Kolloquium des Studiendekanats Elektrotechnik, Informatik und Mathematik (EIM)
Das Studiendekanat Elektrotechnik, Informatik und Mathematik der Technischen Universität Hamburg (TUHH) freut sich, im Rahmen seines Kolloquiums eine weitere Antrittsvorlesung und einen Forschungsvortrag aus dem Bereich der Security und Kryptographie mit der gesamten TUHH und mit der Öffentlichkeit zu teilen. Dieses Kolloquium des Dekanats EIM beginnt am
Freitag, den 7. Januar 2022 ab 10:30 Uhr
mit folgendem kurzen Programm:
10:30 Uhr: Antrittsvorlesung „Security for Safety and Resilience“. Prof. Sibylle Fröschle, Institut für Sichere Cyber-Physische Systeme, Technische Universität Hamburg (TUHH)
11:15 Uhr: Post-Quantum Crypto: The Embedded Challenge. Dr. Joppe Bos, Senior Principal Cryptographic Researcher, NXP Semiconductors
Figure 1. Vehicle-2-X Communication standardized by ETSI (European Telecommunications Standards Institute).
Security for Safety and Resilience
Embedded systems are currently undergoing a technological transition towards highly networked automated cyber-physical systems (CPS), cf. Figure 1. Such systems are potentially vulnerable to cyber attacks, and these can have a drastic impact on safety. The news on hacking in the automotive domain is a case in point: it has been shown how an attacker can remotely hack into a vehicle and, for example, disable the brakes (cf. Figure 2). Potentially, such attacks can be escalated to simultaneously hit many vehicles at different locations. The goal of the Institute for Secure Cyber-Physical Systems is to deliver an integrated approach towards the verifiable safety and resilience of CPS in the face of such attacks. To this end we pursue the following three research strands.
In the first strand "Trustworthy Cryptographic Architectures" we devise novel cryptographic architectures driven by concrete CPS applications, and provide the methodology for their specification and verification. For example, we have contributed to the security architecture of the Maritime Connectivity Platform, whose goal is to enable seamless connectivity in the maritime domain and beyond. In the second strand "Security Systems Engineering for Safety" we provide the foundations to obtain integrated safety and security concepts for the level of safety-critical controller networks. In particular, we have provided an in-depth analysis and systematization of the capabilities of an attacker who has gained access into a Controller Area Network, i.e. the type of network that can be found in most vehicles. In the third strand "System-of-Systems Engineering for Resilience" we investigate the risk for the system-of-systems level and how to obtain resilience against multi-instance attacks. In particular, we achieve this by architectural measures that code the physical into the security architecture including location- and hardware-based trust anchors.
In her inaugural lecture, Prof. Fröschle will give an overview of her approach and present highlights of her research within these three strands.
Figure 2. Typical stages in automotive hacking: (1) Gain remote code execution on TCU (Telematics Control Unit). (2) Compromise the Gateway ECU by reflashing. (3) Inject cyber-physical messages, e.g., messages that affect braking, steering, or engine
NXP Semiconductors is known to be one of the world leaders in crypto and security. In this presentation, we highlight one of our long term innovation topics. Post-quantum crypto standards are coming: It doesn’t matter if you believe in quantum computers or not. What is the impact on the billions of embedded devices? Using some typical embedded use-cases, we outline the challenges and show some recent solutions in this area.
Dr. Joppe Bos is a senior principal cryptographic researcher in the competence center crypto & security at NXP Semiconductors, Leuven, Belgium. He is the technical lead of the post-quantum cryptography long term innovation project and head of the Young Crypto Talents group. His research focuses on computational number theory and high-performance arithmetic as used in (lattice-based) public-key cryptography with a focus on embedded devices and is an author of over 40 journal and conference papers on Cryptography, serves as the Secretary for the International Association for Cryptologic Research and is co-editor of the Cryptology ePrint Archive. Previously, he was a post-doctoral researcher in the Cryptography Research Group at Microsoft Research, Redmond, USA and obtained his PhD at EPFL, Lausanne, Switzerland.
Dr. Joppe Bos Competence Center Crypto & Security NXP Semiconductors, Leuven, Belgium