Hardware Security

Security for integrated circuits

Hardware security focuses on attacks on and protection measures in integrated circuits, microchips, as well as modules of several microchips on circuit boards. The main tasks are divided into the defense against attackers with physical access to their targets and the provision of a basic hardware security layer on which further protective mechanisms, e.g., for the protection of operating systems, can be built.

The focus of the department Hardware Security is on security evaluation in the lab, on securing and integrating microcontrollers and secure elements, tampering protection, and on the reliable use of system-on-chips and FPGAs. In this context, research is conducted and published in areas of side-channel analysis of cryptographic implementations, fault attacks, hardware penetration testing, physical-unclonable functions (PUF), and the use of machine learning. The results extend the state of the art in evaluation and protection measures. This distinctive spectrum of expertise and the many years of experience, as well as the corresponding equipment landscape with tooling in the laboratory, allow complex systems to be examined for vulnerabilities and individual security solutions to be designed.

Labs

 

Hardware Security Lab

Our Hardware Security Lab offers a broad spectrum of hardware security analyses: from offensive security analysis of embedded systems to highly specialized attacks on security implementations.

 

Offerings

Working closely with our customers and partners, our goal is to systematically improve the ability to assess the security of systems and products in order to evaluate system reliability, design systems to be secure, and sustainably maintain security throughout their lifecycle.

Evaluate Security

  • Security or threat analyses of embedded systems - after a vulnerability has become known or beforehand
  • Evaluate security against requirements from norms and standards, for example in the IoT and medical areas
  • Concrete hardware security evaluations of products, chips, and systems in the lab
  • Evaluation of IoT products regarding hardware, firmware and (radio) communication security
  • Side-channel analyses and fault attacks on cryptographic implementations
  • Development of measuring stations and tooling for side-channel analysis and fault attacks according to customer requirement

 

Design Security

  • Customized security concepts for embedded systems and IoT products based on a trade-off between costs and security.
  • Security solutions based on informed selection and correct implementation of protection mechanisms of modern microcontrollers or system-on-chips as well as dedicated security chips
  • Ready-to-use security functions and cryptographic algorithms in firmware on microcontrollers and in hardware on FPGAs for IoT devices to implement, for example, encryption and secure updates

 

Maintain Security

  • Development of security roadmaps for products, especially with increasing regulatory requirements, e.g., in medical devices and IoT devices in general
  • Forward-looking security assessments and forecasts of challenges in the coming year

Expertise

Attacks

Side-channel attacks

Side-channel attacks are fundamentally different from conventional attacks on cryptographic algorithms. In the latter case, attackers attempt to solve a complex mathematical problem or search the entire key space to break cryptographic systems.  In contrast, side-channel attacks use information such as runtime, power consumption, or electromagnetic emission. Attackers can use this information to obtain secret data stored on the device. We evaluate the side-channel security of cryptographic implementations in our hardware lab using state-of-the-art high-precision measurement equipment and software. The knowledge generated there is used to design and implement countermeasures which are customized for a specific target platform.

Fault attacks

Fault attacks attempt to disrupt systems in a specific way. This can be accomplished by increasing or decreasing the supply voltage, by changing the frequency or the ambient temperature, or by deliberately disturbing the system using lasers or electromagnetic pulses. Combined with knowledge of the operating principle of a cryptographic algorithm, the intentionally induced errors can be used to gather information about the secret key processed internally. Likewise, it can be utilized to bypass memory protection measures or to activate debug interfaces. Laser-assisted error injection makes it possible to induce errors with very high accuracy (in terms of time and location). This gives the attacker more control and allows a wider range of attacks. Our hardware lab has two different laser stations to perform fault attacks and evaluate device security and countermeasures.

Machine Learning

Modern statistical methods, which are often summarized under the term machine learning, serve to improve the evaluation of complex data. Machine learning offers the necessary flexibility to make complex statistical correlations visible. In the Hardware Security department, various algorithms are used to evaluate measurement data from side-channel measurements and for anomaly detection in sensor networks. Machine learning not only helps to better understand sensor data on resource-constrained platforms or side-channel measurements with terabytes of data, but also opens up the application to a variety of new kinds of problems.

