Research Highlights

Christof Beierle, Gregor Leander, Yosuke Todo

Improved Differential-Linear Attacks with Applications to ARX Ciphers

BEST PAPER AWARD

40th International Cryptology Conference (IACR Crypto), Santa Barbara, CA, USA, August 2020

We present several improvements to the framework of differential-linear attacks with a special focus on ARX ciphers. As a demonstration of their impact, we apply them to Chaskey and ChaCha and we are able to significantly improve upon the best attacks published so far. (...)

Jens Mül­ler, Mar­cus Brink­mann, Da­mi­an Pod­debni­ak, Hanno Böck, Se­bas­ti­an Schin­zel, Juraj So­mo­rovs­ky, Jörg Schwenk

“John­ny, you are fired!” – Spoo­fing Open­PGP and S/MIME Si­gna­tu­res in Emails

28th USE­NIX Se­cu­ri­ty Sym­po­si­um (USE­NIX Se­cu­ri­ty '19)

In this work we show practical forgery attacks against various implementations of OpenPGP and S/MIME email signature verification in five attack classes: (1) We analyze edge cases in S/MIME’s container format. (2) We exploit in-band signaling in the GnuPG API, the most widely used OpenPGP implementation. (3) We apply MIME wrapping attacks that abuse the email clients’ handling of partially signed messages. (...)

Charles Weir, Ben Hermann, Sascha Fahl

From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security

USENIX-Security. Usenix Security Symposium.

Increasingly mobile device users are being hurt by security or privacy issues with the apps they use. App developers can help prevent this; inexpensive security assurance techniques to do so are now well established, but do developers use them? And if they do so, is that reflected in more secure apps? (...)

Thilo Krachenfels, Fatemeh Ganji, Amir Moradi, Shahin Tajik, Jean-Pierre Seifert

When Real-World Snapshots Question Theory – Revisiting the t-Probing Security Model

S&P. IEEE Symposium on Security and Privacy

Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical sidechannel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be observed by an adversary without learning any sensitive information. (...)

Florian Quinkert, Martin Degeling, Jim Blythe, Thorsten Holz

Be the Phisher - Understanding Users'
Perception of Malicious Domains

ACM CCS. ACM Conference on Computer and Communications Security

Attackers use various domain squatting techniques to convince users that their services are legitimate. Previous work has shown that methods like typosquatting, where single characters are removed or duplicated, can successfully deceive users. In this paper, we present a study that evaluates how well participants distinguish malicious from benign domains before and after they learned and applied domain squatting techniques themselves. (...)

Christian Dresen, Fabian Ising, Damian Poddebniak, Tobias Kappert, Thorsten Holz, Sebastian Schinzel

CORSICA: Cross-origin Web Service Identification

ACM CCS. ACM Conference on Computer and Communications Security

Vulnerabilities in private networks are difficult to detect for attackers outside of the network. While there are known methods for port scanning internal hosts that work by luring unwitting internal users to an external web page that hosts malicious JavaScript code, no such method for detailed and precise service identification is known. (...)

Tobias Cloosters, Michael Rodler, Lucas Davi

TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves

USENIX-Security. Usenix Security Symposium.

Intel’s Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot withstand memory corruption errors inside the enclave code. (...)

Maik Ender, Amir Moradi, Christof Paar

The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs

DISTINGUISHED PAPER AWARD

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

In this paper, we introduce novel low-cost attacks against the Xilinx 7-Series (and Virtex-6) bitstream encryption, resulting in the total loss of authenticity and confidentiality. We exploit a design flaw which piecewise leaks the decrypted bitstream. (...)

Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl,  Ruben Niederhagen, Joost Rijneveld, Peter Schwabe

The SPHINCS+ signature framework.

ACM CCS. ACM Conference on Computer and Communications Security

We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. (...)

