Prof. Dr.-Ing. Thomas Eisenbarth
Institutsdirektor
Ratzeburger Allee 160
23562 Lübeck
Gebäude 64, 1. OG,
Raum 043
Email: | thomas.eisenbarth(at)uni-luebeck.de |
Phone: | +49 451 3101 6600 |
Fax: | +49 451 3101 6604 |
Kurzbiographie
Thomas Eisenbarth ist Professor für IT Sicherheit an der Universität zu Lübeck. Er studierte bis 2006 Elektro- und Informationstechnik an der Ruhr Universität Bochum, wo er bis 2009 am Horst Görtz Institut für IT-Sicherheit promovierte. Ab 2010 forschte er als Assistant Professor am Center for Cryptography and Information Security (CCIS) an der Florida Atlantic University. 2012 wechselte er an das Worcester Polytechnic Institute (WPI). Seit August 2017 ist er als Direktor des Instituts für IT Sicherheit an der Universität zu Lübeck.
Seine Forschungsinteressen umfassen:
- Systemsicherheit und Sichere Mikroarchitekturen
- Angewandte Kryptografie
- Seitenkanalangriffe, physische Sicherheit und Gegenmaßnahmen
- Sicherheit von Cloud und virtualisierten Systemen
Publikationen
2024
TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX, in Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security , ACM, Okt.2024.
DOI: | 10.1145/3658644.3690230 |
Weblink: | https://uzl-its.github.io/tdxdown/ |
Bibtex: | @INPROCEEDINGS{tdxdownCCS24, author = {Luca Wilke and Florian Sieck and Thomas Eisenbarth}, booktitle = {Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security, {CCS} 2024, Salt Lake City, UT, USA, October 14--18, 2024}, title = {{TDXdown}: Single-Stepping and Instruction Counting Attacks against Intel {TDX}}, year = {2024}, doi = {10.1145/3658644.3690230} } |
Dynamic Frequency-Based Fingerprinting Attacks against Modern Sandbox Environments, in 9th IEEE European Symposium on Security and Privacy, EuroS&P 2024 , IEEE, 2024. pp. 327-344.
DOI: | 10.1109/EUROSP60621.2024.00025 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/EuroSP60621.2024.00025 |
Weblink: | https://doi.org/10.48550/arXiv.2404.10715 |
Bibtex: | @inproceedings{DBLP:conf/eurosp/DiptaTGME24, author = {Debopriya Roy Dipta and Thore Tiemann and Berk G{\"{u}}lmezoglu and Eduard Marin and Thomas Eisenbarth}, title = {Dynamic Frequency-Based Fingerprinting Attacks against Modern Sandbox Environments}, booktitle = {9th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2024, Vienna, Austria, July 8-12, 2024}, pages = {327--344}, publisher = {{IEEE}}, year = {2024}, url = {https://doi.org/10.1109/EuroSP60621.2024.00025}, doi = {10.1109/EUROSP60621.2024.00025} } |
Obelix: Mitigating Side-Channels Through Dynamic Obfuscation, in 2024 IEEE Symposium on Security and Privacy (S&P) , San Francisco, CA, USA: IEEE, 2024. pp. 4182-4199.
DOI: | 10.1109/SP54263.2024.00261 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/SP54263.2024.00261 |
Polynomial sharings on two secrets: Buy one, get one free, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , 2024. pp. 671-706.
DOI: | 10.46586/tches.v2024.i3.671-706 |
Datei: | 11691 |
SEV-Step: A Single-Stepping Framework for AMD-SEV, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , 2024. pp. 180-206.
DOI: | 10.46586/tches.v2024.i1.180-206 |
Datei: | 10792 |
SWAT: Modular Dynamic Symbolic Execution for Java Applications using Dynamic Instrumentation (Competition Contribution), in Tools and Algorithms for the Construction and Analysis of Systems - 30th International Conference, TACAS 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings, Part III , Bernd Finkbeiner and Laura Kovács, Eds. Springer, 2024. pp. 399-405.
DOI: | 10.1007/978-3-031-57256-2_28 |
Datei: | 978-3-031-57256-2_28 |
Microarchitectural Vulnerabilities Introduced, Exploited, and Accelerated by Heterogeneous FPGA-CPU Platforms, in Security of FPGA-Accelerated Cloud Computing Environments , Szefer, Jakub and Tessier, Russell, Eds. Cham: Springer International Publishing, 2024, pp. 203-237.
