Professor - System Security Lab
Mornewegstrasse 32
D-64293 Darmstadt
GERMANY
Room: | 4.1.06 |
Tel: | +49 (0)6151 16 - 25328 |
Email: | ahmad.sadeghi(a-t)trust.tu-darmstadt.de PGP-Key S/MIME Certificate |
Website: | http://trust.tu-darmstadt.de |
Ahmad-Reza Sadeghi is a full Professor of Computer Science at the Technische Universität Darmstadt, in Germany, where he heads the System Security Lab. Since January 2012 he is also the Director of Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He is a member of the profile area CYSEC of TU Darmstadt.
He received his PhD in Computer Science with the focus on privacy protecting cryptographic protocols and systems from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications. He has been leading and involved in a variety of national and international research and development projects on design and implementation of Trustworthy Computing Platforms and Trusted Computing, Security Hardware, and Applied Cryptography. He has been serving as general or program chair as well as program committee member of major conferences and workshops in Information Security and Privacy. He is Editor-In-Chief of IEEE Security and Privacy Magazine, and on the editorial board of ACM Books. He served 5 years on the editorial board of the ACM Transactions on Information and System Security (TISSEC), and was guest editor of the IEEE Transactions on Computer-Aided Design (Special Issue on Hardware Security and Trust).
Prof. Sadeghi has been awarded with the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements with high impact on industrial innovations in Germany. Further, his group received German IT Security Competition Award 2010.
"This book will prove to be very interesting for professionals in the hardware security field. It covers almost every aspect of this area, with excellent papers written by experts."
Javier Castillo, ACM Computing Reviews, June 2011
ACM Books, Area Editor (Security and Privacy)
Author | Shaza Zeitouni, Ghada Dessouky, Orlando Arias, Dean Sullivan, Ahmad Ibrahim, Yier Jin, Ahmad-Reza Sadeghi |
---|---|
Date | November 2017 |
Kind | Inproceedings |
Book title | 2017 International Conference On Computer Aided Design (ICCAD'17) |
Location | Irvine, California, US |
Key | TUD-CS-2017-0135 |
Research Areas | S2, CROSSING, System Security Lab, P3, CYSEC |
Abstract | Remote attestation is an important security service that allows a trusted party (verifier) to verify the integrity of the software running on a remote and potentially compromised device (prover). The security of existing remote attestation schemes relies on the assumptions that attacks are software-only and the prover's code cannot be modified at runtime. However, in practice, these schemes can be bypassed in a stronger and more realistic adversary model with physical access to (either off-chip or on-chip) code memory and is hereby capable of controlling and modifying code memory to attest benign code but execute malicious code instead -- leaving the underlying system vulnerable to Time of Check Time of Use (TOCTOU) attacks. In this paper, we first show how to successfully launch TOCTOU attacks on some recently proposed attestation schemes by exploiting physical access to code memory. Then we present the design and proof-of-concept implementation of SMARTER, the first practical runtime remote attestation system that securely attests both the code's binary and its execution in the mentioned stronger adversary model. SMARTER provides resilience against both software- and hardware-based TOCTOU attacks, while incurring minimal area and performance overhead. |