Prof. Dr.-Ing. Thomas Eisenbarth

Institutsdirektor
Ratzeburger Allee 160
23562 Lübeck
Gebäude 64, 1. OG,
Raum 043
Email: | thomas.eisenbarth(at)uni-luebeck.de |
Phone: | +49 451 3101 6600 |
Fax: | +49 451 3101 6604 |
About Me
I am Professor for IT Security at University of Lübeck. I received my Ph.D. in ECE from Ruhr University Bochum, Germany, where I worked as a member of the Horst Goertz Institute for IT Security (HGI). From 2010 I spent two years at the Center for Cryptology and Information Security (CCIS) at Florida Atlantic University. In 2012 I joined the Electrical and Computer Engineering Department at WPI. Since August of 2017, I am the Director of the Institute for IT Security at the University of Lübeck.
My research interests are in:
- Applied Cryptology
- Systems security and secure computer architecture
- Side channel analysis, physical attacks and their prevention
- Cloud and virtualization security
Publications
2023
SystemC Model of Power Side-Channel Attacks Against AI Accelerators: Superstition or not?, in ICCAD '23: Proceedings of the 42nd IEEE/ACM International Conference on Computer-Aided Design , IEEE/ACM, Nov.2023.
DOI: | 10.48550/arXiv.2311.13387 |
Weblink: | https://arxiv.org/abs/2311.13387 |
"Act natural!": Exchanging Private Messages on Public Blockchains, in 8th IEEE European Symposium on Security and Privacy , IEEE, 2023. pp. 292-308.
DOI: | 10.1109/EuroSP57164.2023.00026 |
Weblink: | https://eprint.iacr.org/2021/1073 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/EuroSP57164.2023.00026 |
File: | Dateilink |
Overcoming the Pitfalls of HPC-based Cryptojacking Detection in Presence of GPUs, in Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy, CODASPY 2023, Charlotte, NC, USA, April 24-26, 2023 , Mohamed Shehab and Maribel Fernandez and Ninghui Li, Eds. {ACM}, 2023. pp. 177--188.
DOI: | 10.1145/3577923.3583655 |
File: | 3577923.3583655 |
Subversion-Resilient Authenticated Encryption Without Random Oracles, in Applied Cryptography and Network Security - 21st International Conference, ACNS 2023, Kyoto, Japan, June 19-22, 2023, Proceedings, Part II , Mehdi Tibouchi and Xiaofeng Wang, Eds. Springer, 2023. pp. 460--483.
DOI: | 10.1007/978-3-031-33491-7\_17 |
File: | 978-3-031-33491-7\_17 |
SEV-Step: A Single-Stepping Framework for AMD-SEV, CoRR , vol. abs/2307.14757, 2023.
DOI: | 10.48550/ARXIV.2307.14757 |
File: | arXiv.2307.14757 |
Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software, in 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023 , Joseph A. Calandrino and Carmela Troncoso, Eds. USENIX Association, 2023.
DOI: | 10.48550/arXiv.2210.13124 |
File: | wichelmann |
MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 3-23.
DOI: | 10.1007/978-3-031-35504-2_1 |
Weblink: | https://arxiv.org/abs/2305.00584 |
Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 69-88.
DOI: | 10.1007/978-3-031-35504-2_4 |
Weblink: | https://arxiv.org/abs/2305.02559 |
IOTLB-SC: An Accelerator-Independent Leakage Source in Modern Cloud Systems, in Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security , Joseph K. Liu and Yang Xiang and Surya Nepal and Gene Tsudik, Eds. ACM, 2023. pp. 827-840.
DOI: | 10.1145/3579856.3582838 |
Weblink: | https://arxiv.org/abs/2202.11623 |
File: | Dateilink |
Combined Fault and Leakage Resilience: Composability, Constructions and Compiler, in Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part III , Helena Handschuh and Anna Lysyanskaya, Eds. Cham: Springer, 2023. pp. 377--409.
DOI: | 10.1007/978-3-031-38548-3\_13 |
ISBN: | 978-3-031-38548-3 |
File: | 978-3-031-38548-3\_13 |
2022
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications, in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022 , Heng Yin and Angelos Stavrou and Cas Cremers and Elaine Shi, Eds. ACM, 2022. pp. 2915--2929.
DOI: | 10.1145/3548606.3560654 |
File: | 3548606.3560654 |
ASAP: Algorithm Substitution Attacks on Cryptographic Protocols, in Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security , ACM, 2022. pp. 712-726.
DOI: | 10.1145/3488932.3517387 |
ISBN: | 9781450391405 |
File: | 3488932.3517387 |
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP, in 2022 IEEE Symposium on Security and Privacy (SP) , San Francisco, CA, USA: IEEE, 2022. pp. 337-351.
