Prof. Dr.-Ing. Thomas Eisenbarth
Institutsdirektor
Ratzeburger Allee 160
23562 Lübeck
Gebäude 64, 1. OG,
Raum 043
Email: | thomas.eisenbarth(at)uni-luebeck.de |
Phone: | +49 451 3101 6600 |
Fax: | +49 451 3101 6604 |
About Me
I am Professor for IT Security at University of Lübeck. I received my Ph.D. in ECE from Ruhr University Bochum, Germany, where I worked as a member of the Horst Goertz Institute for IT Security (HGI). From 2010 I spent two years at the Center for Cryptology and Information Security (CCIS) at Florida Atlantic University. In 2012 I joined the Electrical and Computer Engineering Department at WPI. Since August of 2017, I am the Director of the Institute for IT Security at the University of Lübeck.
My research interests are in:
- Applied Cryptology
- Systems security and secure computer architecture
- Side channel analysis, physical attacks and their prevention
- Cloud and virtualization security
Publications
2024
Dynamic Frequency-Based Fingerprinting Attacks against Modern Sandbox Environments, in 9th IEEE European Symposium on Security and Privacy, EuroS&P 2024, Vienna, Austria, July 8-12, 2024 , IEEE, 2024. pp. TBD.
DOI: | TBD |
File: | arXiv.2404.10715 |
Bibtex: | @inproceedings{DBLP:conf/eurosp/DiptaTGME24, author = {Debopriya Roy Dipta and Thore Tiemann and Berk G{\"{u}}lmezo{\u{g}}lu and Eduard Marin and Thomas Eisenbarth}, title = {Dynamic Frequency-Based Fingerprinting Attacks against Modern Sandbox Environments}, booktitle = {9th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2024, Vienna, Austria, July 8-12, 2024}, pages = {TBD}, publisher = {{IEEE}}, year = {2024}, doi = {TBD}, } |
Microarchitectural Vulnerabilities Introduced, Exploited, and Accelerated by Heterogeneous FPGA-CPU Platforms, in Security of FPGA-Accelerated Cloud Computing Environments , Szefer, Jakub and Tessier, Russell, Eds. Cham: Springer International Publishing, 2024, pp. 203-237.
DOI: | 10.1007/978-3-031-45395-3_8 |
ISBN: | 978-3-031-45395-3 |
Bibtex: | @inbook{tiemann2024fpgaplatform, author = {Tiemann, Thore and Weissman, Zane and Eisenbarth, Thomas and Sunar, Berk}, editor = {Szefer, Jakub and Tessier, Russell}, title = {Microarchitectural Vulnerabilities Introduced, Exploited, and Accelerated by Heterogeneous {FPGA-CPU} Platforms}, bookTitle = {Security of FPGA-Accelerated Cloud Computing Environments}, year = {2024}, publisher = {Springer International Publishing}, pages = {203--237}, isbn = {978-3-031-45395-3}, doi = {10.1007/978-3-031-45395-3_8}, url = {https://doi.org/10.1007/978-3-031-45395-3_8}, } |
Obelix: Mitigating Side-Channels Through Dynamic Obfuscation, in 2024 IEEE Symposium on Security and Privacy (S&P) , San Francisco, CA, USA: IEEE, 2024.
DOI: | 10.1109/SP54263.2024.00261 |
Weblink: | https://www.computer.org/csdl/proceedings-article/sp/2024/313000a189/1WPcYic94rK |
Polynomial sharings on two secrets: Buy one, get one free, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , 2024. pp. 671–706.
DOI: | 10.46586/tches.v2024.i3.671-706 |
File: | 11691 |
SEV-Step: A Single-Stepping Framework for AMD-SEV, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , 2024. pp. 180-206.
DOI: | 10.46586/tches.v2024.i1.180-206 |
File: | 10792 |
SWAT: Modular Dynamic Symbolic Execution for Java Applications using Dynamic Instrumentation (Competition Contribution), in Tools and Algorithms for the Construction and Analysis of Systems - 30th International Conference, TACAS 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings, Part III , Bernd Finkbeiner and Laura Kovács, Eds. Springer, 2024. pp. 399--405.
DOI: | 10.1007/978-3-031-57256-2_28 |
File: | 978-3-031-57256-2_28 |
2023
TeeJam: Sub-Cache-Line Leakages Strike Back, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , Dec.2023. pp. 457 - 500.