 

System Design

Internet-of-Things

Systems in the Internet-of-Things (IoT) typically have a long operating time, limited processing resources and a reduced battery life. In the process, they may also incur only low costs in production and operation. Due to these constraints, many of the established security technologies cannot be directly transferred to the IoT domain. One research focus of the department Hardware Security therefore lies on innovative hardware and software design patterns that aim to increase the resilience of IoT devices with limited resources against cyber attacks. These include, for example, memory protection mechanisms, system attestation and identities, and measures against denial-of-service attacks.

Medical Devices

Connected medical devices and so-called wearables, such as continuous glucose monitors or implanted pacemakers, are exposed to high risks of attack due to their increasing distribution and functionality. Based on our analysis and solution expertise from hardware to networks security, we help manufacturers to design secure devices that also meet the requirements of the new Medical Device Regulation (MDR).

Sensor Networks

Wireless sensor networks are the sensory organs of the Internet-of-Things. Often, the collected data is critical and must be protected against eavesdropping or manipulation. The management of the cryptographic keys required for this purpose is challenging due to the large number of sensor nodes and their limited computing power. We are therefore continuously expanding our expertise in the field of key management solutions that combine security and user-friendliness and enable any user to easily operate secure wireless sensor networks.

System-on-Chips

Systems-on-chips (SoCs) combine a multitude of functions in a single chip. They are the foundation of countless embedded systems and must therefore be protected carefully. The many functions of an SoC provide a large surface for attack, which makes securing them a major challenge. Debug interfaces and external memory modules must be secured, cryptographic keys must be stored in a secure manner, and software must be executed securely. Secure boot and update, firmware encryption, key storage, protection of intellectual property and secure execution environments are just some of the topics that have been the focus of the Hardware Security department for years.

Tamper Protection

Embedded systems are exposed to physical tampering to manipulate the system or derive critical secrets, especially in the domain of high-assurance communication. Detecting and reacting to tampering requires the interaction of sensor technologies, electronics and embedded security. We are collaborating with technology partners to design new tamper protection methods, in particular based on Physical Unclonable Function (PUFs) to assess the physical integrity of a device based on the validity of a physical hardware fingerprint.

 

Hardware Design

FPGAs und PUFs

The use of programmable hardware, so-called Field Programmable Gate Arrays (FPGAs), in embedded systems and as part of high-performance systems-on-chip is growing rapidly. In this context, purchased third-party designs can compromise the security of the overall system from the inside. Our security reviews identify specific points of attack and help to secure systems at an early stage. Another research area deals with the use of FPGAs as a basis for Physical Unclonable Functions (PUFs). PUFs are circuits that use manufacturing variations to create a unique bit string. This can then be used to bind cryptographic keys or uniquely identify a chip. PUFs can be used in FPGA applications to provide the user with a secure key store without relying on security features provided by the manufacturer. These are often less trustworthy and more vulnerable to attack. Here, an array of over 200 FPGAs allows us to analyze the statistical properties of improved and novel implementations of PUF circuits on FPGAs.

Trusted Electronics

Securing electronics supply chains and the topic of secure open-source hardware, especially RISC-V based system-on-chips, have become more important in recent years. We use our competencies in electronics security here and research RISC-V based designs and hardened crypto accelerators, as well as improved test methods for evaluating trustworthiness.

Selected Projects

Velektronik

The goal of the research project "Velektronik" is to establish a networking platform for trusted electronics for Germany and thus create an interface between researchers and companies.

Under the overall coordination of Fraunhofer AISEC, various cooperation partners from the Fraunhofer-Gesellschaft and Leibniz Association will work together with the edacentrum in the Forschungsfabrik Mikroelektronik Deutschland (FMD) during the next three years to develop solution concepts for trusted electronics in all areas of electronics development and manufacturing.

Within the framework of the funding guideline for "Vertrauenswürdige Elektronik (ZEUS)" of the Federal Ministry of Education and Research (BMBF), overarching issues in the three main areas design, manufacturing and analysis of the microelectronics value chain will be addressed.

https://www.velektronik.de/en

Selected Initiatives and Collaborations

 

Fraunhofer CCIT

IoT-COMMs

The research center IoT-COMMs develops key technologies for the Internet of Things (IoT) to obtain reliable and secure sensor data. In doing so, it combines solutions for networking, localisation and information security and drives them forward.