DOI: | 10.1007/978-3-031-45395-3_8 |
ISBN: | 978-3-031-45395-3 |
Bibtex: | @inbook{tiemann2024fpgaplatform, author = {Tiemann, Thore and Weissman, Zane and Eisenbarth, Thomas and Sunar, Berk}, editor = {Szefer, Jakub and Tessier, Russell}, title = {Microarchitectural Vulnerabilities Introduced, Exploited, and Accelerated by Heterogeneous {FPGA-CPU} Platforms}, bookTitle = {Security of FPGA-Accelerated Cloud Computing Environments}, year = {2024}, publisher = {Springer International Publishing}, pages = {203--237}, isbn = {978-3-031-45395-3}, doi = {10.1007/978-3-031-45395-3_8}, url = {https://doi.org/10.1007/978-3-031-45395-3_8}, } |
2023
TeeJam: Sub-Cache-Line Leakages Strike Back, in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) , Dez.2023. pp. 457-500.
DOI: | 10.46586/tches.v2024.i1.457-500 |
Weblink: | https://tches.iacr.org/index.php/TCHES/article/view/11259 |
Bibtex: | @article{Sieck_Zhang_Berndt_Chuengsatiansup_Eisenbarth_Yarom_2023, title={TeeJam: Sub-Cache-Line Leakages Strike Back}, volume={2024}, url={https://tches.iacr.org/index.php/TCHES/article/view/11259}, DOI={10.46586/tches.v2024.i1.457-500}, number={1}, journal={IACR Transactions on Cryptographic Hardware and Embedded Systems}, author={Sieck, Florian and Zhang, Zhiyuan and Berndt, Sebastian and Chuengsatiansup, Chitchanok and Eisenbarth, Thomas and Yarom, Yuval}, year={2023}, month={Dec.}, pages={457–500} } |
SystemC Model of Power Side-Channel Attacks Against AI Accelerators: Superstition or not?, in 2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD) , IEEE/ACM, Nov.2023. pp. 1-8.
DOI: | 10.1109/ICCAD57390.2023.10323687 |
Weblink: | https://arxiv.org/abs/2311.13387 |
Combined Fault and Leakage Resilience: Composability, Constructions and Compiler, in Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part III , Helena Handschuh and Anna Lysyanskaya, Eds. Cham: Springer, 2023. pp. 377-409.
DOI: | 10.1007/978-3-031-38548-3_13 |
ISBN: | 978-3-031-38548-3 |
Datei: | 978-3-031-38548-3_13 |
Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 69-88.
DOI: | 10.1007/978-3-031-35504-2_4 |
Weblink: | https://arxiv.org/abs/2305.02559 |
MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V, in Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) - 20th International Conference , Daniel Gruss and Federico Maggi and Mathias Fischer and Michele Carminati, Eds. Springer, 2023. pp. 3-23.
DOI: | 10.1007/978-3-031-35504-2_1 |
Weblink: | https://arxiv.org/abs/2305.00584 |
Okapi: A Lightweight Architecture for Secure Speculation Exploiting Locality of Memory Accesses, 2023.
Weblink: | https://arxiv.org/abs/2312.08156 |
Bibtex: | @misc{schmitz2023okapi, author = {Philipp Schmitz and Tobias Jauch and Alex Wezel and Mohammad R. Fadiheh and Thore Tiemann and Jonah Heller and Thomas Eisenbarth and Dominik Stoffel and Wolfgang Kunz}, title = {Okapi: A Lightweight Architecture for Secure Speculation Exploiting Locality of Memory Accesses}, year = {2023}, eprint = {2312.08156}, archivePrefix = {arXiv}, primaryClass = {cs.CR}, url = {https://doi.org/10.48550/arXiv.2312.08156}, doi = {10.48550/arXiv.2312.08156}, } |
Overcoming the Pitfalls of HPC-based Cryptojacking Detection in Presence of GPUs, in Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy, CODASPY 2023, Charlotte, NC, USA, April 24-26, 2023 , Mohamed Shehab and Maribel Fernandez and Ninghui Li, Eds. ACM, 2023. pp. 177-188.
DOI: | 10.1145/3577923.3583655 |
Datei: | 3577923.3583655 |
Subversion-Resilient Authenticated Encryption Without Random Oracles, in Applied Cryptography and Network Security - 21st International Conference, ACNS 2023, Kyoto, Japan, June 19-22, 2023, Proceedings, Part II , Mehdi Tibouchi and Xiaofeng Wang, Eds. Springer, 2023. pp. 460-483.
DOI: | 10.1007/978-3-031-33491-7_17 |
Datei: | 978-3-031-33491-7_17 |
"Act natural!": Exchanging Private Messages on Public Blockchains, in 8th IEEE European Symposium on Security and Privacy, EuroS&P 2023 , IEEE, 2023. pp. 292-308.
