CaSa: Cyber Security in the Age of Large-Scale Adversaries (2019-2026)
IT security has become a central societal issue since networked devices have permeated our world. This is what the Cluster of Excellence CaSa is concerned with.
The CaSa cluster is located at the Horst Görtz Institute for IT Security (HGI) at RUB. It is regarded internationally as one of the leading research institutions in the field, has Europe’s largest training programme for IT security, and has extensive academic and industrial networks. Professor Thorsten Holz, Professor Eike Kiltz, and Professor Christof Paar are the speakers of the Cluster.
- More Information: CaSa webseite.
EPoCH: Exploring and Preventing Cryptographic Hardware Backdoors: Protecting the Internet of Things against Next-Generation Attacks (2016-2021)
EPoCH is an ERC Advanced Grant, the most prestigous research funding awarded by the European Research Council. With the evolution towards the Internet of Things, there is a dramatically increased threat potential, as attacks can endanger human life (e.g., in the case of autonomous cars or Industrie 4.0) and can lead to a massive loss of privacy of citizens. A particular dangerous class of attacks manipulates the cryptographic algorithms in the underlying hardware. Backdoors in the cryptography of IoT devices can lead to system-wide loss of security. Within EPoCH, we attempt to comprehensively understand and counter low-level backdoor attacks.
- More Information: EPoCH webseite.
SecHuman: Security for humans in cyberspace (2016-2021)
SecHuman is a graduate school focusing on security for humans in cyberspace from an inter- and transdisciplinary perspective. 13 PhD students with backgrounds in cyber security, engineering, mathematics, law, psychology, and social sciences come together to solve current research questions in the field of cyber security. Companies as well as partners from politics serve as advisors, ensuring that the questions in focus are of relevance for society. Besides the technical disciplines, researchers from various fields including education, journalism, linguistics, media science, peace research, as well as social science serve as principal investigators in the project. The PhD school is part of the Horst Görtz Institute, one of the leading institutes in cyber security. The graduate school SecHuman is funded by the North Rhine-Westphalian Ministry of Culture and Science (MKW). Besides the Ruhr University Bochum also the FH Dortmund as well as the TU Dortmund are partners in this project.
- More Information: SecHuman Webseite.
VeriSec - Computergestützte Erzeugung und Verifikation von Maskierungen in kryptographischen Implementierungen (2017-2019)
Masking tries to break the connection between the secret protected data and the side-channel information obtained by an attacker. To this end, all intermediate values of a cryptographic operation will be masked with a random value. The goal of the project VeriSec is to develop tools that can automatically mask an unprotected implementation and further, tools that can automatically analyze a masked implementation regarding possible side-channels. Opposed to solely theoretical approaches known in literature, we ensure the functionality of the tools by a practical modeling of the side-channel information through concrete measurements.
- More Information: VeriSec webseite.
SysKit - A Development Tool for Secure Communications in Industry 4.0 (2017-2019)
The project deals with the creation of a development tool called Syskit. It is meant to facilitate the planning and creation of secure communications solutions targeted to the specific needs of Industry 4.0 applications. Based on a library of communications modules and secure hardware and software components, SysKit enables the implementer to optimize and test communications systems. SysKit can take different requirement such as reliability or real-time and energy constraints into account.
To implement this novel communications solution, new secure and attack-resistant communication technologies will be actively researched and developed. This includes multi-antenna radio technology, which is able to bundle signals and send them towards the receiver, instead of broadcasting them. It thereby highly impedes any effort to eavesdrop. Furthermore, a dynamic change in communications parameters aims to harden the system against active injection of interfering signals. Apart from security, energy efficiency is a vital concern in Industry 4.0 as many electrical components are battery-powered. Hence, this project will include research on lightweight-cryptography and its technical realization.
- More Information: SysKit webseite.