 

High Performance Center

Secure Intelligent Systems

The High Performance Center »Secure Intelligent Systems« is an initiative of the Fraunhofer Institutes AISEC, EMFT, IBP, IGCV, IKS and IVV from Munich metropolitan region with the Technical University of Munich, the Universität der Bundeswehr München and the Munich University of Applied Sciences.

Publications

  • Mike Hamburg, Julius Hermelink, Robert Primas, Simona Samardjiska, Thomas Schamberger, SilvanStreit, Emanuele Strieder, and Christine van Vredendaal. “Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber”. In: IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021.4 (2021), pp. 88–
    113. DOI: 10.46586/tches.v2021.i4.88-113.
    URL: https://doi.org/10.46586/tches.v2021.i4.88-113.
  • Florian Hauschild, Kathrin Garb, Lukas Auer, Bodo Selmke, and Johannes Obermaier. “ARCHIE: A QEMU-Based Framework for Architecture-Independent Evaluation of Faults”. In: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC). 2021.
  • Stefan Hristozov, Manuel Huber, Lei Xu, Jaro Fietz, Marco Liess, and Georg Sigl. “The Cost of OS-CORE and EDHOC for Constrained Devices”. In: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy. CODASPY ’21. Virtual Event, USA: Association for
    Computing Machinery, 2021, 245–250. ISBN: 9781450381437. DOI: 10.1145/3422337.3447834.
    URL: https://doi.org/10.1145/3422337.3447834
  • Marc Schink, Alexander Wagner, Florian Unterstein, and Johann Heyszl. “Security and Trust in Open Source Security Tokens”. In: IACR Transactions on Cryptographic Hardware and Embedded Systems 2021.3 (2021), 176–201. DOI: 10.46586/tches.v2021.i3.176-201.
    URL: https://tches.iacr.org/index.php/TCHES/article/view/8972.
  • Martin Striegel, Jonas Erasmus, and Parag Jain. “Evaluating Augmented Reality for Wireless Network Security Education”. en. In: {IEEE} Frontiers in Education {FIE}. 2021.

  • Johann Heyszl, Katja Miller, Florian Unterstein, Marc Schink, Alexander Wagner, Horst A. Gieser, Sven Freud, Tobias Damm, Dominik Klein, and Dennis Kügler. “Investigating Profiled Side-Channel Attacks Against the DES Key Schedule”. In: IACR Trans. Cryptogr. Hardw. Embed. Syst.2020.3 (2020), pp. 22–72. DOI: 10.13154/tches.v2020.i3.22-72.
    URL: https://doi.org/10.13154/tches.v2020.i3.22-72
  • Stefan Hristozov, Manuel Huber, and Georg Sigl. “Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks”. en. In: IEEE International Symposium on Hardware Oriented Security and Trust (HOST). San Jose, CA, USA, 2020.
  • Mathieu Gross, Nisha Jacob, Andreas Zankl, and Georg Sigl. “Breaking TrustZone Memory Isolation through Malicious Hardware on a Modern  FPGA-SoC”. In: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, ASHES@CCS 2019, London, UK, November 15, 2019. Ed. by ChipHong Chang, Ulrich Rührmair, Daniel E. Holcomb, and Patrick Schaumont. ACM, 2019, pp. 3–12. DOI: 10.1145/3338508.3359568.
    URL: https://doi.org/10.1145/3338508.3359568.
  • Michael Gruber and Bodo Selmke. “Differential Fault Attacks on KLEIN”. In: Constructive Side-Channel Analysis and Secure Design 10th International Workshop, COSADE 2019, Darmstadt, Germany, April 35, 2019, Proceedings. Ed. by Ilia Polian and Marc Stöttinger. Vol. 11421. Lecture Notes in Computer Science. Springer, 2019, pp. 80–95. DOI: 10.1007/978-3-030-16350-1\_6.
    URL: https://doi.org/10.1007/978-3-030-16350-1\_6.
  • Marc Schink and Johannes Obermaier. “Taking a Look into Execute-Only
    Memory”. In: 13th USENIX Workshop on Offensive Technologies (WOOT 19). Santa Clara, CA: USENIX Association, Aug. 2019.
    URL: https://www.usenix.org/conference/woot19/presentation/schink.
  • Bodo Selmke, Florian Hauschild, and Johannes Obermaier. “Peak Clock: Fault Injection into PLL-Based Systems via Clock Manipulation”. In: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop. 2019. DOI: 10.1145/3338508.3359577.
    URL: https://doi.org/10.1145/3338508.3359577.
  • Martin Striegel and Thomas Otto. “Smart Intersections Improve Traffic Flow and Road Safety”. In: ERCIM News 2019.119 (2019).
    URL: https://ercim- news.ercim.eu/en119/special/smart-intersections-improve-traffic-flow-and-road-safety.
  • Martin Striegel, Carsten Rolfes, Fabian Helfert, Max Hornung, Johann Heyszl, and Georg Sigl. “EyeSec: A Retrofittable Augmented Reality Tool for Troubleshooting Wireless Sensor Networks in the Field”. In: Proceedings of the 2019 International Conference on Embedded Wireless Systems and Networks, EWSN 2019, Beijing, China, February 2527, 2019. 2019, pp. 184–193.
  • Florian Unterstein, Nisha Jacob, Neil Hanley, Chongyan Gu, and Johann Heyszl. “SCA Secure and Updatable Crypto Engines for FPGA SoC Bitstream Decryption”. In: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, ASHES@CCS 2019, London, UK, November 15, 2019. Ed. by ChipHong Chang, Ulrich Rührmair, Daniel E. Holcomb, and Patrick Schaumont. ACM, 2019, pp. 43–53. DOI: 10.1145/3338508.3359573.
    URL: https://doi.org/10.1145/3338508.3359573.

