Prof. Dr.-Ing. Thomas Eisenbarth
Institutsdirektor
Ratzeburger Allee 160
23562 Lübeck
Gebäude 64, 1. OG,
Raum 043
Email: | thomas.eisenbarth(at)uni-luebeck.de |
Phone: | +49 451 3101 6600 |
Fax: | +49 451 3101 6604 |
About Me
I am Professor for IT Security at University of Lübeck. I received my Ph.D. in ECE from Ruhr University Bochum, Germany, where I worked as a member of the Horst Goertz Institute for IT Security (HGI). From 2010 I spent two years at the Center for Cryptology and Information Security (CCIS) at Florida Atlantic University. In 2012 I joined the Electrical and Computer Engineering Department at WPI. Since August of 2017, I am the Director of the Institute for IT Security at the University of Lübeck.
My research interests are in:
- Applied Cryptology
- Systems security and secure computer architecture
- Side channel analysis, physical attacks and their prevention
- Cloud and virtualization security
Publications
2021
Help, My Signal has Bad Device! - Breaking the Signal Messenger's Post-Compromise Security Through a Malicious Device, in Detection of Intrusions and Malware, and Vulnerability Assessment - 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings , Leyla Bilge and Lorenzo Cavallaro and Giancarlo Pellegrino and Nuno Neves, Eds. Springer, 2021. pp. 88--105.
DOI: | 10.1007/978-3-030-80825-9_5 |
File: | 978-3-030-80825-9_5 |
Nano Security: From Nano-Electronics to Secure Systems, in Design, Automation & Test in Europe Conference & Exhibition, DATE 2021, Grenoble, France, February 1-5, 2021 , IEEE, 2021. pp. 1334--1339.
DOI: | 10.23919/DATE51398.2021.9474187 |
File: | DATE51398.2021.9474187 |
Side-Channel Protections for Picnic Signatures, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 4, pp. 239-282, 2021.
DOI: | 10.46586/tches.v2021.i4.239-282 |
File: | 9066 |
undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation, in 2021 IEEE Security and Privacy Workshops (SPW) , 2021. pp. 456-466.
DOI: | 10.1109/SPW53761.2021.00064 |
File: |
Util: : Lookup: Exploiting Key Decoding in Cryptographic Libraries, in CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security , Yongdae Kim and Jong Kim and Giovanni Vigna and Elaine Shi, Eds. ACM, 2021. pp. 2456--2473.
DOI: | 10.1145/3460120.3484783 |
File: | 3460120.3484783 |
2020
SNI-in-the-head: Protecting MPC-in-the-head Protocols against Side-channel Analysis, in CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security , Jay Ligatti and Xinming Ou and Jonathan Katz and Giovanni Vigna, Eds. ACM, 2020. pp. 1033--1049.
DOI: | 10.1145/3372297.3417889 |
File: | 3372297.3417889 |
TPM-FAIL: TPM meets Timing and Lattice Attacks, in 29th USENIX Security Symposium (USENIX Security 20) , Boston, MA: USENIX Association, 2020. pp. 2057--2073.
ISBN: | 978-1-939133-17-5 |
Weblink: | https://tpm.fail/ |
File: | moghimi-tpm |
JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2020, no. 3, pp. 169-195, 2020.
DOI: | 10.13154/tches.v2020.i3.169-195 |
Weblink: | https://tches.iacr.org/index.php/TCHES/article/view/8587 |
Weblink: | https://www.youtube.com/watch?v=cBe3YTtrM5s |
File: | 8154 |
Bibtex: | @article{weissman2020jackhammer, author = {Zane Weissman and Thore Tiemann and Daniel Moghimi and Evan Custodio and Thomas Eisenbarth and Berk Sunar}, title = {JackHammer: Efficient Rowhammer on Heterogeneous {FPGA-CPU} Platforms}, journal = {{IACR} Trans. Cryptogr. Hardw. Embed. Syst.}, volume = {2020}, number = {3}, pages = {169--195}, year = {2020}, url = {https://doi.org/10.13154/tches.v2020.i3.169-195}, doi = {10.13154/TCHES.V2020.I3.169-195} } |
SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions, in 2020 IEEE Symposium on Security and Privacy (SP) , Los Alamitos, CA, USA: IEEE Computer Society, 2020. pp. 1431-1444.
