kein Bild

M.Sc. Lars Tebelmann

Technische Universität München

Lehrstuhl für Sicherheit in der Informationstechnik (Prof. Sigl)

Dienstort

Lehrstuhl für Sicherheit in der Informationstechnik (Prof. Sigl)

Work:
Theresienstr. 90(0101)/1.ZG
80333 München

Raum: N1010ZG

PGP: 9701 969B 7C6B A788 3274 F2E2 B81C AA0A BB51 D0D6

Forschungsinteressen

  • Seitenkanalangriffe (EM & Power Analysis) u.a. auf Physical Unclonable Functions und Fehlerkorrekturcodes im PUF-Kontext
  • Gegenmaßnahmen gegen Seitenkanalangriffe

Veröffentlichungen / Publications

2022

  • Egger, Maximilian and Schamberger, Thomas and Tebelmann, Lars and Lippert, Florian and Sigl, Georg: A Second Look at the ASCAD Databases. Constructive Side-Channel Analysis and Secure Design, Springer International Publishing, 2022 mehr… BibTeX

2021

  • Gruber, Michael and Probst, Matthias and Karl, Patrick and Schamberger, Thomas and Tebelmann, Lars and Tempelmeier, Michael and Sigl, Georg: DOMREP – An Orthogonal Countermeasure for Arbitrary Order Side-Channel and Fault Attack Protection. IEEE Transactions on Information Forensics and Security (16), 2021, 4321-4335 mehr… BibTeX
  • Kulow, Alexander and Schamberger, Thomas and Tebelmann, Lars and Sigl, Georg: Finding the Needle in the Haystack: Metrics for Best Trace Selection in Unsupervised Side-Channel Attacks on Blinded RSA. IEEE Transactions on Information Forensics and Security 16, 2021, 3254-3268 mehr… BibTeX
  • Tebelmann, Lars and Kühne, Ulrich and Danger, Jean-Luc and Pehl, Michael: Analysis and Protection of the Two-Metric Helper Data Scheme. Constructive Side-Channel Analysis and Secure Design COSADE, Springer International Publishing, 2021Lugano, Switzerland mehr… BibTeX

2020

  • Tebelmann, Lars; Danger, Jean-Luc; Pehl, Michael: Self-secured PUF: Protecting the Loop PUF by Masking. Constructive Side-Channel Analysis and Secure Design, Springer International Publishing, 2020 mehr… BibTeX
  • Unterstein, Florian; Schink, Marc; Schamberger, Thomas; Tebelmann, Lars; Ilg, Manuel; Heyszl, Johann: Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020 (4), 2020, 365-388 mehr… BibTeX

2019

  • Tebelmann, Lars and Pehl, Michael and Immler, Vincent: Side-Channel Analysis of the TERO PUF. Constructive Side-Channel Analysis and Secure Design COSADE , Springer International Publishing, 2019Darmstadt, Germany mehr… BibTeX

2017

  • Tebelmann, Lars and Pehl, Michael and Sigl, Georg: EM Side-Channel Analysis of BCH-based Error Correction for PUF-based Key Generation. Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security (ASHES '17), ACM, 2017New York, NY, USA mehr… BibTeX
  • Tebelmann, Lars and Pehl, Michael and Sigl, Georg: EM Attack on BCH-based Error Correction for PUFs. Cryptotag, 2017Nürnberg, Germany mehr… BibTeX

Lehre

seit Wintersemester 2017/18

Sichere Implementierung kryptographischer Verfahren

Studentische Arbeiten

Falls Sie an Themen in meinem Forschungsschwerpunkten Interesse haben und auf der Suche nach einer Masterarbeit, Bachelorarbeit oder einer Forschungspraxis sind, kontaktieren Sie mich gerne jederzeit. Je nach Interesse und Vorwissen lassen sich neben den ausgeschriebenen Arbeiten und individuelle Themen finden.

Quantitative Comparison of Different Side Channels

Beschreibung

Despite any  theoretical strength a cryptographics algorithm might offer, a real-world application can only be as good as the eventual implementation. For example, side channel leakage is a common problem: unless particular care is taken during the implementation, any computation running on real hardware leaks information about the processed secrets. Common examples include timing side channels, where the execution time depends on secret bits, or power side channels, where e.g. a CPU’s power draw depends on the processed data.

This work is concerned with gathering measurement data from cryptographic algorithms running on embedded hardware before running attacks based on the collected traces. Ultimately, the aim is a quantitative comparison of different operating conditions and side channels, assessing the information content of the emanated signals and the resulting complexity of extracting the processed secrets using a side channel attack.

Voraussetzungen

  • Necessary: Experience programming in Python
  • Preferrable: Basic understanding of cryptographics algorithms
  • Preferrable: Experience programming microcontrollers in C
  • Optional: HDL hardware design experience

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

 

Betreuer:

Jonas Ruchti, Lars Tebelmann

Side-Channel Countermeasures for Physical Unclonable Functions

Stichworte:
PUF, SCA, Countermeasures

Beschreibung

 

 

Silicon-based Physical Unclonable Functions (PUFs) are circuits used to derive a secret from unpredictable hardware-intrinsic features thereby providing a cost-efficient way to e.g. store a secure key on a device. However, depending on their design, the physical structures may be prone to Side-Channel Analysis (SCA). SCA exploits information leaked by a device over its timing behavior, power consumption or EM emanations to reveal, e.g., the secret embedded in a PUF or cryptographic key material. In order to mitigate the threat of SCA attacks, a variety of countermeasures exists.

The goal of this topic is to provide an overview of existing countermeasures proposed for PUFs (e.g. [1]) that protect against side-channel attacks.

 

References given:

 

  1. Aghaie, A. & Moradi, A. TI-PUF: Toward Side-Channel Resistant Physical Unclonable Functions IEEE Transactions on Information Forensics and Security, 2020, 15, 3470-3481

 

 

Kontakt

Betreuer:

Lars Tebelmann

Algebraic Side-Channel Analysis

Stichworte:
SCA

Beschreibung

Side-Channel Analysis (SCA) exploits information leaked by a device over its timing behavior, power consumption or EM emanations to reveal, e.g., the secret key of a cryptographic algorithms is retrieved. “Classical” SCA methods such as Differential Power Analysis (DPA) or Correlation Power Analysis (CPA) collect a number of measurements for different input values of the algorithm under attack and combine the leakage of different measurements to conduct the attack.

Instead, Algebraic SCA [1] makes use of the internal state of the attacked algorithm to formulate a SAT problem and thus allows for combining different leakages. Furthermore, attacks on a single measurement are possible, an attacker does not need to know inputs and outputs and even countermeasures such as masking schemes can circumvented.

The goal of this topic is to provide an overview over existing approaches on algebraic side-channel analysis that exceeds the seminal works in [1-2] and to outline current trends and applications ofalgebraic attacks.

 [1] Renauld, M. & Standaert, F.-X.: Algebraic Side-Channel Attacks. Information Security and Cryptology, Springer Berlin Heidelberg, 2010, 393-410
[2] Renauld, M.; Standaert, F.-X. & Veyrat-Charvillon, N.: Algebraic Side-Channel Attacks on the AES: Why Time also Mtters in DPA Cryptographic Hardware and Embedded Systems - CHES 2009, Springer Berlin Heidelberg, 2009, 97-111

Kontakt

Betreuer:

Lars Tebelmann

Algebraic Side-Channel Analysis

Stichworte:
SCA

Beschreibung

Side-Channel Analysis (SCA) exploits information leaked by a device over its timing behavior, power consumption or EM emanations to reveal, e.g., the secret key of a cryptographic algorithms is retrieved. “Classical” SCA methods such as Differential Power Analysis (DPA) or Correlation Power Analysis (CPA) collect a number of measurements for different input values of the algorithm under attack and combine the leakage of different measurements to conduct the attack.

Instead, Algebraic SCA [1] makes use of the internal state of the attacked algorithm to formulate a SAT problem and thus allows for combining different leakages. Furthermore, attacks on a single measurement are possible, an attacker does not need to know inputs and outputs and even countermeasures such as masking schemes can circumvented.

The goal of this topic is to provide an overview over existing approaches on algebraic side-channel analysis that exceeds the seminal works in [1-2] and to outline current trends and applications ofalgebraic attacks.

 [1] Renauld, M. & Standaert, F.-X.: Algebraic Side-Channel Attacks. Information Security and Cryptology, Springer Berlin Heidelberg, 2010, 393-410
[2] Renauld, M.; Standaert, F.-X. & Veyrat-Charvillon, N.: Algebraic Side-Channel Attacks on the AES: Why Time also Mtters in DPA Cryptographic Hardware and Embedded Systems - CHES 2009, Springer Berlin Heidelberg, 2009, 97-111

Kontakt

Betreuer:

Lars Tebelmann

Side - channel analysis of error - correcting codes for PUFs

Beschreibung

Physical Unclonable Functions (PUFs) exploit manufacturing process variations to generate unique signatures. PUF and error-correcting codes can be joined together to reliably generate cryptographically strong keys. However, the implementation of error-correcting codes is prone to physical attacks like side-channel attacks. Side-channel attacks exploit the information leaked during the computation of secret intermediate states to recover the secret key. Therefore, the implementation of error-correcting codes must also involve the implementation of proper countermeasures against side-channel attacks.

The goal of this thesis is to evaluate the side-channel resistance of a secure implementation of error-correcting codes for PUFs on FPGA. The thesis consists of the following steps:

  • Get familiar with currently available implementations of error-correcting codes for PUFs
  • Adapt and improve current implementations (VHDL)
  • Develop a measurement setup for side-channel analysis (Matlab/Python)
  • Perform side-channel analysis using the state-of-the-art EMF measurement equipment in our lab (Oscilloscope knowledge + Matlab/Python required)

Voraussetzungen

 The ideal candidate should have:

  • Previous experience in field of digital design (VHDL/Vivado/Xilinx FPGA)
  • Basic knowledge on using lab equipment (e.g Oscilloscope,...)
  • Basic knowledge in statistics
  • Good programming skills in Matlab/Python
  • Attendance at the lecture “Secure Implementation of Cryptographic Algorithms” is advantageous

 

Kontakt

Dr.-Ing. Michael Pehl
Chair for Security in Information Technology
Head: Prof. Dr.-Ing. Georg Sigl
Technical University of Munich
Arcisstr. 21, 80333 Munich (Germany)

Email: m.pehl@tum.de

Betreuer:

Michael Pehl, Lars Tebelmann