  • Robert Hesselbarth, Florian Wilde, Chongyan Gu, and Hanley Neil. “Large Scale RO PUF Analysisover Slice Type, Evaluation Time and Temperature on 28nm Xilinx FPGAs”. en. In: IEEE InternationalSymposium on Hardware Oriented Security and Trust (HOST). Washington DC, USA, 2018.
  • Stefan Hristozov, Johann Heyszl, Steffen Wagner, and Georg Sigl. “Practical Runtime Attestationfor Tiny IoT Devices”. In: NDSS Workshop on Decentralized IoT Security and Standards (DISS) 2018, San Diego, CA, USA. 2018. ISBN: 1-891562-51-7. DOI: https://dx.doi.org/10.14722/diss.2018.23011. URL: www.ndss-symposium.org
  • Philipp Koppermann, Fabrizio De Santis, Johann Heyszl, and Georg Sigl. “Fast FPGA Implementa-tions of Diffie-Hellman on the Kummer Surface of a Genus-2 Curve”. In:IACR Trans. Cryptogr.Hardw. Embed. Syst.2018.1 (2018), pp. 1–17. DOI:10.13154/tches.v2018.i1.1-17. URL: https://doi.org/10.13154/tches.v2018.i1.1-17.
  • Cezar Reinbrecht, Bruno Forlin, Andreas Zankl, and Johanna Sepúlveda. “Earthquake - A NoC-based optimized differential cache-collision attack for MPSoCs”. In:2018 Design, Automation &Test in Europe Conference & Exhibition, DATE 2018, Dresden, Germany, March 19-23, 2018. IEEE,2018, pp. 648–653. ISBN: 978-3-9819263-0-9. DOI:10.23919/DATE.2018.8342090. URL: https://doi.org/10.23919/DATE.2018.8342090.
  • Bodo Selmke, Kilian Zinnecker, Philipp Koppermann, Katja Miller, Johann Heyszl, and Georg Sigl.“Locked out by Latch-up? An Empirical Study on Laser Fault Injection into Arm Cortex-M Proces-sors”. In:2018 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2018, Amster-dam, The Netherlands, September 13, 2018. IEEE Computer Society, 2018, pp. 7–14. DOI:10.1109/FDTC.2018.00010. URL: https://doi.org/10.1109/FDTC.2018.00010.
  • Florian Unterstein, Johann Heyszl, Fabrizio De Santis, Robert Specht, and Georg Sigl. “High-Resolution EM Attacks Against Leakage-Resilient PRFs Explained - And An Improved Construction”. In: Cryptographers Track RSA Conference (CT-RSA 2018). Springer. 2018.
  • Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, and Georg Sigl. “DATA – Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries”. In: 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD: USENIX Association, 2018,pp. 603–620. ISBN: 978-1-931971-46-1. URL: https://www.usenix.org/conference/usenixsecurity18/presentation/weiser.
  • David Atienza and Giorgio Di Natale, eds.Design, Automation & Test in Europe Conference & Exhibi-tion, DATE 2017, Lausanne, Switzerland, March 27-31, 2017. IEEE, 2017. ISBN: 978-3-9815370-8-6. URL: http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=7919927.
  • Wieland Fischer and Naofumi Homma, eds.Cryptographic Hardware and Embedded Systems -CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017, Proceedings.Vol. 10529. Lecture Notes in Computer Science. Springer, 2017. ISBN: 978-3-319-66786-7. DOI:10.1007/978-3-319-66787-4. URL: https://doi.org/10.1007/978-3-319-66787-4.
