Invited Speakers
Dmitry Nedospasov
Biography
Dmitry Nedospasov is a PhD student and researcher in the field of IC security at the Security in Telecommunications (SECT) research group at the Berlin University of Technology (TU Berlin) and the Telekom Innovation Laboratories. He is also part of the Helmholtz Research school on Security Technologies (HRS ST). Dmitry's research interests include hardware security and IC reverse-engineering as well as physical attacks against ICs and embedded systems. His academic research focuses on developing new and novel techniques for semi and fully-invasive IC analysis. These techniques generally target the IC backside and are difficult to mitigate. Most recently, Dmitry has been involved in identifying vulnerabilities in implementations of Physically Unclonable Functions (PUFs).
Talk: Spatially Resolved Side Channel Analysis
Initially, Side-Channel Analysis (SCA) was particularly effective as low-cost, non-invasive blackbox analysis techniques. However, with the advent of SCA countermeasures, their impact has been greatly reduced. Countermeasures generally prevent data leakage on system level. However, today, the most effective attacks are semi-invasive and fully-invasive in nature and utilize spatial resolution to circumvent such countermeasures. For example, Photonic Emission Analysis (PEA), Laser Probing and Voltage Contrast Microscopy can be used to recover data from the target. Moreover, fault injection makes it possible to change the data at runtime using techniques such as laser glitching and microprobing. Though these attacks can circumvent many device countermeasures, they require additional reverse-engineering as they target specific signals on the device.
As countermeasures continue to improve, the cost of performing SCA goes up as well. However, the surplus Failure Analysis equipment market is driving down the price of performing semi- and fully-invasive techqniques. Moreover, the reverse-engineering process can be automated in software, eliminating the amount of effort needed to find relevant signals on the device. As a result, semi- and fully-invasive analysis techniques are becoming far more attractive.
Sebastian Faust
Biography
Dr. Sebastian Faust is a Marie Curie fellow at EPFL Lausanne working
on topics across theoretical and applied cryptography, inlcuding
leakage and tamper resilient cryptography and cryptographic protocol
design. One of his main interests is to extend the proof-driven
security analysis to the level when abstract cryptographic algorithms
and protocols are implemented on real-world devices. Prior to working
at EPFL, Sebastian was a Postdoc at Aarhus University and completed
his PhD as a Microsoft Research PhD scholar at KU Leuven. In an
earlier life, Sebastian was working as a business & technology
consultant and was involved in a number of startup companies in
Germany.
Talk: Leakage Resilient Circuit Compilers
Is cryptography possible when keys and randomness are partially
revealed to an adversary? Leakage resilient cryptography addresses
this questions by weakening the assumption of black-box computation
and considers an adversarial model where the internal state of an
algorithm is partially revealed. To this end, it develops new security
models that describe the behavior of cryptographic implementations and
develops cryptographic schemes that can be proven secure therein. One
of the main challenges in the area is to develop generic techniques to
protect arbitrary cryptographic computation in the presence of leakage
-- so-called leakage resilient circuit compilers. Circuit compilers
can be viewed as a formalization of the masking countermeasure, which
randomizes computation and is frequently used as a countermeasure
against physical leakage due to, e.g., the power consumption of a
device. In this talk, we will review some of the main leakage models
that have been considered to study the security of leakage resilient
compilers and present constructions that can be proven secure in these
models. Moreover, I will discuss natural limitations of the concept of
provable security for physical security and overview important future
challenges.
