Content protection mechanisms are intended to enforce the usage rights on the content. These usage rights are carried by a license. Sometimes, a license even carries the key that is used to unlock the protected content. Unfortunately, license protection is difficult, yet it is important for digital rights management (DRM). Not many license protection schemes are available, and most if not all a...

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology...

Side-channel attacks represent a very frequent and severe type of attack against implementations of cryptographic protocols. Most countermeasures proposed until recently are ad-hoc, offer only partial remedy and fail to capture the problem in its entirety. In light of this, the last few years the cryptographic community has tried to set the theoretical foundations in order to formally address t...

Information leakage is a major concern in modern day IT-security. In fact, a malicious user is often able to extract information about private values from the computation performed on the devices. In specific settings, such as RFID, where a low computational complexity is required, it is hard to apply standard techniques to achieve resilience against this kind of attacks. In this paper, we pres...

2007 ii ≪Timmy & Finn – Sonnenkinder, die auch im Regen lachen≫ Acknowledgments I am deeply grateful to my supervisor, Prof. Dr. Johannes Blömer, for his great support and continuous encouragement in writing this thesis. Among other topics, he introduced me into the field of tamper resistance and side channel attacks and supplied me with new interesting and challenging problems and ideas. Johan...

Applications of wireless sensor network (WSN) are growing significantly, and many security protocols meant for WSN have been proposed. One of the unique problems of WSN is that the sensor nodes are not tamper resistant as the main attraction of deploying WSN is its low cost. Node replication attack exploits this weakness to launch an attack, in which cryptographic secrets from the compromised s...

We present a generic method to secure various widely-used cryptosystems against arbitrary side-channel leakage, as long as the leakage adheres three restrictions: rst, it is bounded per observation but in total can be arbitrary large. Second, memory parts leak independently, and, third, the randomness that is used for certain operations comes from a simple (non-uniform) distribution. As a funda...

In recent work, Anderson and Kuhn [3] described an attack against tamper-resistant devices wherein a secret key stored in EEPROM is compromised using a simple and lowcost attack. The attack consists of setting bits in the EEPROM using low-cost probes and observing the effect on the output of the device. These attacks are extremely general, as they apply to virtually any cryptosystem. The object...

We consider the question of adaptive security for two related cryptographic primitives: all-or-nothing transforms and exposureresilient functions. Both are concerned with retaining security when an intruder learns some bits of a string which is supposed to be secret: all-or-nothing transforms (AONT) protect their input even given partial knowledge of the output; exposure-resilient functions (ER...

We study the design of cryptographic primitives resilient to key-leakage attacks, where an attacker can repeatedly and adaptively learn information about the secret key, subject only to the constraint that the overall amount of such information is bounded by some parameter l. We construct a variety of leakage-resilient public-key systems including the first known identification schemes (ID), si...