  • Marc Green, Leandro Rodrigues-Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, and ThomasEisenbarth. “AutoLock: Why Cache Attacks on ARM Are Harder Than You Think”. In:26th USENIXSecurity Symposium (USENIX Security 17). Vancouver, BC: USENIX Association, 2017, pp. 1075–1091. ISBN: 978-1-931971-40-9. URL: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/green.
  • Berk Gulmezoglu, Andreas Zankl, Thomas Eisenbarth, and Berk Sunar. “PerfWeb: How to ViolateWeb Privacy with Hardware Performance Events”. In:Computer Security – ESORICS 2017: 22ndEuropean Symposium on Research in Computer Security, Oslo, Norway, September 11-15, 2017,Proceedings, Part II. Ed. by Simon N. Foley, Dieter Gollmann, and Einar Snekkenes. Cham: SpringerInternational Publishing, 2017, pp. 80–97. ISBN: 978-3-319-66399-9. DOI:10.1007/978-3-319-66399-9_5. URL: https://doi.org/10.1007/978-3-319-66399-9_5.
  • Vincent Immler, Robert Specht, and Florian Unterstein. “Your Rails Cannot Hide From Localized EM:How Dual-Rail Logic Fails on FPGAs”. In:Conference on Cryptographic Hardware and Embedded Systems, CHES 2017. 2017.
  • Nisha Jacob, Johann Heyszl, Andreas Zankl, Carsten Rolfes, and Georg Sigl. “How to Break SecureBoot on FPGA SoCs Through Malicious Hardware”. In:Cryptographic Hardware and EmbeddedSystems - CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017,Proceedings. Ed. by Wieland Fischer and Naofumi Homma. Vol. 10529. Lecture Notes in ComputerScience. Springer, 2017, pp. 425–442. ISBN: 978-3-319-66786-7. DOI:10.1007/978-3-319-66787-4\_21. URL: https://doi.org/10.1007/978-3-319-66787-4\_21.
  • Nisha Jacob, Carsten Rolfes, Andreas Zankl, Johann Heyszl, and Georg Sigl. “Compromising FPGASoCs using malicious hardware blocks”. In:Design, Automation & Test in Europe Conference &Exhibition, DATE 2017, Lausanne, Switzerland, March 27-31, 2017. Ed. by David Atienza and Gior-gio Di Natale. IEEE, 2017, pp. 1122–1127. ISBN: 978-3-9815370-8-6. DOI:10.23919/DATE.2017.7927157. URL: https://doi.org/10.23919/DATE.2017.7927157.
  • Nisha Jacob, Jakob Wittmann, Johann Heyszl, Robert Hesselbarth, Florian Wilde, Michael Pehl,Georg Sigl, and Kai Fisher. “Securing FPGA SoC Configurations Independent of Their Manufac-turers”. In:30th IEEE International System-on-Chip Conference. 2017.
  • P. Koppermann, F. De Santis, J. Heyszl, and G. Sigl. “Automatic generation of high-performancemodular multipliers for arbitrary mersenne primes on FPGAs”. In:2017 IEEE International Sympo-sium on Hardware Oriented Security and Trust (HOST). 2017, pp. 35–40. DOI:10.1109/HST.2017.7951794.
  • Philipp Koppermann, Fabrizio De Santis, Johann Heyszl, and Georg Sigl. “Low-latency X25519hardware implementation: breaking the 100 microseconds barrier”. In:Microprocessors and Mi-crosystems(2017). ISSN: 0141-9331. DOI:http://dx.doi.org/10.1016/j.micpro.2017.07.001. URL: http://www.sciencedirect.com/science/article/pii/S0141933117300273.
