sponsored by






Cryptography research




Invited Speakers

Dmitry Nedospasov

Dmitry Nedospasov


Dmitry Nedospasov is a PhD student and researcher in the field of IC security at the Security in Telecommunications (SECT) research group at the Berlin University of Technology (TU Berlin) and the Telekom Innovation Laboratories. He is also part of the Helmholtz Research school on Security Technologies (HRS ST). Dmitry's research interests include hardware security and IC reverse-engineering as well as physical attacks against ICs and embedded systems. His academic research focuses on developing new and novel techniques for semi and fully-invasive IC analysis. These techniques generally target the IC backside and are difficult to mitigate. Most recently, Dmitry has been involved in identifying vulnerabilities in implementations of Physically Unclonable Functions (PUFs).

Talk: Spatially Resolved Side Channel Analysis

Initially, Side-Channel Analysis (SCA) was particularly effective as low-cost, non-invasive blackbox analysis techniques. However, with the advent of SCA countermeasures, their impact has been greatly reduced. Countermeasures generally prevent data leakage on system level. However, today, the most effective attacks are semi-invasive and fully-invasive in nature and utilize spatial resolution to circumvent such countermeasures. For example, Photonic Emission Analysis (PEA), Laser Probing and Voltage Contrast Microscopy can be used to recover data from the target. Moreover, fault injection makes it possible to change the data at runtime using techniques such as laser glitching and microprobing. Though these attacks can circumvent many device countermeasures, they require additional reverse-engineering as they target specific signals on the device. As countermeasures continue to improve, the cost of performing SCA goes up as well. However, the surplus Failure Analysis equipment market is driving down the price of performing semi- and fully-invasive techqniques. Moreover, the reverse-engineering process can be automated in software, eliminating the amount of effort needed to find relevant signals on the device. As a result, semi- and fully-invasive analysis techniques are becoming far more attractive.

Sebastian Faust

Sebstian Faust


Dr. Sebastian Faust is a Marie Curie fellow at EPFL Lausanne working on topics across theoretical and applied cryptography, inlcuding leakage and tamper resilient cryptography and cryptographic protocol design. One of his main interests is to extend the proof-driven security analysis to the level when abstract cryptographic algorithms and protocols are implemented on real-world devices. Prior to working at EPFL, Sebastian was a Postdoc at Aarhus University and completed his PhD as a Microsoft Research PhD scholar at KU Leuven. In an earlier life, Sebastian was working as a business & technology consultant and was involved in a number of startup companies in Germany.

Talk: Leakage Resilient Circuit Compilers

Is cryptography possible when keys and randomness are partially revealed to an adversary? Leakage resilient cryptography addresses this questions by weakening the assumption of black-box computation and considers an adversarial model where the internal state of an algorithm is partially revealed. To this end, it develops new security models that describe the behavior of cryptographic implementations and develops cryptographic schemes that can be proven secure therein. One of the main challenges in the area is to develop generic techniques to protect arbitrary cryptographic computation in the presence of leakage -- so-called leakage resilient circuit compilers. Circuit compilers can be viewed as a formalization of the masking countermeasure, which randomizes computation and is frequently used as a countermeasure against physical leakage due to, e.g., the power consumption of a device. In this talk, we will review some of the main leakage models that have been considered to study the security of leakage resilient compilers and present constructions that can be proven secure in these models. Moreover, I will discuss natural limitations of the concept of provable security for physical security and overview important future challenges.

Organised by

Supported by