DOI: | 10.1109/EuroSP57164.2023.00026 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/EuroSP57164.2023.00026 |
Weblink: | https://eprint.iacr.org/2021/1073 |
Datei: | Dateilink |
Bibtex: | @inproceedings{tiemann2023actnatural, author = {Thore Tiemann and Sebastian Berndt and Thomas Eisenbarth and Maciej Liskiewicz}, title = {"Act natural!": Exchanging Private Messages on Public Blockchains}, booktitle = {8th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2023, Delft, Netherlands, July 3-7, 2023}, pages = {292--308}, publisher = {{IEEE}}, year = {2023}, url = {https://doi.org/10.1109/EuroSP57164.2023.00026}, doi = {10.1109/EUROSP57164.2023.00026} } |
Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software, in 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023 , Joseph A. Calandrino and Carmela Troncoso, Eds. USENIX Association, 2023. pp. 6789-6806.
DOI: | 10.48550/arXiv.2210.13124 |
Datei: | wichelmann |
IOTLB-SC: An Accelerator-Independent Leakage Source in Modern Cloud Systems, in Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, ASIA CCS 2023 , Joseph K. Liu and Yang Xiang and Surya Nepal and Gene Tsudik, Eds. ACM, 2023. pp. 827-840.
DOI: | 10.1145/3579856.3582838 |
Weblink: | https://arxiv.org/abs/2202.11623 |
Datei: | Dateilink |
Bibtex: | @inproceedings{tiemann2023iotlbsc, author = {Thore Tiemann and Zane Weissman and Thomas Eisenbarth and Berk Sunar}, editor = {Joseph K. Liu and Yang Xiang and Surya Nepal and Gene Tsudik}, title = {{IOTLB-SC:} An Accelerator-Independent Leakage Source in Modern Cloud Systems}, booktitle = {Proceedings of the 2023 {ACM} Asia Conference on Computer and Communications Security, {ASIA} {CCS} 2023, Melbourne, VIC, Australia, July 10-14, 2023}, pages = {827--840}, publisher = {{ACM}}, year = {2023}, url = {https://doi.org/10.1145/3579856.3582838}, doi = {10.1145/3579856.3582838} } |
2022
A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP, in 2022 IEEE Symposium on Security and Privacy (SP) , San Francisco, CA, USA: IEEE, 2022. pp. 337-351.
DOI: | 10.1109/SP46214.2022.9833768 |
Weblink: | https://doi.ieeecomputersociety.org/10.1109/SP46214.2022.9833768 |
ASAP: Algorithm Substitution Attacks on Cryptographic Protocols, in Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security , ACM, 2022. pp. 712-726.
DOI: | 10.1145/3488932.3517387 |
ISBN: | 9781450391405 |
Datei: | 3488932.3517387 |
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications, in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022 , Heng Yin and Angelos Stavrou and Cas Cremers and Elaine Shi, Eds. ACM, 2022. pp. 2915-2929.
DOI: | 10.1145/3548606.3560654 |
Datei: | 3548606.3560654 |
2021
Nano Security: From Nano-Electronics to Secure Systems, in Design, Automation & Test in Europe Conference & Exhibition, DATE 2021, Grenoble, France, February 1-5, 2021 , IEEE, 2021. pp. 1334-1339.
DOI: | 10.23919/DATE51398.2021.9474187 |
Util: : Lookup: Exploiting Key Decoding in Cryptographic Libraries, in CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security , Yongdae Kim and Jong Kim and Giovanni Vigna and Elaine Shi, Eds. ACM, 2021. pp. 2456-2473.
DOI: | 10.1145/3460120.3484783 |
Datei: | 3460120.3484783 |
undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation, in 2021 IEEE Security and Privacy Workshops (SPW) , 2021. pp. 456-466.
DOI: | 10.1109/SPW53761.2021.00064 |
Datei: |
Side-Channel Protections for Picnic Signatures, IACR Transactions on Cryptographic Hardware and Embedded Systems , vol. 2021, no. 4, pp. 239-282, 2021.
DOI: | 10.46586/tches.v2021.i4.239-282 |
Datei: | 9066 |
- Mitarbeiter*innen
- Thomas Eisenbarth
- Esfandiar Mohammadi
- Paula Arnold
- Jeremy Boy
- Finn Burmester
- Till Eifert
- Tim Gellersen
- Jonah Heller
- Kristoffer Hempel
- Timothy Imort
- Moritz Kirschte
- Marven Kummerfeldt
- Johannes Liebenow
- Nils Loose
- Felix Mächtle
- Felix Maurer
- Sebastian Meiser
- Anna Pätschke
- Pajam Pauls
- Thorsten Peinemann
- Christopher Peredy
- Tammo Polle
- Yannik Potdevin
- Claudius Pott
- Anja Rabich
- Jonas Sander
- Ines Schiebahn
- Yara Schütt
- Jan-Niclas Serr
- Florian Sieck
- Annika Strang
- Thore Tiemann
- Alexander Treff
- Jan Wichelmann
- Luca Wilke