  • Johanna Sepúlveda, Mathieu Gross, Andreas Zankl, and Georg Sigl. “Exploiting Bus Communica-tion to Improve Cache Attacks on Systems-on-Chips”. In:2017 IEEE Computer Society Annual Symposium on VLSI, ISVLSI 2017, Bochum, Germany, July 3-5, 2017. 2017, pp. 284–289. ISBN:978-1-5090-6762-6. DOI:10.1109/ISVLSI.2017.57. URL: https://doi.org/10.1109/ISVLSI.2017.57.
  • Johanna Sepúlveda, Mathieu Gross, Andreas Zankl, and Georg Sigl. “Towards trace-driven cacheattacks on Systems-on-Chips - exploiting bus communication”. In:12th International Symposiumon Reconfigurable Communication-centric Systems-on-Chip, ReCoSoC 2017, Madrid, Spain, July12-14, 2017. IEEE, 2017, pp. 1–7. ISBN: 978-1-5386-3344-1. DOI:10.1109/ReCoSoC.2017.8016150. URL: https://doi.org/10.1109/ReCoSoC.2017.8016150.
  • Johanna Sepúlveda, Andreas Zankl, Daniel Flórez, and Georg Sigl. “Towards Protected MPSoC Com-munication for Information Protection against a Malicious NoC”. In:International Conference onComputational Science, ICCS 2017, 12-14 June 2017, Zurich, Switzerland. Ed. by Petros Koumout-sakos, Michael Lees, Valeria V. Krzhizhanovskaya, Jack J. Dongarra, and Peter M. A. Sloot. Vol. 108.Procedia Computer Science. Elsevier, 2017, pp. 1103–1112. DOI:10.1016/j.procs.2017.05.139. URL: https://doi.org/10.1016/j.procs.2017.05.139.
  • Johanna Sepúlveda, Andreas Zankl, Daniel Flórez, and Georg Sigl. “Towards Protected MPSoC Com-munication for Information Protection against a Malicious NoC”. In:International Conference onComputational Science, ICCS 2017, 12-14 June 2017, Zurich, Switzerland. Vol. 108. Procedia Com-puter Science. Elsevier, 2017, pp. 1103 –1112. DOI:10.1016/j.procs.2017.05.139. URL: https://doi.org/10.1016/j.procs.2017.05.139.
  • Johanna Sepúlveda, Andreas Zankl, and Oliver Mischke. “Cache Attacks and Countermeasures forNTRUEncrypt on MPSoCs: Post-quantum Resistance for the IoT”. In:30th IEEE International System-on-Chip Conference, SOCC 2017, Munich, Germany, September 5-8, 2017. IEEE, 2017, pp. 120–125. ISBN: 978-1-5386-4034-0. DOI:10.1109/SOCC.2017.8226020. URL: https://doi.org/10.1109/SOCC.2017.8226020.
  • Florian Unterstein, Johann Heyszl, Fabrizio De Santis, and Robert Specht. “Dissecting Leakage Re-silient PRFs with Multivariate Localized EM Attacks - A Practical Security Evaluation on FPGA”. In:Proceedings of 8th International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE 2017). Springer. 2017.
  • Andreas Zankl, Johann Heyszl, and Georg Sigl. “Automated Detection of Instruction Cache Leaksin Modular Exponentiation Software”. In:Smart Card Research and Advanced Applications: 15thInternational Conference, CARDIS 2016, Cannes, France, November 7–9, 2016, Revised SelectedPapers. Ed. by Kerstin Lemke-Rust and Michael Tunstall. Cham: Springer International Publishing,2017, pp. 228–244. ISBN: 978-3-319-54669-8. DOI:10.1007/978-3-319-54669-8_14. URL: http://dx.doi.org/10.1007/978-3-319-54669-8_14.