Yonglin Hao; Gregor Leander; Willi Meier; Yosuke Todo; Qingju Wang

Modeling for Three-Subset Division Property without Unknown Subset --Improved Cube Attacks against Trivium and Grain-128AEAD

EUROCRYPT. Annual International Conference on the Theory and Applications of Cryptographic Techniques

A division property is a generic tool to search for integral distinguishers, and automatic tools such as MILP or SAT/SMT allow us to evaluate the propagation efficiently. In the application to stream ciphers, it enables us to estimate the security of cube attacks theoretically, and it leads to the best key-recovery attacks against well-known stream ciphers. (...)

Daniel J. Bernstein, Andreas Hülsing

Decisional second-preimage resistance: When does SPR imply PRE?

ASIACRYPT. International Conference on the Theory and Application of Cryptology and Information Security

There is a well-known gap between second preimage resistance and preimage resistance for length-preserving hash functions. This paper introduces a simple concept that fills this gap. One consequence of this concept is that tight reductions can remove interactivity for multi-target length-preserving preimage problems, such as the problems that appear in analyzing hash-based signature systems. (...)

Eduard Hauck, Eike Kiltz, Julian Loss

A Modular Treatment of Blind Signatures from Identification Schemes

EUROCRYPT. Annual International Conference on the Theory and Applications of Cryptographic Techniques

We propose a modular security treatment of blind signatures derived from linear identification schemes in the random oracle model. To this end, we present a general framework that captures several well known schemes from the literature and allows to prove their security. Our modular security reduction introduces a new security notion for identification schemes called One-More-Man In the Middle Security which we show equivalent to the classical One-More-Unforgeability notion for blind signatures. (...)

Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

Practical Decryption exFiltration: Breaking PDF Encryption

ACM CCS. ACM Conference on Computer and Communications Security

The Portable Document Format, better known as PDF, is one of the most widely used document formats worldwide, and in order to ensure information confidentiality, this file format supports document encryption. In this paper, we analyze PDF encryption and show two novel techniques for breaking the confidentiality of encrypted documents. (...)

Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz

AntiFuzz: Impeding Fuzzing Audits of Binary Executables.

USENIX Security Symposium: conference proceedings ; Santa Clara, CA, USA, August 14-16, 2019; pp 1931–1948.

(...) In this paper, we introduce several techniques to protect a binary executable against an analysis with automated bug finding approaches that are based on fuzzing, symbolic/concolic execution, and taint-assisted fuzzing (commonly known as hybrid fuzzing). More specifically, we perform a systematic analysis of the fundamental assumptions of bug finding tools and develop general countermeasures for each assumption. (...)

Thorben Moos, Amir Moradi, Tobias Schneider, François-Xavier Standaert

Glitch-Resistant Masking Revisited.

IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019(2), 256-292. Best Paper Award.

(...) In this paper, we argue that the lack of proofs for TIs, DOM, UMA and GLM makes the interpretation of their security guarantees difficult as the number of shares increases. For this purpose, we first put forward that the higher-order variants of all these schemes are affected by (local or composability) security flaws in the (robust) probing model, due to insufficient refreshing. (…)

Andre Esser, Alexander  May

Low Weight Discrete Logarithms and Subset Sum in 2^0.65n with Polynomial Memory

EUROCRYPT. Annual International Conference on the Theory and Applications of Cryptographic Techniques

We propose two heuristic polynomial memory collision finding algorithms for the low Hamming weight discrete logarithm problem in any abelian group G. The first one is a direct adaptation of the BeckerCoron-Joux (BCJ) algorithm for subset sum to the discrete logarithm setting. (...)

David Rupp­recht, Ka­tha­ri­na Kohls, Thors­ten Holz, Chris­ti­na Pöp­per

IM­P4GT: IM­Per­so­na­ti­on At­tacks in 4G NeT­works

Net­work and Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS), San Diego, Ca­li­for­nia, USA, Fe­bru­ary 2020

In this work, we introduce a novel cross-layer attack that exploits the existing vulnerability on layer two and extends it with an attack mechanism on layer three. More precisely, we take advantage of the default IP stack behavior of operating systems and show that combining it with the layer-two vulnerability allows an active attacker to impersonate a user towards the network and vice versa; we name these attacks IMP4GT. (...)

