Skip to main content

DSI Publications

Journal Article

Bitstream Fault Injections (BiFI) – Automated fault attacks against SRAM-based FPGAs

IEEE Transactions on Computers PP (99): 1–13
Pawel Swierczynski, Georg T. Becker, Amir Moradi, Christof Paar (2017)
Subject(s)
Information technology and systems; Technology, R&D management
Keyword(s)
Bitstream encryption vulnerability, FPGA security, bitstream fault injection, automated key recovery, AES
Volume
PP
Journal Pages
1–13
Journal Article

Die EU-Richtlinie über Netz- und Informationssicherheit: Anforderungen an digitale Dienste [The EU directive on network and information security: Requirements for digital services]

Computer und Recht 2016 (10): 663–670
Martin Schallbruch (2016)
Subject(s)
Technology, R&D management
Volume
2016
Journal Pages
663–670
ISSN (Online)
2194-4172
Journal Article

Why Germany's cybersecurity law isn't working

Defense One
Subject(s)
Economics, politics and business environment
Journal Article

On the pitfalls of using arbiter-PUFs as building blocks

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 34 (8): 1295–1307
Georg T. Becker (2015)
Subject(s)
Information technology and systems
Keyword(s)
Protocols, delays, authentication, error correction codes, computational modeling, buildings, evolution strategies, physical unclonable functions, machine learning, reverse fuzzy extractor
Physical unclonable functions (PUFs) have emerged as a promising solution for securing resource-constrained embedded devices such as RFID tokens. PUFs use the inherent physical differences of every chip to either securely authenticate the chip or generate cryptographic keys without the need of nonvolatile memory. However, PUFs have shown to be vulnerable to model building attacks if the attacker has access to challenge and response pairs. In these model building attacks, machine learning is used to determine the internal parameters of the PUF to build an accurate software model. Nevertheless, PUFs are still a promising building block and several protocols and designs have been proposed that are believed to be resistant against machine learning attacks. In this paper, we take a closer look at two such protocols, one based on reverse fuzzy extractors and one based on pattern matching. We show that it is possible to attack these protocols using machine learning despite the fact that an attacker does not have access to direct challenge and response pairs. The introduced attacks demonstrate that even highly obfuscated responses can be used to attack PUF protocols. Hence, this paper shows that even protocols in which it would be computationally infeasible to compute enough challenge and response pairs for a direct machine learning attack can be attacked using machine learning.
Copyright © 2014 by the Institute of Electrical and Electronics Engineers, Inc
Volume
34
Journal Pages
1295–1307
Journal Article

Cyberdefense: Worst of all cyber construction sites

Georgetown Journal of International Affairs 4: 45–54
Subject(s)
Economics, politics and business environment
Volume
4
Journal Pages
45–54
Journal Article

Mehr Staat fürs Netz

IP - Internationale Politik 4 (4): 100–105
Volume
4
Journal Pages
100–105
Journal Article

Stealthy dopant-level hardware Trojans

Journal of Cryptographic Engineering 1 (4): 19–31
Georg T. Becker, Fran­ces­co Regazzoni, Chris­tof Paar, Wayne P Burleson (2014)
Subject(s)
Information technology and systems
Keyword(s)
Hardware Trojans, malicious hardware, layout modifications, Trojan side-channel
Volume
1
Journal Pages
19–31
Journal Article

Cyber as deterrent

SpringerBriefs in Cybersecurity: 1–10
Sandro Gaycken, Maurizio Martellini (2013)
Subject(s)
Economics, politics and business environment
Keyword(s)
Data encryption, systems and data security, computer communication networks
Journal Pages
1–10
Journal Article

Accountability and risk governance: A scenario-informed reflection on European regulation of GMOs

Journal of Risk Research 16 (9): 1123–1140
Subject(s)
Technology, R&D management
Keyword(s)
Accountability, GMO regulation, risk governance, uncertain risks, organized irresponsibility, multi-level governance
Volume
16
Journal Pages
1123–1140
ISSN (Online)
1466-4461
ISSN (Print)
1366-9877
Journal Article

Side channels as building blocks

Journal of Cryptographic Engineering 2 (3): 143–159
Mar­kus Kasper, Amir Moradi, Georg T. Becker, Oli­ver Mischke, Tim Güneysu, Chris­tof Paar, Wayne Burleson (2012)
Subject(s)
Information technology and systems
Keyword(s)
Side-channel analysis, hardware Trojan, IP watermarking, AES, masking
Volume
2
Journal Pages
143–159