Secure Refinement of Cryptographic Algorithms (CROSSING Project E3)
The project "Secure Refinement of Cryptographic Algorithms" is part of the DFG Collaborative Research Center (Sonderforschungsbereich) 1119: "CROSSING". It is project number E3 in the project area "Engineering" of CROSSING.
Link to the official CROSSING webpage of this project: CROSSING Project E3
Summary
Cryptographic algorithms often become insecure because vulnerabilities are introduced while refining these algorithms to implementations. Side-channels, like differences in running time of a program depending on secrets, constitute an infamous class of implementation-level vulnerabilities. Our overall objective is to improve the trustworthiness of cryptography on the level of implementations, and, in particular, to detect and mitigate side-channel vulnerabilities. The results will include novel program analyses, a security analysis tool, accompanying soundness results and guidelines for implementing cryptographic algorithms securely.
Overview of Project Cycle
Relevant Publications
- Alexandra Weber, Oleg Nikiforov, Alexander Sauer, Johannes Schickel, Gernot Alber, Heiko Mantel and Thomas Walther. Cache-Side-Channel Quantification and Mitigation for Quantum Cryptography. In Proceedings of the 26th European Symposium on Research in Computer Security (ESORICS), 2021. (to appear).
[ BibTeX entry | PDF ] - Heiko Mantel, Lukas Scheidel, Thomas Schneider, Alexandra Weber, Christian Weinert and Tim Weißmantel. RiCaSi: Rigorous Cache Side Channel Mitigation via Selective Circuit Compilation. In Proceedings of the 19th International Conference on Cryptology and Network Security (CANS), pages 505-525, 2020.
[ BibTeX entry | PDF | Video Presentation ] - Heiko Mantel and Christian Probst. On the Meaning and Purpose of Attack Trees. In Proceedings of the 32nd IEEE Computer Security Foundations Symposium (CSF), pages 184-199, 2019.
[ BibTeX entry | PDF ] - Yuri Gil Dantas, Richard Gay, Tobias Hamann, Heiko Mantel and Johannes Schickel. An Evaluation of Bucketing in Systems with Non-Deterministic Timing Behavior. In 33rd IFIP TC-11 SEC 2018 International Conference on Information Security and Privacy Protection (IFIP SEC), pages 323-338, 2018.
[ BibTeX entry | PDF ] - Yuri Gil Dantas, Tobias Hamann and Heiko Mantel. A Comparative Study across Static and Dynamic Side-Channel Countermeasures. In Proceedings of the 11th International Symposium on Foundations & Practice of Security (FPS), pages 173-189, 2018.
[ BibTeX entry | PDF ] - Marcilio O.O.Lemos, Yuri Gil Dantas, Iguatemi E. Fonseca and Vivek Nigam. On the Accuracy of Formal Verification of Selective Defenses for TDoS Attacks. In Proceedings of the Journal of Logical and Algebraic Methods in Programming (JLAMP), pages 45-67, 2018.
[ BibTeX entry | PDF ] - Heiko Mantel, Johannes Schickel, Alexandra Weber and Friedrich Weber. How Secure is Green IT? The Case of Software-Based Energy Side Channels. In Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS), pages 218-239, 2018.
[ BibTeX entry | PDF ] - Nina Bindel, Johannes Buchmann, Juliane Krämer, Heiko Mantel, Johannes Schickel and Alexandra Weber. Bounding the cache-side-channel leakage of lattice-based signature schemes using program semantics. In Proceedings of the 10th International Symposium on Foundations & Practice of Security (FPS), pages 225-241, 2017.
[ BibTeX entry | PDF ] - Florian Dewald, Heiko Mantel and Alexandra Weber. AVR Processors as a Platform for Language-Based Security. In Proceedings of the 22nd European Symposium on Research in Computer Security (ESORICS), pages 427-445, 2017.
[ BibTeX entry | PDF ] - Richard Gay, Jinwei Hu, Heiko Mantel and Johannes Schickel. Towards Accelerated Usage Control based on Access Correlations. In Proceedings of the 22nd Nordic Conference on Secure IT Systems (NordSec), pages 245-261, 2017.
[ BibTeX entry | PDF ] - Heiko Mantel, Alexandra Weber and Boris Köpf. A Systematic Study of Cache Side Channels across AES Implementations. In Proceedings of the 9th International Symposium on Engineering Secure Software and Systems (ESSoS), pages 213-230, 2017.
[ BibTeX entry | PDF ] - Tulio A. Pascoal, Yuri Gil Dantas, Iguatemi E. Fonseca and Vivek Nigam. Slow TCAM Exhaustion DDoS Attack. In Proceedings of the 32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC), pages 17-31, 2017.
[ BibTeX entry | PDF ] - Dominik Bollmann, Steffen Lortz, Heiko Mantel, Artem Starostin. An Automatic Inference of Minimal Security Types. In Proceedings of the 11th International Conference on Information Systems Security (ICISS), pages 395-415, 2015.
[ BibTeX entry | PDF ] - Heiko Mantel and Artem Starostin. Transforming Out Timing Leaks, More or Less. In Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS) - Part I, pages 447-467. Springer, 2015.
[ BibTeX entry | PDF ]
- Tim Weißmantel. Exploring Cache-Side-Channel Leakage of AES across CBC, CTR and GCM Mode. Master's Thesis, TU Darmstadt, 2020.