DOI: | 10.46586/tches.v2024.i1.457-500 |
Weblink: | https://tches.iacr.org/index.php/TCHES/article/view/11259 |
Bibtex: | @article{Sieck_Zhang_Berndt_Chuengsatiansup_Eisenbarth_Yarom_2023, title={TeeJam: Sub-Cache-Line Leakages Strike Back}, volume={2024}, url={https://tches.iacr.org/index.php/TCHES/article/view/11259}, DOI={10.46586/tches.v2024.i1.457-500}, number={1}, journal={IACR Transactions on Cryptographic Hardware and Embedded Systems}, author={Sieck, Florian and Zhang, Zhiyuan and Berndt, Sebastian and Chuengsatiansup, Chitchanok and Eisenbarth, Thomas and Yarom, Yuval}, year={2023}, month={Dec.}, pages={457–500} } |
SystemC Model of Power Side-Channel Attacks Against AI Accelerators: Superstition or not?, in ICCAD '23: Proceedings of the 42nd IEEE/ACM International Conference on Computer-Aided Design , IEEE/ACM, Nov.2023.
DOI: | 10.48550/arXiv.2311.13387 |
Weblink: | https://arxiv.org/abs/2311.13387 |
Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software, in 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023 , Joseph A. Calandrino and Carmela Troncoso, Eds. USENIX Association, 2023.
DOI: | 10.48550/arXiv.2210.13124 |
File: | wichelmann |
Combined Fault and Leakage Resilience: Composability, Constructions and Compiler, in Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part III , Helena Handschuh and Anna Lysyanskaya, Eds. Cham: Springer, 2023. pp. 377--409.
DOI: | 10.1007/978-3-031-38548-3\_13 |
ISBN: | 978-3-031-38548-3 |
File: | 978-3-031-38548-3\_13 |
IOTLB-SC: An Accelerator-Independent Leakage Source in Modern Cloud Systems, in Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security , Joseph K. Liu and Yang Xiang and Surya Nepal and Gene Tsudik, Eds. ACM, 2023. pp. 827-840.
DOI: | 10.1145/3579856.3582838 |
Weblink: | https://arxiv.org/abs/2202.11623 |
File: | Dateilink |
Bibtex: | @inproceedings{tiemann2023iotlbsc, author = {Thore Tiemann and Zane Weissman and Thomas Eisenbarth and Berk Sunar}, editor = {Joseph K. Liu and Yang Xiang and Surya Nepal and Gene Tsudik}, title = {{IOTLB-SC:} An Accelerator-Independent Leakage Source in Modern Cloud Systems}, booktitle = {Proceedings of the 2023 {ACM} Asia Conference on Computer and Communications Security, {ASIA} {CCS} 2023, Melbourne, VIC, Australia, July 10-14, 2023}, pages = {827--840}, publisher = {{ACM}}, year = {2023}, url = {https://doi.org/10.1145/3579856.3582838}, doi = {10.1145/3579856.3582838} } |
Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 69-88.
DOI: | 10.1007/978-3-031-35504-2_4 |
Weblink: | https://arxiv.org/abs/2305.02559 |
MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 3-23.
DOI: | 10.1007/978-3-031-35504-2_1 |
Weblink: | https://arxiv.org/abs/2305.00584 |
Okapi: A Lightweight Architecture for Secure Speculation Exploiting Locality of Memory Accesses, 2023.
Weblink: | https://arxiv.org/abs/2312.08156 |
Bibtex: | @misc{schmitz2023okapi, author = {Philipp Schmitz and Tobias Jauch and Alex Wezel and Mohammad R. Fadiheh and Thore Tiemann and Jonah Heller and Thomas Eisenbarth and Dominik Stoffel and Wolfgang Kunz}, title = {Okapi: A Lightweight Architecture for Secure Speculation Exploiting Locality of Memory Accesses}, year = {2023}, eprint = {2312.08156}, archivePrefix = {arXiv}, primaryClass = {cs.CR}, url = {https://doi.org/10.48550/arXiv.2312.08156}, doi = {10.48550/arXiv.2312.08156}, } |
Overcoming the Pitfalls of HPC-based Cryptojacking Detection in Presence of GPUs, in Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy, CODASPY 2023, Charlotte, NC, USA, April 24-26, 2023 , Mohamed Shehab and Maribel Fernandez and Ninghui Li, Eds. {ACM}, 2023. pp. 177--188.
DOI: | 10.1145/3577923.3583655 |
File: | 3577923.3583655 |
Subversion-Resilient Authenticated Encryption Without Random Oracles, in Applied Cryptography and Network Security - 21st International Conference, ACNS 2023, Kyoto, Japan, June 19-22, 2023, Proceedings, Part II , Mehdi Tibouchi and Xiaofeng Wang, Eds. Springer, 2023. pp. 460--483.