Research Training Group UbiCrypt - Cryptography in Ubiquitous Computing (2012-2017)
In today's brave new digital world mobile multimedia services à la iTunes or Amazon's Kindle, intelligent web applications, medical implants that communicate or car-to-car communication have become reality. Many of the new applications are heavily dependent on security features, for instance telemedicine or intelligent traffic management. In UbiCrypt 13 Ph.D. candidates and post-docs investigate cryptographic mechanisms for security solutions in ubiquitous computing. A central goal of UbiCrypt is an interdisciplinary and structured Ph.D. training program combined with cutting-edge research.
- More Information: UbiCrypt webseite.
The goal of the BMBF-founded project PhotonFX² is the development of a new class of photonic attacks on semiconductor-based security structures and functions. For the first time, otherwise separately examined photonic emission analysis and photonic fault injection are integrated into a novel and unique optical system. The fundament for this purpose is established by the projects PhotonDA and EXSET, also founded by the BMBF. Consequential knowledge on the combination of active and passive (photonic) attacks can be directly used to for the development of countermeasures and hardened implementations.
- More Information: PhotonFX² website.
UNIKOPS - Universal configurable Security-solutions (2013-2015)
The project UNIKOPS is a collaboration with the University of Applied Science Furtwangen, the Leibniz Institute for innovative microelectronics in Frankfurt (Oder), and ESCRYPT- Embedded Security. We are working towards universal configurable security-solutions for embedded devices and systems. Exemplary applications include emergency call systems and systems for daily-life security like fire alarm boxes and automatic shut-off mechanisms for ovens. The aim of the project is to better detect and prevent attacks on those systems.
- More Information: UNIKOPS website.
PROPHYLAXE – Security for the Internet of Things (2013-2015)
In the context of the PROPHYLAXE-project an entirely new paradigm for generating cryptographic keys will be developed. The approach is based on a common estimation of the transmission channel by the sender and receiver whereby the secret key will be derived from channel parameters. It shall be considered that the channel between two communication nodes is reciprocal and the entropy of spatial, temporal, and spectral characteristics is sufficiently high. Note, most practical channels present these requirements.
- More information: PROPHYLAXE website.
Bitstream Encryption - Breaking the anti-counterfeiting scheme of FPGAs (2011-2013)
The bitstream encryption feature of Xillinx FPGAs allows users to protect their designs from being copied, altered
or reversed engineered. To achieve this goal, the configuration file that is loaded into the device at powere-up is
stored inside the external configuration memory in an encrypted form. The encrypted file will then be read by the
FPGA and internally decrypted. The secret decryption key is stored in a special area of the FPGA. To use the
bitstream encryption, Xillinx design tools offer features to generate an encrypted bitstream with corresponding
keyfile and allow to program them into the FPGA. The secret key used for encryption/decryption can be selected by
We analyzed the security of this protection mechanism and found that it can be circumvented by means of side-channel analysis. This class of methods analyze the power consumption of an electronic device to obtain insights of the internally processed data. In this case we employed a differential power analysis, or DPA, attack to extract the secret key that is used to decrypt the bitstream inside the FPGA during configuration.
- More information: Bitstream Encryption Analysis website.
In the BMBF supported project EXSET recent penetration methods from academia will be adjusted and improved to be
employed in real-world security evaluation processes. Two groups from academia are jointly working with the two
major German side-channel evaluation laboratories to bring the latest technology from universities industrial
applications. First active attacks are evaluated, which probe the resistance of security sensitive embeded devices
against physical perturbation by means of light, voltage manipulations of electromagnetic discharges. In parallel
pure passive analysis methods are implemented exploiting the massively-parallel architecture of modern
graphicprocessors. These passive methods allow to rate the attackresistance of devices by means of analysing its
physical behaviour (e.g., power consumption or electromagnetic radiation). The developed tools are tested and rated
in real-world evaluation scenarios and will finally been merged together to a state-of-the-art prototype test bench.
- More information: EXSET website (only available in German).
ECRYPT II (2008-2013)
We are also one of the partners of ECRYPT II, the successor of ECRYPT. ECRYPT II - European Network of Excellence for Cryptology II is a 4-year network of excellence funded within the Information & Communication Technologies (ICT) Programme of the European Commission's Seventh Framework Programme (FP7) under contract number ICT-2007-216676. It falls under the action line Secure, dependable and trusted infrastructures. ECRYPT II started on 1 August 2008. Its objective is to continue intensifying the collaboration of European researchers in information security. Our main activity is within Virtual Applications and Implementations Research Lab (VAMPIRE).
