Prof. Dr.-Ing. Thomas Eisenbarth

Institutsdirektor
Ratzeburger Allee 160
23562 Lübeck
Gebäude 64, 1. OG,
Raum 043
Email: | thomas.eisenbarth(at)uni-luebeck.de |
Phone: | +49 451 3101 6600 |
Fax: | +49 451 3101 6604 |
About Me
I am a Professor of IT Security at the University of Lübeck. I received my Ph.D. in ECE from Ruhr-Universität Bochum, Germany, where I was a member of the Horst Goertz Institute for IT Security (HGI). Starting in 2010, I spent two years at the Center for Cryptology and Information Security (CCIS) at Florida Atlantic University. In 2012, I joined the Department of Electrical and Computer Engineering at WPI. Since August 2017 I am the Director of the Institute of IT Security at the University of Lübeck.
Since October 2024, I am the head of the STEM sections (the non-medical departments) of University of Lübeck.
My research interests are in:
- Systems security, software security and code analysis
- Applied Cryptology
- Secure virtualization, computer architecture and trusted execution environments
- Side channel analysis, physical attacks and their prevention
Publications
2022
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP, in 2022 IEEE Symposium on Security and Privacy (SP) , San Francisco, CA, USA: IEEE, 2022. pp. 337-351.
DOI: | 10.1109/SP46214.2022.9833768 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/SP46214.2022.9833768 |
ASAP: Algorithm Substitution Attacks on Cryptographic Protocols, in Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security , ACM, 2022. pp. 712-726.
DOI: | 10.1145/3488932.3517387 |
ISBN: | 9781450391405 |
File: | 3488932.3517387 |
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications, in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022 , Heng Yin and Angelos Stavrou and Cas Cremers and Elaine Shi, Eds. ACM, 2022. pp. 2915-2929.
DOI: | 10.1145/3548606.3560654 |
File: | 3548606.3560654 |
2021
Nano Security: From Nano-Electronics to Secure Systems, in Design, Automation & Test in Europe Conference & Exhibition, DATE 2021, Grenoble, France, February 1-5, 2021 , IEEE, 2021. pp. 1334-1339.
DOI: | 10.23919/DATE51398.2021.9474187 |
Util: : Lookup: Exploiting Key Decoding in Cryptographic Libraries, in CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security , Yongdae Kim and Jong Kim and Giovanni Vigna and Elaine Shi, Eds. ACM, 2021. pp. 2456-2473.
DOI: | 10.1145/3460120.3484783 |
File: | 3460120.3484783 |
undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation, in 2021 IEEE Security and Privacy Workshops (SPW) , 2021. pp. 456-466.
DOI: | 10.1109/SPW53761.2021.00064 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/SPW53761.2021.00064 |
File: |
Side-Channel Protections for Picnic Signatures, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 4, pp. 239-282, 2021.
DOI: | 10.46586/tches.v2021.i4.239-282 |
File: | 9066 |
Aim, Wait, Shoot: How the CacheSniper Technique Improves Unprivileged Cache Attacks, in IEEE European Symposium on Security and Privacy, EuroS&P 2021 , IEEE, 2021. pp. 683-700.
DOI: | 10.1109/EuroSP51992.2021.00051 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/EuroSP51992.2021.00051 |
Help, My Signal has Bad Device! - Breaking the Signal Messenger's Post-Compromise Security Through a Malicious Device, in Detection of Intrusions and Malware, and Vulnerability Assessment - 18th International Conference, DIMVA 2021, Virtual Event, July 14-16, 2021, Proceedings , Leyla Bilge and Lorenzo Cavallaro and Giancarlo Pellegrino and Nuno Neves, Eds. Springer, 2021. pp. 88-105.
DOI: | 10.1007/978-3-030-80825-9_5 |
File: | 978-3-030-80825-9_5 |
Firmware Security Module: A Framework for Trusted Computing in Automotive Multiprocessors, Journal of Hardware and Systems Security , pp. 103-113, 2021.
DOI: | 10.1007/s41635-021-00114-4 |
File: | s41635-021-00114-4 |
Differential Power Analysis of the Picnic Signature Scheme, in Post-Quantum Cryptography - 12th International Workshop, PQCrypto 2021, Daejeon, South Korea, July 20-22, 2021, Proceedings , Jung Hee Cheon and Jean-Pierre Tillich, Eds. Springer, 2021. pp. 177-194.
DOI: | 10.1007/978-3-030-81293-5_10 |
File: | 978-3-030-81293-5_10 |
A White-Box Masking Scheme Resisting Computational and Algebraic Attacks, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 2, pp. 61-105, 2021. Cryptology ePrint Archive, Report 2020/443.
