of a system's software state against malicious code. This project will design and develop novel attestation schemes that allow to validate and verify the software integrity and trustworthiness of remote devices, cover runtime attacks, do not require complex and/or costly security hardware, are secure in stronger adversary models than existing approaches, and that do not solely rely on standard cryptographic techniques.


Ahmad Ibrahim

System Security Lab

Christopher Liebchen

System Security Lab

Shaza Zeitouni

System Security Lab


  • Hardware security.
  • Physically Unclonable Functions Attestation.
  • Secure privacy-preserving computation.

David Gens

System Security Lab


  • Architectural defenses, isolation between kernel and userland.
  • Run-time attacks, reverse engineering.
  • Static analysis and formal verification.

Reham Mohamed

System Security Lab

Tigist Abera

System Security Lab


  • Memory Corruption Detection.
  • Runtime attacks and defenses.
  • Static analysis.

CROSSING Publications S2

Additional Attributes


ATRIUM: Runtime Attestation Resilient Under Memory Attacks

Shaza Zeitouni, Ghada Dessouky, Orlando Arias, Dean Sullivan, Ahmad Ibrahim, Yier Jin, Ahmad-Reza Sadeghi
In: 2017 International Conference On Computer Aided Design (ICCAD'17), November 2017

Breaking Fitness Records without Moving: Reverse Engineering and Spoofing Fitbit

Hossein Fereidooni, Jiska Classen, Tom Spink, Paul Patras, Markus Miettinen, Ahmad-Reza Sadeghi, Matthias Hollick, Mauro Conti
In: Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2017

LAZARUS: Practical Side-channel Resilient Kernel-Space Randomization

Orlando Arias, David Gens, Yier Jin, Christopher Liebchen, Ahmad-Reza Sadeghi, Dean Sullivan
In: 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017), September 2017

HardIDX: Practical and Secure Index with SGX

Benny Fuhry, Raad Bahmani, Ferdinand Brasser, Florian Hahn, Florian Kerschbaum, Ahmad-Reza Sadeghi
In: Conference on Data and Applications Security and Privacy (DBSec), July 2017

SeED: Secure Non-Interactive Attestation for Embedded Devices

Ahmad Ibrahim, Ahmad-Reza Sadeghi, Shaza Zeitouni
In: 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2017), July 2017

LO-FAT: Low-Overhead Control Flow ATtestation in Hardware

Ghada Dessouky, Shaza Zeitouni, Thomas Nyman, Andrew Paverd, Lucas Davi, Patrick Koeberl, N. Asokan, Ahmad-Reza Sadeghi
In: 54th Design Automation Conference (DAC'17), June 2017

PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables

Lucas Davi, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi
In: 24th Annual Network & Distributed System Security Symposium (NDSS), February 2017

Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity

Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi, Hamed Okhravi
In: 24th Annual Network & Distributed System Security Symposium (NDSS), February 2017

SFB 1119 - Contact

Contact S2

Ahmad-Reza Sadeghi
System Security Lab
Mornewegstrasse 32
64293 Darmstadt

Lucas Davi
Gruppe Systemsicherheit
Gerlingstra├če 16
45127 Essen


Funded by

A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang