Topic

When secret data is used by programs, there is a danger that this results in information leakage via side channels. Execution characteristics (like, e.g., running time or power consumption) might provide attackers with information that enables them, for instance, to learn a cryptographic key directly or in combination with a feasible brute-force attack. Meltdown, Spectre, and Platypus are prominent examples of such side-channel vulnerabilities.

In a side-channel attack, an attacker observes characteristics of a program run, (e.g., the duration of the run) and exploits these observations to deduce secrets (e.g., cryptographic keys). Such attacks target concrete implementations and might succeed even against programs whose underlying algorithm was proven to be secure. Formal models and static program analyses enable the derivation of reliable guarantees of how much information could be leaked at most via a side channel during a run of a given program. Experiments, including proof-of-concept attacks, can be used to demonstrate the seriousness of side-channel vulnerabilities.

Our overall goal in this project is to create a framework for detecting side-channel vulnerabilities in cryptographic implementations. In addition, we develop qualitative and quantitative program analysis techniques that enable engineers to systematically assess the seriousness of detected vulnerabilities. We complement our static analysis techniques by distinguishing experiments to demonstrate the seriousness of vulnerabilities and to validate the precision of our static analyses. Moreover, we aim at increasing the trustworthiness of cryptographic implementations by an informed use of mitigation techniques and by engineering techniques.

The Position

In this position, you will contribute to detecting side-channel vulnerabilities, understanding their severity, mitigating them, and/or avoiding them by construction. Three complementary research directions are possible that fit different backgrounds and interests :

• Your research could focus on the side-channel security of state-of-the-art implementations of post-quantum cryptography (or implementations of cryptographic algorithms from some other domain). In this direction, you would use and improve combinations of static program analysis and distinguishing experiments to assess and improve the side-channel resistance of cryptographic implementations.
• Alternatively, your research could focus on quantitative formal models for capturing varying degrees of confidentiality and on quantitative program analyses for deriving such quantitative security guarantees while taking micro-architectural features of the underlying execution platform into account. In this direction, you could build on our prior foundational research and our tool development (including multiple variants of the tools SideChannelFinder and CacheAudit).
• Finally, your research could focus on demonstrating the seriousness of side-channel vulnerabilities by the feasibility of exploits and on developing construction principles whose application ensures that side-channel vulnerabilities are avoided proactively when engineering security-critical systems. You could build on our prior research on distinguishing experiments for timing side channels and for software-based energy side channels.

This position is associated with the project "Secure Refinement of Cryptographic Algorithms" in the DFG CRC CROSSING.

Prior Skills and Experiences

You should

• be competent in at least one of the following areas: static program analysis, side channel attacks/vulnerabilities/analyses, cryptography, other aspects of IT-security and
• be interested to push forward side-channel security.

If you want to focus on theoretical aspects in your research, you should, in addition, be competent in formal methods, mathematical logic, information theory, or statistics. If you want to focus on practical aspects, you should, in addition, be competent in tool development, using theorem provers, or experimental evaluations.

Moreover, you should be highly motivated to tackle challenging research problems, to produce innovative insights and tools, to strive for international visibility as a researcher, and be open minded. You need good language skills in English (writing and talking). Prior knowledge of the German language is not expected, but you should be willing to obtain basic skills within a year.

Candidates for a postdoc position should have a publication record on side channels or static program analysis.

• research problems that are interesting, challenging, and relevant
• funded positions (salary depends on experience and percentage of employment) or scholarships
• excellent technical equipment and workplace
• competent mentoring and highly motivated colleagues
• a top Computer Science department in Germany (frequently the top CS department) with excellent B.Sc./M.Sc. students

TU Darmstadt is one of Germany's top technical universities with an outstanding reputation in research and education in Computer Science. TU Darmstadt is an equal opportunities employer and encourages applications from women. In case of equal qualifications, applicants with a degree of disability of at least 50% will be given preference.

The chair MAIS is led by Prof. Dr. Heiko Mantel. The overall goal of MAIS is to increase the trustworthiness and reliability of software-based systems. The working language at the chair is English.