  • Robert Hesselbarth and Georg Sigl. “Fast and Reliable PUF Response Evaluation from UnsettledBistable Rings”. en. In:Euromicro Conference on Digital System Design (DSD 2016). Limassol,Cyprus, 2016. URL: http://dsd- seaa2016.cs.ucy.ac.cy/index.php?p=DSD2016
  • Philipp Koppermann, Fabrizio De Santis, Johann Heyszl, and Georg Sigl. “X25519 Hardware Imple-mentation for Low-Latency Applications”. en. In:Euromicro Conference on Digital System Design(DSD 2016). Limassol, Cyprus, 2016. URL: http://dsd-seaa2016.cs.ucy.ac.cy/index.php?p=DSD2016
  • Ralph Nyberg, Johann Heyszl, Dietmar Heinz, and Georg Sigl. “Enhancing Fault Emulation of Tran-sient Faults by Separating Combinational and Sequential Fault Propagation.” In:ACM Great LakesSymposium on VLSI. Ed. by Ayse Kivilcim Coskun, Martin Margala, Laleh Behjat, and Jie Han. ACM,2016, pp. 209–214. ISBN: 978-1-4503-4274-2. URL: http://dblp.uni-trier.de/db/conf/glvlsi/glvlsi2016.html#NybergHHS16
  • Bodo Selmke, Johann Heyszl, and Georg Sigl. “Attack on a DFA protected AES by simultaneouslaser fault injections”. en. In:Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC2016). to appear. Santa Barbara, CA, USA, 2016. URL: http://conferenze.dei.polimi.it/FDTC16/
  • Hermann Seuschek, Johann Heyszl, and Fabrizio De Santis. “A Cautionary Note: Side-Channel Leak-age Implications of Deterministic Signature Schemes”. In:Proceedings of the Third Workshop onCryptography and Security in Computing Systems. ACM. 2016, pp. 7–12.
  • ndreas Zankl, Katja Miller, Johann Heyszl, and Georg Sigl. “Towards Efficient Evaluation of aTime-Driven Cache Attack on Modern Processors”. In:Computer Security – ESORICS 2016: 21st Eu-ropean Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016,Proceedings, Part II. Ed. by Ioannis Askoxylakis, Sotiris Ioannidis, Sokratis Katsikas, and CatherineMeadows. Cham: Springer International Publishing, 2016, pp. 3–19. ISBN: 978-3-319-45741-3.DOI:10.1007/978-3-319-45741-3_1. URL: http://dx.doi.org/10.1007/978-3-319-45741-3_1
  • D. Adam, S. Tverdyshev, C. Rolfes, T. Sandmann, S. Baehr, O. Sander, J. Becker, and U. Baum-garten. “Two Architecture Approaches for MILS Systems in Mobility Domains (Automobile, Railwayand Avionik)”. In:International Workshop on MILS: Architecture and Assurance for Secure Systems (MILS 2015). 2015. URL: http://mils-workshop.euromils.eu/downloads/hipeac_literature/03-mils15_submission_5.pdf.
  • Johann Heyszl and Florian Thiel. “Geldspielgeräte in Zukunft mit geprüfter Sicherheit”. In:Daten-schutz und Datensicherheit-DuD39.4 (2015), pp. 234–239
  • Ralph Nyberg, Johann Heyszl, Dirk Rabe, and Georg Sigl. “Closing the gap between speed andconfigurability of multi-bit fault emulation environments for security and safety-critical designs”.In:Microprocessors and Microsystems - Embedded Hardware Design39.8 (2015), pp. 1119–1129.DOI:10.1016/j.micpro.2015.05.015. URL: http://dx.doi.org/10.1016/j.micpro.2015.05.015
  • Ralph Nyberg, Johann Heyszl, and Georg Sigl. “Efficient Fault Emulation through Splitting Combina-tional and Sequential Fault Propagation”. In:1st International Workshop on Resiliency in EmbeddedElectronic. 2015.
  • Bodo Selmke, Stefan Brummer, Johann Heyszl, and Georg Sigl. “Precise Laser Fault Injections into90 nm and 45 nm SRAM-cells”. In:Smart Card Research and Advanced Applications - 14th In-ternational Conference, CARDIS 2015, Bochum, Germany, November 4-6, 2015. Revised SelectedPapers. 2015, pp. 193–205. DOI:10.1007/978- 3- 319- 31271- 2_12. URL: http://dx.doi.org/10.1007/978-3-319-31271-2_12
  • Robert Specht, Johann Heyszl, Martin Kleinsteuber, and Georg Sigl. “Improving Non-profiled At-tacks on Exponentiations Based on Clustering and Extracting Leakage from Multi-channel High-Resolution EM Measurements”. In:Constructive Side-Channel Analysis and Secure Design - 6thInternational Workshop, COSADE 2015, Berlin, Germany, April 13-14, 2015. Revised Selected Pa-pers. 2015, pp. 3–19. DOI:10.1007/978-3-319-21476-4_1. URL: http://dx.doi.org/10.1007/978-3-319-21476-4_1