Skip to main content

Showing 1–8 of 8 results for author: Krachenfels, T

Searching in archive cs. Search in all archives.
.
  1. arXiv:2309.09782  [pdf, other

    cs.CR

    Modulation to the Rescue: Identifying Sub-Circuitry in the Transistor Morass for Targeted Analysis

    Authors: Xhani Marvin Saß, Thilo Krachenfels, Frederik Dermot Pustelnik, Jean-Pierre Seifert, Christian Große, Frank Altmann

    Abstract: Physical attacks form one of the most severe threats against secure computing platforms. Their criticality arises from their corresponding threat model: By, e.g., passively measuring an integrated circuit's (IC's) environment during a security-related operation, internal secrets may be disclosed. Furthermore, by actively disturbing the physical runtime environment of an IC, an adversary can cause… ▽ More

    Submitted 18 September, 2023; originally announced September 2023.

    Comments: 6 pages, short paper at ASHES2023

  2. arXiv:2209.09835  [pdf, other

    cs.CR

    EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware

    Authors: Niclas Kühnapfel, Robert Buhren, Hans Niklas Jacob, Thilo Krachenfels, Christian Werling, Jean-Pierre Seifert

    Abstract: EMFI has become a popular fault injection (FI) technique due to its ability to inject faults precisely considering timing and location. Recently, ARM, RISC-V, and even x86 processing units in different packages were shown to be vulnerable to electromagnetic fault injection (EMFI) attacks. However, past publications lack a detailed description of the entire attack setup, hindering researchers and c… ▽ More

    Submitted 20 September, 2022; originally announced September 2022.

    Comments: This is the authors' version of the article accepted for publication at IEEE International Conference on Physical Assurance and Inspection of Electronics (PAINE 2022)

  3. arXiv:2108.06131  [pdf, other

    cs.CR

    The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs

    Authors: Otto Bittner, Thilo Krachenfels, Andreas Galauner, Jean-Pierre Seifert

    Abstract: Voltage fault injection (FI) is a well-known attack technique that can be used to force faulty behavior in processors during their operation. Glitching the supply voltage can cause data value corruption, skip security checks, or enable protected code paths. At the same time, modern systems on a chip (SoCs) are used in security-critical applications, such as self-driving cars and autonomous machine… ▽ More

    Submitted 16 August, 2021; v1 submitted 13 August, 2021; originally announced August 2021.

    Comments: This is the authors' version of the article accepted for publication at the 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

  4. arXiv:2108.04575  [pdf, other

    cs.CR

    One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization

    Authors: Robert Buhren, Hans Niklas Jacob, Thilo Krachenfels, Jean-Pierre Seifert

    Abstract: AMD Secure Encrypted Virtualization (SEV) offers protection mechanisms for virtual machines in untrusted environments through memory and register encryption. To separate security-sensitive operations from software executing on the main x86 cores, SEV leverages the AMD Secure Processor (AMD-SP). This paper introduces a new approach to attack SEV-protected virtual machines (VMs) by targeting the AMD… ▽ More

    Submitted 26 August, 2021; v1 submitted 10 August, 2021; originally announced August 2021.

  5. arXiv:2107.10147  [pdf, other

    cs.CR

    Trojan Awakener: Detecting Dormant Malicious Hardware Using Laser Logic State Imaging (Extended Version)

    Authors: Thilo Krachenfels, Jean-Pierre Seifert, Shahin Tajik

    Abstract: The threat of hardware Trojans (HTs) and their detection is a widely studied field. While the effort for inserting a Trojan into an application-specific integrated circuit (ASIC) can be considered relatively high, especially when trusting the chip manufacturer, programmable hardware is vulnerable to Trojan insertion even after the product has been shipped or during usage. At the same time, detecti… ▽ More

    Submitted 2 February, 2023; v1 submitted 21 July, 2021; originally announced July 2021.

    Comments: This is the extended version prepared for journal submission. For remarks on the changes, see the last paragraph of Section 1

  6. arXiv:2102.11656  [pdf, other

    cs.CR

    Automatic Extraction of Secrets from the Transistor Jungle using Laser-Assisted Side-Channel Attacks

    Authors: Thilo Krachenfels, Tuba Kiyan, Shahin Tajik, Jean-Pierre Seifert

    Abstract: The security of modern electronic devices relies on secret keys stored on secure hardware modules as the root-of-trust (RoT). Extracting those keys would break the security of the entire system. As shown before, sophisticated side-channel analysis (SCA) attacks, using chip failure analysis (FA) techniques, can extract data from on-chip memory cells. However, since the chip's layout is unknown to t… ▽ More

    Submitted 23 February, 2021; originally announced February 2021.

    Comments: This is the preprint of the article accepted for publication at USENIX Security 2021

  7. Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model

    Authors: Thilo Krachenfels, Fatemeh Ganji, Amir Moradi, Shahin Tajik, Jean-Pierre Seifert

    Abstract: Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical side-channel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be ob… ▽ More

    Submitted 9 September, 2020; originally announced September 2020.

    Comments: This is the authors' version of the article accepted for publication at IEEE Symposium on Security and Privacy 2021

  8. Evaluation of Low-Cost Thermal Laser Stimulation for Data Extraction and Key Readout

    Authors: Thilo Krachenfels, Heiko Lohrke, Jean-Pierre Seifert, Enrico Dietz, Sven Frohmann, Heinz-Wilhelm Hübers

    Abstract: Recent attacks using thermal laser stimulation (TLS) have shown that it is possible to extract cryptographic keys from the battery-backed memory on state-of-the-art field-programmable gate arrays (FPGAs). However, the professional failure analysis microscopes usually employed for these attacks cost in the order of 500k to 1M dollars. In this work, we evaluate the use of a cheaper commercial laser… ▽ More

    Submitted 11 June, 2020; originally announced June 2020.