DOI: | 10.46586/tches.v2021.i2.61-105 |
File: | 8788 |
A Formal Approach to Confidentiality Verification in SoCs at the Register Transfer Level, in 58th ACM/IEEE Design Automation Conference, DAC 2021, San Francisco, CA, USA, December 5-9, 2021 , IEEE, 2021. pp. 991-996.
DOI: | 10.1109/DAC18074.2021.9586248 |
File: | DAC18074.2021.9586248 |
2020
JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2020, no. 3, pp. 169-195, 2020.
DOI: | 10.13154/tches.v2020.i3.169-195 |
File: | Dateilink |
Bibtex: | ![]() @article{weissman2020jackhammer, author = {Zane Weissman and Thore Tiemann and Daniel Moghimi and Evan Custodio and Thomas Eisenbarth and Berk Sunar}, title = {JackHammer: Efficient Rowhammer on Heterogeneous {FPGA-CPU} Platforms}, journal = {{IACR} Trans. Cryptogr. Hardw. Embed. Syst.}, volume = {2020}, number = {3}, pages = {169--195}, year = {2020}, url = {https://doi.org/10.13154/tches.v2020.i3.169-195}, doi = {10.13154/TCHES.V2020.I3.169-195} } |
Microarchitectural Isolation Guarantees Through Execution Based Signatures, in XXXV Conference on Design of Circuits and Integrated Systems, DCIS, 2020, Segovia, Spain, November 18-20, 2020 , IEEE, 2020. pp. 1-6.
DOI: | 10.1109/DCIS51330.2020.9268660 |
File: | DCIS51330.2020.9268660 |
RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks, in 29th USENIX Security Symposium (USENIX Security 20) , Boston, MA: USENIX Association, 2020. pp. 1967-1984.
ISBN: | 978-1-939133-17-5 |
File: | briongos |
SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions, in 2020 IEEE Symposium on Security and Privacy (SP) , Los Alamitos, CA, USA: IEEE Computer Society, 2020. pp. 1431-1444.
DOI: | 10.1109/SP40000.2020.00080 |
Weblink: | https://uzl-its.github.io/SEVurity/ |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/SP40000.2020.00080 |
SNI-in-the-head: Protecting MPC-in-the-head Protocols against Side-channel Analysis, in CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security , Jay Ligatti and Xinming Ou and Jonathan Katz and Giovanni Vigna, Eds. ACM, 2020. pp. 1033-1049.
DOI: | 10.1145/3372297.3417889 |
File: | 3372297.3417889 |
TPM-FAIL: TPM meets Timing and Lattice Attacks, in 29th USENIX Security Symposium (USENIX Security 20) , Boston, MA: USENIX Association, 2020. pp. 2057-2073.
ISBN: | 978-1-939133-17-5 |
Weblink: | https://tpm.fail/ |
File: | moghimi-tpm |
2019
Undermining User Privacy on Mobile Devices Using AI, in Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security , New York, NY, USA: ACM, 2019. pp. 214-227.
DOI: | 10.1145/3321705.3329804 |
File: | 3321705.3329804 |
SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks, in 28th USENIX Security Symposium (USENIX Security 19) , Santa Clara, CA: USENIX Association, 2019. pp. 621-637.
ISBN: | 978-1-939133-06-9 |
File: | islam |
FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning, arXiv e-prints , 2019.
File: | 2019arXiv190703651G |
2018
MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations, International Journal of Parallel Programming , 2018.
File: | s10766-018-0611-9 |
CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks, IACR Trans. Cryptogr. Hardw. Embed. Syst. , vol. 2018, no. 2, pp. 171--191, 2018.
DOI: | 10.13154/tches.v2018.i2.171-191 |
File: | tches.v2018.i2.171-191 |
CacheShield: Detecting Cache Attacks through Self-Observation, in Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, AZ, USA, March 19-21, 2018 , 2018. pp. 224--235.
DOI: | 10.1145/3176258.3176320 |
File: | 3176258.3176320 |

- Staff
- Thomas Eisenbarth
- Esfandiar Mohammadi
- Paula Arnold
- Jeremy Boy
- Till Eifert
- Tim Gellersen
- Jonah Heller
- Kristoffer Hempel
- Eike Hoffmann
- Timothy Imort
- Moritz Kirschte
- Marven Kummerfeldt
- Johannes Liebenow
- Nils Loose
- Felix Mächtle
- Felix Maurer
- Sebastian Meiser
- Anna Pätschke
- Pajam Pauls
- Thorsten Peinemann
- Christopher Peredy
- Tammo Polle
- Yannik Potdevin
- Claudius Pott
- Anja Rabich
- Jonas Sander
- Ines Schiebahn
- Yara Schütt
- Jan-Niclas Serr
- Florian Sieck
- Annika Strang
- Thore Tiemann
- Alexander Treff
- Jan Wichelmann
- Luca Wilke