Dominik Hartmann, Geoffroy Couteau

Shorter Non-Interactive Zero-Knowledge Arguments and ZAPs for Algebraic Languages

40th International Cryptology Conference (IACR Crypto), Santa Barbara, CA, USA, August 2020

We put forth a new framework for building pairing-based non-interactive zero- knowledge (NIZK) arguments for a wide class of algebraic languages, which are an extension of linear languages, containing disjunctions of linear languages and more. (...)

Ser­gej Schu­mi­lo, Cor­ne­li­us Ascher­mann, Ali Ab­ba­si, Simon Wör­ner, Thors­ten Holz

Hy­per-Cu­be: High-Di­men­sio­nal Hy­per­vi­sor Fuz­zing

Net­work and Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS), San Diego, Ca­li­for­nia, USA, Fe­bru­ary 2020

In this paper, we present the design and implementation of HYPER-CUBE, a novel fuzzer that aims explicitly at testing hypervisors in an efficient, effective, and precise way. Our approach is based on a custom operating system that implements a custom bytecode interpreter. This high-throughput design for long-running, interactive targets allows us to fuzz a large number of both open source and proprietary hypervisors.

David Rupprecht, Katharina Kohls, Thorsten Holz

Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

Voice over LTE (VoLTE) is a packet-based telephony service seamlessly integrated into the Long Term Evolution (LTE) standard and deployed by most telecommunication providers in practice. Due to this widespread use, successful attacks against VoLTE can affect a large number of users worldwide. In this work, we introduce ReVoLTE, an attack that exploits an LTE implementation flaw to recover the contents of an encrypted VoLTE call, hence enabling an adversary to eavesdrop on phone calls. ReVoLTE makes use of a predictable keystream reuse on the radio layer that allows an adversary to decrypt a recorded call with minimal resources.

Tim Bla­zyt­ko, Mo­ritz Schlö­gel, Cor­ne­li­us Ascher­mann, Ali Ab­ba­si, Joel Frank, Simon Wör­ner, Thors­ten Holz

Au­ro­ra: Sta­tis­ti­cal Crash Ana­ly­sis for Au­to­ma­ted Root Cause Ex­pla­na­ti­on

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

(...) In this paper, we propose an automated analysis approach that does not only identify the root cause of a given crashing input for a binary executable, but also provides the analyst with context information on the erroneous behavior that characterizes crashing inputs. (...)

Joel Frank, Cornelius Aschermann, Thorsten Holz

ETHBMC: A Bounded Model Checker for Smart Contracts

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

(...) we present the design and implementation of, a bounded model checker based on symbolic execution which provides a precise model of the Ethereum network. We demonstrate its capabilities in a series of experiments. (...)

Abraham A Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, Mathias Payer

HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

Given the increasing ubiquity of online embedded devices, analyzing their firmware is important to security, privacy, and safety. The tight coupling between hardware and firmware and the diversity found in embedded systems makes it hard to perform dynamic analysis on firmware. (...)

Paul Fiterau-Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter,  Konstantinos Sagonas, Juraj Somorovsky

Analysis of DTLS Implementations Using Protocol State Fuzzing

29th USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020

We present the first comprehensive analysis of DTLS implementations using protocol state fuzzing. To that end, we extend TLS-Attacker, an open source framework for analyzing TLS implementations, with support for DTLS tailored to the stateless and unreliable nature of the underlying UDP layer. (...)