[ BibTeX entry ] - Florian Dewald, Heiko Mantel and Alexandra Weber. Poster: Side-Channel Finder for AVR. Poster at the 20th International Conference on Cryptographic Hardware and Embedded Systems (CHES), 2018.
[ BibTeX entry | PDF ] - Isabella Dix. A Type System and Implementation for Detecting the Lucky13 Vulnerability with SPASCA. Master's Thesis, TU Darmstadt, 2018.
[ BibTeX entry ] - Timothy Earley. Extending the Language Coverage for Side-Channel FinderAVR. Bachelor's thesis, TU Darmstadt, 2018.
[ BibTeX entry ] - Oleg Nikiforov, Alexander Sauer, Johannes Schickel, Alexandra Weber, Gernot Alber, Heiko Mantel and Thomas Walther. Side-Channel Analysis of Privacy Amplification in Postprocessing Software for a Quantum Key Distribution System. TU Darmstadt, Technical Report TUD-CS-2018-0024, 2018.
[ BibTeX entry | PDF ] - Nina Bindel, Johannes Buchmann, Juliane Krämer, Heiko Mantel, Johannes Schickel and Alexandra Weber. Bounding the cache-side-channel leakage of lattice-based signature schemes using program semantics. Cryptology ePrint Archive, Technical Report, 2017. http://eprint.iacr.org/2017/951.
[ BibTeX entry | PDF ] - Manuel Cremer. Test Cases for Detecting the Lucky 13 Vulnerability with SPASCA. Bachelor's thesis, TU Darmstadt, 2017.
[ BibTeX entry ] - Yuri Gil Dantas, Tobias Hamann, Heiko Mantel and Johannes Schickel. An Experimental Study of a Bucketing Approach (Extended Abstract). In Proceedings of the 15th International Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL), 2017.
[ BibTeX entry ] - Florian Dewald. Establishing Trust in a Timing-Sensitive Information-Flow Analysis for AVR Assembly Programs. Studienarbeit, TU Darmstadt, 2017.
[ BibTeX entry ] - Ximeng Li, Heiko Mantel, Johannes Schickel, Markus Tasch, Iva Toteva and Alexandra Weber. SPASCA: Secure-Programming Assistant and Side-Channel Analyzer. TU Darmstadt, Technical Report TUD-CS-2017-0303, 2017.
[ BibTeX entry | PDF ] - Heiko Mantel, Johannes Schickel, Alexandra Weber and Friedrich Weber. Vulnerabilities Introduced by Features for Software-based Energy Measurement. TU Darmstadt, Technical Report, 2017.
[ BibTeX entry | PDF ] - Florian Dewald. Timing-Sensitive Information-Flow Analysis of AVR Assembly Programs. Bachelor's thesis, TU Darmstadt, 2016.
[ BibTeX entry ] - Iva Toteva. Advancing Tool Support for the Detection of Side-Channel Vulnerabilities in Java. Master's Thesis, TU Darmstadt, 2016.
[ BibTeX entry ] - Alexander Lux and Artem Starostin. A Tool for Static Detection of Timing Channels in Java. In Journal of Cryptographic Engineering (JCEN), 1(4), pages 303-313, 2011.
[ BibTeX entry | PDF ] - Heiko Mantel, David Sands and Henning Sudbrock. Assumptions and Guarantees for Compositional Noninterference. In Proceedings of the 24th IEEE Computer Security Foundations Symposium (CSF), pages 218-232. IEEE Computer Society, 2011.
[ BibTeX entry | PDF | Proofs and Addendum ] - Heiko Mantel and Henning Sudbrock. Flexible Scheduler-Independent Security. In Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS). LNCS 6345, pages 116-133. Springer, 2010.
[ BibTeX entry | PDF | Proofs of Theorems ] - Alexander Lux and Heiko Mantel. Declassification with Explicit Reference Points. In Proceedings of the 14th European Symposium on Research in Computer Security (ESORICS). LNCS, 5789, pages 69-85. Springer, 2009.
[ BibTeX entry | PDF ] - Heiko Mantel and Henning Sudbrock. Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels. In Pre-Proceedings of the 5th Workshop on Formal Aspects in Security and Trust (FAST 2008), pages 67-81, 2008.
[ BibTeX entry | PDF ] - Boris Köpf and Heiko Mantel. Transformational Typing and Unification for Automatically Correcting Insecure Programs. In International Journal of Information Security (IJIS), 6(2-3), pages 107-131, 2007.
[ BibTeX entry ] - Heiko Mantel and Alexander Reinhard. Controlling the What and Where of Declassification in Language-Based Security. In Proceedings of the 16th European Symposium on Programming (ESOP). LNCS, 4421, pages 141-156. Springer, 2007.
[ Abstract | BibTeX entry | PDF ] - Heiko Mantel and Henning Sudbrock. Comparing Countermeasures against Interrupt-Related Covert Channels in an Information-Theoretic Framework. In Proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF), pages 326-340. IEEE Computer Society, 2007.
[ Abstract | BibTeX entry | PDF ] - Heiko Mantel. Preserving Information Flow Properties under Refinement. In Proceedings of the 22nd IEEE Symposium on Security and Privacy (S&P), pages 78-91. IEEE Computer Society, 2001.
[ Abstract | BibTeX entry | PDF | zipped Postscript ]
Print
Imprint
Sitemap
Contact