DOI: | 10.1007/978-3-031-33491-7\_17 |
File: | 978-3-031-33491-7\_17 |
"Act natural!": Exchanging Private Messages on Public Blockchains, in 8th IEEE European Symposium on Security and Privacy , IEEE, 2023. pp. 292-308.
DOI: | 10.1109/EuroSP57164.2023.00026 |
Weblink: | https://eprint.iacr.org/2021/1073 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/EuroSP57164.2023.00026 |
File: | Dateilink |
Bibtex: | @inproceedings{tiemann2023actnatural, author = {Thore Tiemann and Sebastian Berndt and Thomas Eisenbarth and Maciej Liskiewicz}, title = {"Act natural!": Exchanging Private Messages on Public Blockchains}, booktitle = {8th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2023, Delft, Netherlands, July 3-7, 2023}, pages = {292--308}, publisher = {{IEEE}}, year = {2023}, url = {https://doi.org/10.1109/EuroSP57164.2023.00026}, doi = {10.1109/EUROSP57164.2023.00026} } |
2022
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications, in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022 , Heng Yin and Angelos Stavrou and Cas Cremers and Elaine Shi, Eds. ACM, 2022. pp. 2915--2929.
DOI: | 10.1145/3548606.3560654 |
File: | 3548606.3560654 |
ASAP: Algorithm Substitution Attacks on Cryptographic Protocols, in Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security , ACM, 2022. pp. 712-726.
DOI: | 10.1145/3488932.3517387 |
ISBN: | 9781450391405 |
File: | 3488932.3517387 |
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP, in 2022 IEEE Symposium on Security and Privacy (SP) , San Francisco, CA, USA: IEEE, 2022. pp. 337-351.
DOI: | 10.1109/SP46214.2022.9833768 |
File: | SP46214.2022.9833768 |
2021
A Formal Approach to Confidentiality Verification in SoCs at the Register Transfer Level, in 58th ACM/IEEE Design Automation Conference, DAC 2021, San Francisco, CA, USA, December 5-9, 2021 , IEEE, 2021. pp. 991--996.
DOI: | 10.1109/DAC18074.2021.9586248 |
File: | DAC18074.2021.9586248 |
A White-Box Masking Scheme Resisting Computational and Algebraic Attacks, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 2, pp. 61-105, 2021. Cryptology ePrint Archive, Report 2020/443.
DOI: | 10.46586/tches.v2021.i2.61-105 |
File: | 8788 |
Aim, Wait, Shoot: How the CacheSniper Technique Improves Unprivileged Cache Attacks, in IEEE European Symposium on Security and Privacy, EuroS&P 2021, Vienna, Austria, September 6-10, 2021 , IEEE, 2021. pp. 683--700.
DOI: | 10.1109/EuroSP51992.2021.00051 |
File: | EuroSP51992.2021.00051 |
Differential Power Analysis of the Picnic Signature Scheme, in Post-Quantum Cryptography - 12th International Workshop, PQCrypto 2021, Daejeon, South Korea, July 20-22, 2021, Proceedings , Jung Hee Cheon and Jean-Pierre Tillich, Eds. Springer, 2021. pp. 177--194.
DOI: | 10.1007/978-3-030-81293-5_10 |
File: | 978-3-030-81293-5_10 |
Firmware Security Module: A Framework for Trusted Computing in Automotive Multiprocessors, Journal of Hardware and Systems Security , 2021.
DOI: | 10.1007/s41635-021-00114-4 |
File: | s41635-021-00114-4 |
- Staff
- Thomas Eisenbarth
- Esfandiar Mohammadi
- Paula Arnold
- Jeremy Boy
- Finn Burmester
- Till Eifert
- Tim Gellersen
- Jonah Heller
- Kristoffer Hempel
- Timothy Imort
- Moritz Kirschte
- Marven Kummerfeldt
- Nam Thanh Le
- Johannes Liebenow
- Nils Loose
- Felix Mächtle
- Felix Maurer
- Sebastian Meiser
- Anna Pätschke
- Pajam Pauls
- Thorsten Peinemann
- Christopher Peredy
- Tammo Polle
- Yannik Potdevin
- Claudius Pott
- Anja Rabich
- Jonas Sander
- Ines Schiebahn
- Yara Schütt
- Jan-Niclas Serr
- Florian Sieck
- Annika Strang
- Thore Tiemann
- Alexander Treff
- Jan Wichelmann
- Luca Wilke