DOI: | 10.1109/SP40000.2020.00080 |
Weblink: | https://uzl-its.github.io/SEVurity/ |
Microarchitectural Isolation Guarantees Through Execution Based Signatures, in XXXV Conference on Design of Circuits and Integrated Systems, DCIS, 2020, Segovia, Spain, November 18-20, 2020 , IEEE, 2020. pp. 1--6.
DOI: | 10.1109/DCIS51330.2020.9268660 |
File: | DCIS51330.2020.9268660 |
RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks, in 29th USENIX Security Symposium (USENIX Security 20) , Boston, MA: USENIX Association, 2020. pp. 1967--1984.
ISBN: | 978-1-939133-17-5 |
File: | briongos |
2019
FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning, arXiv e-prints , 2019.
File: | 2019arXiv190703651G |
SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks, in 28th USENIX Security Symposium (USENIX Security 19) , Santa Clara, CA: USENIX Association, 2019. pp. 621--637.
ISBN: | 978-1-939133-06-9 |
File: | islam |
Undermining User Privacy on Mobile Devices Using AI, in Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security , New York, NY, USA: ACM, 2019. pp. 214--227.
DOI: | 10.1145/3321705.3329804 |
File: | 3321705.3329804 |
2018
MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations, International Journal of Parallel Programming , 2018.
File: | s10766-018-0611-9 |
IT Security in Lübeck - The design of a modern and future-proof security curriculum, in 2018 12th European Workshop on Microelectronics Education (EWME) , 2018. pp. 79-82.
DOI: | 10.1109/EWME.2018.8629494 |
File: | 8629494 |
MASCAT: Preventing Microarchitectural Attacks Before Distribution, in Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, AZ, USA, March 19-21, 2018 , 2018. pp. 377--388.
DOI: | 10.1145/3176258.3176316 |
File: | 3176258.3176316 |
MicroWalk: A Framework for Finding Side Channels in Binaries, in Proceedings of the 34th Annual Computer Security Applications Conference , New York, NY, USA: ACM, 2018. pp. 161--173.
DOI: | 10.1145/3274694.3274741 |
File: | 3274694.3274741 |
Identifying and Eliminating Side-Channel Leaks in Programmable Systems, IEEE Design Test , vol. 35, no. 1, pp. 74-89, 2018.
DOI: | 10.1109/MDAT.2017.2766166 |
Extending Glitch-Free Multiparty Protocols to Resist Fault Injection Attacks, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2018, no. 3, pp. 394-430, 2018.
DOI: | 10.13154/tches.v2018.i3.394-430 |
File: | 7281 |
DeepCloak: Adversarial Crafting As a Defensive Measure to Cloak Processes, 2018.
Weblink: | https://dblp.uni-trier.de/rec/journals/corr/abs-1808-01352.html?view=bibtex |
File: | 1808.01352 |
CacheShield: Detecting Cache Attacks through Self-Observation, in Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, AZ, USA, March 19-21, 2018 , 2018. pp. 224--235.
DOI: | 10.1145/3176258.3176320 |
File: | 3176258.3176320 |
CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks, IACR Trans. Cryptogr. Hardw. Embed. Syst. , vol. 2018, no. 2, pp. 171--191, 2018.
DOI: | 10.13154/tches.v2018.i2.171-191 |
File: | tches.v2018.i2.171-191 |
2017
CacheShield: Protecting Legacy Processes Against Cache Attacks, 09 2017.
File: | 1709.01795v1 |
uLeech: A side-channel evaluation platform for IoT, in 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS) , 2017. pp. 25-28.
DOI: | 10.1109/MWSCAS.2017.8052851 |
File: | 8052851 |
- Staff
- Thomas Eisenbarth
- Esfandiar Mohammadi
- Paula Arnold
- Jeremy Boy
- Finn Burmester
- Till Eifert
- Tim Gellersen
- Jonah Heller
- Kristoffer Hempel
- Timothy Imort
- Moritz Kirschte
- Marven Kummerfeldt
- Nam Thanh Le
- Johannes Liebenow
- Nils Loose
- Felix Mächtle
- Felix Maurer
- Sebastian Meiser
- Anna Pätschke
- Pajam Pauls
- Thorsten Peinemann
- Christopher Peredy
- Tammo Polle
- Yannik Potdevin
- Claudius Pott
- Anja Rabich
- Jonas Sander
- Ines Schiebahn
- Yara Schütt
- Jan-Niclas Serr
- Florian Sieck
- Annika Strang
- Thore Tiemann
- Alexander Treff
- Jan Wichelmann
- Luca Wilke