DOI: | 10.1109/SP46214.2022.9833768 |
File: | SP46214.2022.9833768 |
2021
A Formal Approach to Confidentiality Verification in SoCs at the Register Transfer Level, in 58th ACM/IEEE Design Automation Conference, DAC 2021, San Francisco, CA, USA, December 5-9, 2021 , IEEE, 2021. pp. 991--996.
DOI: | 10.1109/DAC18074.2021.9586248 |
File: | DAC18074.2021.9586248 |
A White-Box Masking Scheme Resisting Computational and Algebraic Attacks, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 2, pp. 61-105, 2021. Cryptology ePrint Archive, Report 2020/443.
DOI: | 10.46586/tches.v2021.i2.61-105 |
File: | 8788 |
Differential Power Analysis of the Picnic Signature Scheme, in Post-Quantum Cryptography - 12th International Workshop, PQCrypto 2021, Daejeon, South Korea, July 20-22, 2021, Proceedings , Jung Hee Cheon and Jean-Pierre Tillich, Eds. Springer, 2021. pp. 177--194.
DOI: | 10.1007/978-3-030-81293-5_10 |
File: | 978-3-030-81293-5_10 |
Firmware Security Module: A Framework for Trusted Computing in Automotive Multiprocessors, Journal of Hardware and Systems Security , 2021.
DOI: | 10.1007/s41635-021-00114-4 |
File: | s41635-021-00114-4 |
Help, My Signal has Bad Device! - Breaking the Signal Messenger's Post-Compromise Security Through a Malicious Device, in Detection of Intrusions and Malware, and Vulnerability Assessment - 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings , Leyla Bilge and Lorenzo Cavallaro and Giancarlo Pellegrino and Nuno Neves, Eds. Springer, 2021. pp. 88--105.
DOI: | 10.1007/978-3-030-80825-9_5 |
File: | 978-3-030-80825-9_5 |
Nano Security: From Nano-Electronics to Secure Systems, in Design, Automation & Test in Europe Conference & Exhibition, DATE 2021, Grenoble, France, February 1-5, 2021 , IEEE, 2021. pp. 1334--1339.
DOI: | 10.23919/DATE51398.2021.9474187 |
File: | DATE51398.2021.9474187 |
Side-Channel Protections for Picnic Signatures, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 4, pp. 239-282, 2021.
DOI: | 10.46586/tches.v2021.i4.239-282 |
File: | 9066 |
undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation, in 2021 IEEE Security and Privacy Workshops (SPW) , 2021. pp. 456-466.
DOI: | 10.1109/SPW53761.2021.00064 |
File: |
Util: : Lookup: Exploiting Key Decoding in Cryptographic Libraries, in CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security , Yongdae Kim and Jong Kim and Giovanni Vigna and Elaine Shi, Eds. ACM, 2021. pp. 2456--2473.
DOI: | 10.1145/3460120.3484783 |
File: | 3460120.3484783 |
Aim, Wait, Shoot: How the CacheSniper Technique Improves Unprivileged Cache Attacks, in IEEE European Symposium on Security and Privacy, EuroS&P 2021, Vienna, Austria, September 6-10, 2021 , IEEE, 2021. pp. 683--700.
DOI: | 10.1109/EuroSP51992.2021.00051 |
File: | EuroSP51992.2021.00051 |
2020
SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions, in 2020 IEEE Symposium on Security and Privacy (SP) , Los Alamitos, CA, USA: IEEE Computer Society, 2020. pp. 1431-1444.
DOI: | 10.1109/SP40000.2020.00080 |
Weblink: | https://uzl-its.github.io/SEVurity/ |
TPM-FAIL: TPM meets Timing and Lattice Attacks, in 29th USENIX Security Symposium (USENIX Security 20) , Boston, MA: USENIX Association, 2020. pp. 2057--2073.
ISBN: | 978-1-939133-17-5 |
Weblink: | https://tpm.fail/ |
File: | moghimi-tpm |

- Staff
- Thomas Eisenbarth
- Esfandiar Mohammadi
- Paula Arnold
- Ida Bruhns
- Finn Burmester
- Till Eifert
- Tim Gellersen
- Jonah Heller
- Andreas Hellmer
- Timothy Imort
- Moritz Kirschte
- Marven Kummerfeldt
- Nam Thanh Le
- Johannes Liebenow
- Nils Loose
- Felix Mächtle
- Sebastian Meiser
- Anna Pätschke
- Pajam Pauls
- Thorsten Peinemann
- Christopher Peredy
- Yannik Potdevin
- Claudius Pott
- Anja Rabich
- Jonas Sander
- Ines Schiebahn
- Yara Schütt
- Jan-Niclas Serr
- Florian Sieck
- Thore Tiemann
- Alexander Treff
- Jan Wichelmann
- Luca Wilke