Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters
Reset filters

Settings
Now showing 1 - 4 of 4
  • Publication
    Ist das die Wallet der Zukunft?
    ( 2023)
    Krauß, Anna-Magdalena
    ;
    Sellung, Rachelle
    ;
    Kostic, Sandra
    Heutzutage werden digitale Identitäten oft unsicher umgesetzt und sind mit der Erstellung von vielen unterschiedlichen Accounts durch Nutzende verbunden. Das soll langfristig durch die Nutzung sogenannter Digital Identity Wallets verbessert werden. Diese Wallets ermöglichen die Verwaltung und Nutzung von digitalen Identitäten sowie Nachweisdokumenten. Dazu gehören unter anderem Nachweise wie der Führerschein, der Bibliotheksausweis oder auch Flugtickets. Alle diese Daten können gemeinsam in einer Wallet-App auf den Endgeräten der Nutzenden gespeichert werden. Die Nutzenden verwalten ihre Daten eigenständig und entscheiden selbst darüber, welche und wie viele Daten sie über sich preisgeben wollen.Aktuelle Forschungen zeigen allerdings, dass die bisher entwickelten Wallets Usability-Probleme aufweisen, sodass Nutzende nur schwer das Konzept dieser Wallets greifen können. Zudem weisen heutige digitale Dienstleistungen zahlreiche Hürden auf, welche den Einsatz von digitalen Identitäten erschweren.In diesem Beitrag wird basierend auf einer Wallet-Analyse und User-Experience-Anforderungen ein Konzeptvorschlag für eine nutzungsfreundlichere Wallet vorgestellt, bei der die Nutzenden im Mittelpunkt stehen. So sieht dieses Konzept einen umfangreicheren Funktionsumfang im Vergleich zu aktuellen Wallet Umsetzungen vor, mit dem Ziel die Wallet stärker den Bedürfnissen der Nutzenden anzupassen. Darunter fallen Funktionen wie die Kommunikation zwischen Wallet und Dienstanbieter ohne die Notwendigkeit des Teilens von Kontaktdaten, die Option der Dauervollmachten zur Freigabe von Daten, die Möglichkeit der Verwaltung von Daten in Vertretung anderer Personen sowie die Organisation der eigenen Daten.
  • Publication
    Remote Electronic Voting in Uncontrolled Environments: A Classifying Survey
    ( 2023)
    Heinl, Michael orcid-logo
    ;
    Gölz, Simon
    ;
    Bösch, Christoph
    Remote electronic voting, often called online or Internet voting, has been subject to research for the last four decades. It is regularly discussed in public debates, especially in the context of enabling voters to conveniently cast their ballot from home using their personal devices. Since these devices are not under the control of the electoral authority and could be potentially compromised, this setting is referred to as an "uncontrolled environment" for which special security assumptions have to be considered. This paper employs general election principles to derive cryptographic, technical, and organizational requirements for remote electronic voting. Based on these requirements, we have extended an existing methodology to assess online voting schemes and develop a corresponding reference attacker model to support the preparation of tailored protection profiles for different levels of elections. After presenting a broad survey of different voting schemes, we use this methodology to assess and classify those schemes comparatively by leveraging four election-specific attacker models.
  • Publication
    Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber
    ( 2021)
    Hamburg, Mike
    ;
    Hermelink, Julius
    ;
    Primas, Robert
    ;
    Samardjiska, Simona
    ;
    Schamberger, Thomas
    ;
    Streit, Silvan
    ;
    Strieder, Emanuele orcid-logo
    ;
    Vredendaal, Christine van
    Single-trace attacks are a considerable threat to implementations of classic public-key schemes, and their implications on newer lattice-based schemes are still not well understood. Two recent works have presented successful single-trace attacks targeting the Number Theoretic Transform (NTT), which is at the heart of many lattice-based schemes. However, these attacks either require a quite powerful side-channel adversary or are restricted to specific scenarios such as the encryption of ephemeral secrets. It is still an open question if such attacks can be performed by simpler adversaries while targeting more common public-key scenarios. In this paper, we answer this question positively. First, we present a method for crafting ring/module-LWE ciphertexts that result in sparse polynomials at the input of inverse NTT computations, independent of the used private key. We then demonstrate how this sparseness can be incorporated into a side-channel attack, thereby significantly improving noise resistance of the attack compared to previous works. The effectiveness of our attack is shown on the use-case of CCA2 secure Kyber k-module-LWE, where k ∈ {2, 3, 4}. Our k-trace attack on the long-term secret can handle noise up to a s < 1.2 in the noisy Hamming weight leakage model, also for masked implementations. A 2k-trace variant for Kyber1024 even allows noise s < 2.2 also in the masked case, with more traces allowing us to recover keys up to s < 2.7. Single-trace attack variants have a noise tolerance depending on the Kyber parameter set, ranging from s < 0.5 to s < 0.7. As a comparison, similar previous attacks in the masked setting were only successful with s < 0.5.
  • Publication
    Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers
    ( 2020)
    Unterstein, Florian
    ;
    Schink, Marc
    ;
    Schamberger, Thomas
    ;
    Tebelmann, Lars
    ;
    Ilg, Manuel
    ;
    Heyszl, Johann
    The security of Internet of Things (IoT) devices relies on fundamental concepts such as cryptographically protected firmware updates. In this context attackers usually have physical access to a device and therefore side-channel attacks have to be considered. This makes the protection of required cryptographic keys and implementations challenging, especially for commercial off-the-shelf (COTS) microcontrollers that typically have no hardware countermeasures. In this work, we demonstrate how unprotected hardware AES engines of COTS microcontrollers can be efficiently protected against side-channel attacks by constructing a leakage resilient pseudo random function (LR-PRF). Using this side-channel protected building block, we implement a leakage resilient authenticated encryption with associated data (AEAD) scheme that enables secured firmware updates. We use concepts from leakage resilience to retrofit side-channel protection on unprotected hardware AES engines by means of software-only modifications. The LR-PRF construction leverages frequent key changes and low data complexity together with key dependent noise from parallel hardware to protect against side-channel attacks. Contrary to most other protection mechanisms such as time-based hiding, no additional true randomness is required. Our concept relies on parallel S-boxes in the AES hardware implementation, a feature that is fortunately present in many microcontrollers as a measure to increase performance. In a case study, we implement the protected AEAD scheme for two popular ARM Cortex-M microcontrollers with differing parallelism. We evaluate the protection capabilities in realistic IoT attack scenarios, where non-invasive EM probes or power consumption measurements are employed by the attacker. We show that the concept provides the side-channel hardening that is required for the long-term security of IoT devices.