Autor*innen mit den meisten Dokumenten
Auflistung nach:
Neueste Veröffentlichungen
- ZeitschriftenartikelHardware-oriented security(it - Information Technology: Vol. 61, No. 1, 2019) Polian, IliaArticle Hardware-oriented security was published on February 1, 2019 in the journal it - Information Technology (volume 61, issue 1).
- ZeitschriftenartikelEvaluation of (power) side-channels in cryptographic implementations(it - Information Technology: Vol. 61, No. 1, 2019) Bache, Florian; Plump, Christina; Wloka, Jonas; Güneysu, Tim; Drechsler, RolfSide-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.
- ZeitschriftenartikelSafety-critical human computer interaction(it - Information Technology: Vol. 61, No. 1, 2019) Nestler, SimonDealing with usability issues of safety-critical interactive systems is essential for an efficient, effective and joyful use of these systems. This paper describes a prototypical safety-critical environment and discusses the HCI (human computer interaction) challenges of different interactive systems for safety-critical environments. We designed, developed and evaluated various interactive systems which solve different challenges in so-called mass casualty incidents (MCIs). In summary, we made contributions to three different areas of application: Mobile computing in safety-critical environments, simulation of safety-critical environments and social media in safety-critical environments. Finally, this paper gives further insights how all these research results can to be brought together in the future in order to be able to build usable interactive systems for safety-critical environments.
- ZeitschriftenartikelFrontmatter(it - Information Technology: Vol. 61, No. 1, 2019) FrontmatterArticle Frontmatter was published on February 1, 2019 in the journal it - Information Technology (volume 61, issue 1).
- ZeitschriftenartikelTowards memory integrity and authenticity of multi-processors system-on-chip using physical unclonable functions(it - Information Technology: Vol. 61, No. 1, 2019) Sepúlveda, Johanna; Wilgerodt, Felix; Pehl, MichaelA persistent problem for modern Multi-Processors System-on-Chip (MPSoCs) is their vulnerability to code injection attacks. By tampering the memory content, attackers are able to extract secrets from the MPSoC and to modify or deny the MPSoC’s operation. This work proposes SEPUFSoC (Secure PUF-based SoC), a novel flexible, secure, and fast architecture able to be integrated into any MPSoC. SEPUFSoC prevents execution of unauthorized code as well as data manipulation by ensuring memory integrity and authentication. SEPUFSoC achieves: i) efficiency, through the integration of a fast and lightweight hash function for Message Authentication Code (MAC) generation and integrity verification of the memory lines at runtime; and ii) lightweight security, through the use of a Physical Unclonable Function (PUF) to securely generate and store the cryptographic keys that are used for the application authentication. We discuss the security and performance of SEPUFSoC for single core and multi-core systems. Results show that the SEPUFSoC is a secure, fast, and low overhead solution for MPSoCs. We discuss the SEPUFSoC security and cost, which strongly depends on the PUF and hash selection. In the future, new technologies may allow the exploration of different PUFs.
- ZeitschriftenartikelSecurity validation of VP-based SoCs using dynamic information flow tracking(it - Information Technology: Vol. 61, No. 1, 2019) Goli, Mehran; Hassan, Muhammad; Große, Daniel; Drechsler, RolfModern System-on-Chips (SoCs) are notoriously insecure. Hence, the fundamental security feature of IP isolation is heavily used, e. g., secured Memory Mapped IOs (MMIOs), or secured address ranges in case of memories, are marked as non-accessible. One way to provide strong assurance of security is to define isolation as information flow policy in hardware using the notion of non-interference. Since, an insecure hardware opens up the door for attacks across the entire system stack (from software down to hardware), the security validation process should start as early as possible in the SoC design cycle, i. e. at Electronic System Level (ESL). Hence, in this paper we propose the first dynamic information flow analysis at ESL. Our approach allows to validate the run-time behavior of a given SoC implemented using Virtual Prototypes (VPs) against security threat models, such as information leakage (confidentiality) and unauthorized access to data in a memory (integrity). Experiments show the applicability and efficacy of the proposed method on various VPs including a real-world system.
- ZeitschriftenartikelModern random number generator design – Case study on a secured PLL-based TRNG(it - Information Technology: Vol. 61, No. 1, 2019) Fischer, Viktor; Bernard, Florent; Bochard, NathalieRandom number generators (RNGs) are basic cryptographic primitives. They are used to generate cryptographic keys, initialization vectors, challenges and nonces in cryptographic protocols, and random masks in countermeasures against side channel attacks. RNGs designed for cryptography must generate unpredictable random numbers. According to recent security standards, the unpredictability of generated random numbers must be thoroughly evaluated. In this paper, we provide a concrete example – a phase-locked loop based RNG protected by novel dedicated embedded tests, on which we show how stringent security requirements including unpredictability of generated numbers can be met, while respecting the standards.
- ZeitschriftenartikelDesigning for empowerment – An investigation and critical reflection(it - Information Technology: Vol. 61, No. 1, 2019) Schneider, HannaTechnology bears the potential to empower people – to help them tackle challenges they would otherwise give up on or not even try, to make experiences possible that they did not have access to before. One type of such technologies – the application area of the thesis presented here – is health and wellbeing technology (HWT), such as digital health records, physical activity trackers, or digital fitness coach applications. Researchers and companies alike often claim that HWTs empower people to live healthier and happier lives. However, there is reason to challenge and critically reflect on these claims and underlying assumptions as more and more researchers are finding that technologies described as empowering turn out to be “disempowering”. This critical reflection is the starting point of the thesis presented here: Can HWTs really empower people in their everyday lives? If so, how can we design for empowerment? In my cumulative dissertation, I combine studies on existing HWTs, such as patient-controlled electronic health records and personalized mobile fitness coaches with the development of novel prototypes such as transparent digital fitness coaches that communicate their rationale to the user. By reflecting on these case studies, I come to revisit the sometimes washed-out meaning of “empowerment” in “empowering technologies”; I introduce a framework to establish conceptual clarity; and I suggest three principles to design for empowerment based on my own work and the Capability Approach by Sen and Nussbaum that aim to inform and inspire research on HWTs and beyond.