- More information: ECRYPT website.
ECRYPT I (2004-2008)
We were engaged in ECRYPT, the European Network of Excellence for
Cryptology. ECRYPT was a 4-year network of excellence funded by the European Commission under contract number
IST-2002-507932 and was launched on February 1st, 2004. Its objective was to intensify the collaboration of European
researchers in information security, and more in particular in cryptology and digital watermarking. HGI Bochum and
DTU Copenhagen were the leaders of the Secure and
efficient implementations virtual lab (VAMPIRE).
- More information: ECRYPT website.
In SCAAS, automotive suppliers and research facilities cooperate to address passive and active side-channel analysis
for security applications in the automotive industry. It is expected that agile and well-organized attackers will
use side-channel attacks for manipulations in the automotive sector in near future, which is a serious threat for
manufacturers, suppliers and consumers. Because of long production cycles in the automotive sector, an early
investigation is essential. The goal of this project is to increase the security and the safety of future automotive
products with side-channel resistant cryptographic implementations.
After the threat-analysis of existing automotive applications the constructive main goal is to develop and adapt efficient low-cost countermeasures in software for typical microcontrollers in the automotive sector. The hardened implementations will be tested with penetration tests in terms of passive side-channel analysis, fault injections attacks and a combination of both. It is intended to incorporate the results of this project into future standards like HIS and AUTOSAR, product development, scientific dissemination and education of undergraduate and graduate students.
- More information: SCAAS Webseite
Due to the increasing mobility of computing-devices such as smartphones or tablets, the requirements regarding the
storage of data have changed. Considering the paradigma of storing data "in the cloud" - and with an eye on recent
security breaches in this context - it is obvious that new mechanisms are needed to ensure the confidentiality of
In this project, new concepts for „Secure Ad-hoc On Demand Virtual Private Storage“ will be developed. A key feature will be to to ensure that all data stored "in the cloud" is encrypted and the corresponding keys are stored on highly secure smartcards.
- More information: SEC2 website.
In the field of soft- and hardwaredevelopment for embedded and mobile systems the attackresistance of security sensitive modules with respect to side-channel analysis is of crucial importance. Efficient tools for analysis are in general based on sophisticated stochastic methods. The next generation of attackmethods especially consists of variants and improvements of these methods. This poses a major threat to embedded systems. By embedding side-channel analysis into the design and development processes for new products, the same tools can be used to strengthen the proactive protection and hardening of the involved components. The BMBF project RESIST aims to deliver new approaches and tools for side-channel analysis to constructively support the developmentprocess. These approaches are based on novel tools and methods. By embedding the analysis tools in a sound theoretical mathematical framework, the general level of trust in security and risk analyses can be improved.
KeeLoq - Physical Cryptoanalysis A complete break of an access control system (2008-2010)
The KeeLoq encryption algorithm is widely used for security relevant applications, e.g., in the form of passive
Radio Frequency Identification (RFID) transponders for car immobilizers and in various access control and Remote
Keyless Entry (RKE) systems, e.g., for opening car doors and garage doors.
We present the first successful DPA (Differential Power Analysis) attacks on numerous commercially available products employing KeeLoq.
We further propose a new eavesdropping attack for which monitoring of two ciphertexts, sent from a remote control employing KeeLoq code hopping (car key, garage door opener, etc.), is sufficient to recover the device key of the remote control. Hence, using the methods described by us, an attacker can clone a remote control from a distance and gain access to a target that is protected by the claimed to be "highly secure" KeeLoq algorithm.
- More information: KeeLoq website.
The project "Ubiquitous Sensing and Security in the European Homeland" (UbiSec&Sens) deals among other things with
wireless sensore networks. Eight partners of industry, universities and research facilities from all over Europe are
involved in this project. By the European Commission it is founded as Target Research Project under the 6th
- More information: UbiSec&Sens website.