Christof Beierle, Alex Biryukov, Luan Cardoso dos Santos, Johann Großschädl, Léo Perrin, Aleksei Udovenko, Vesselin Velichkov, Qingju Wang

Alzette: a 64-bit ARX-box (feat. CRAX and TRAX)

40th International Cryptology Conference (IACR Crypto), Santa Barbara, CA, USA, August 2020

In this paper, we present a 64-bit ARX-based S-box called Alzette, which can be evaluated in constant time using only 12 instructions on modern CPUs. Its parallel application can also leverage vector (SIMD) instructions. (...)

Tim Beyne, Anne Canteaut, Itai Dinur, Maria Eichlseder, Gregor Leander, Gaëtan Leurent, Léo Perrin, María Naya Plasencia, Yu Sasaki, Yosuke Todo, Friedrich Wiemer

Out of Oddity -- New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems

40th International Cryptology Conference (IACR Crypto), Santa Barbara, CA, USA, August 2020

This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. (...)

Eduard Hauck, Eike Kiltz, Julian Loss, Ngoc Khanh Nguyen

Lattice-Based Blind Signatures, Revisited

40th International Cryptology Conference (IACR Crypto), Santa Barbara, CA, USA, August 2020

We observe that all previously known lattice-based blind signature schemes contain subtle flaws in their security proofs (e.g., R\"uckert, ASIACRYPT '08) or can be attacked (e.g., BLAZE by Alkadri et al., FC '20). Motivated by this, we revisit the problem of constructing blind signatures from standard lattice assumptions. (...)

Benedikt Auerbach, Federico Giacon, and Eike Kiltz.

Everybody’s a Target: Scalability in Public-Key Encryption

39th Annual International Conference on the Theory and Applications of Cryptographic, 2020

For 1≤m≤n, we consider a natural m-out-of-n multi-instance scenario for a public-key encryption (PKE) scheme. An adversary, given n independent instances of PKE, wins if he breaks at least m out of the n instances. In this work, we are interested in the scaling factor of PKE schemes, SF, which measures how well the difficulty of breaking m out of the n instances scales in m. (...)

Cor­ne­li­us Ascher­mann, Ser­gej Schu­mi­lo, Ali Ab­ba­si, Thors­ten Holz

IJON: Ex­plo­ring Deep State Spaces via Fuz­zing

IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy ("Oak­land"), San Jose, CA, May 2020

In this paper, we propose IJON, an annotation mechanism that a human analyst can use to guide the fuzzer. In contrast to the two aforementioned techniques, this approach allows a more systematic exploration of the program’s behavior based on the data representing the internal state of the program. As a consequence, using only a small (usually one line) annotation, a user can help the fuzzer to solve previously unsolvable challenges. (...)

Daniel J. Bernstein and Andreas Hülsing and Stefan Kölbl and Ruben Niederhagen and Joost Rijneveld and Peter Schwabe

The SPHINCS+ Signature Framework

ACM SIGSAC Conference on Computer and Communications Security 2019

We introduce SPHINCS+, a stateless hash-based signature framework. SPHINCS+ has significant advantages over the state of the art in terms of speed, signature size, and security, and is among the nine remaining signature schemes in the second round of the NIST PQC standardization project. One of our main contributions in this context is a new few-time signature scheme that we call FORS. (...)

Phil­ipp Mar­kert, Da­ni­el V. Bai­ley, Ma­xi­mi­li­an Golla, Mar­kus Dür­muth, Adam J. Aviv

This PIN Can Be Ea­si­ly Gues­sed: Ana­ly­zing the Se­cu­ri­ty of Smart­pho­ne Un­lock PINs

IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy (SP '20). San Fran­cis­co, Ca­li­for­nia, May, 2020

In this paper, we provide the first comprehensive study of user-chosen 4- and 6-digit PINs (n=1220) collected on smartphones with participants being explicitly primed for device unlocking. We find that against a throttled attacker (with 10, 30, or 100 guesses, matching the smartphone unlock setting), using 6-digit PINs instead of 4-digit PINs provides little to no increase in security, and surprisingly may even decrease security.