Prof. Dr. Ing. Ahmad-Reza Sadeghi

Professor - System Security Lab

Mornewegstrasse 32
D-64293 Darmstadt
GERMANY

Room:4.1.06
Tel:+49 (0)6151 16 - 25328
Email:

ahmad.sadeghi(a-t)trust.tu-darmstadt.de  PGP-Key  S/MIME Certificate

Website:http://​trust.​tu-darmstadt.​de

 

 

Short CV

Ahmad-Reza Sadeghi is a full Professor of Computer Science at the Technische Universität Darmstadt, in Germany, where he heads the System Security Lab.  Since January 2012 he is also the Director of Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He is a member of the profile area CYSEC of TU Darmstadt.

He received his PhD in Computer Science with the focus on privacy protecting cryptographic protocols and systems from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications.  He has been leading and involved in a variety of national and international research and development projects on design and implementation of Trustworthy Computing Platforms and Trusted Computing, Security Hardware, and Applied Cryptography. He has been serving as general or program chair as well as program committee member of major conferences and workshops in Information Security and Privacy. He is Editor-In-Chief of IEEE Security and Privacy Magazine, and on the editorial board of ACM Books. He served 5 years on the editorial board of the ACM Transactions on Information and System Security (TISSEC), and was guest editor of the IEEE Transactions on Computer-Aided Design (Special Issue on Hardware Security and Trust).

Prof. Sadeghi has been awarded with the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements with high impact on industrial innovations in Germany. Further, his group received German IT Security Competition Award 2010. 

 

Book: Towards Hardware-Intrinsic Security 

"This book will prove to be very interesting for professionals in the hardware security field. It covers almost every aspect of this area, with excellent papers written by experts."

Javier Castillo, ACM Computing Reviews, June 2011

Academic Activities

 

ACM Books, Area Editor (Security and Privacy)

General Chair

  • ACM Conference on Computer and Communications Security (ACM CCS) 2013
  • International Conference on Trust and Trustworthy Computing (TRUST) 2010

Program (Co-) Chair

  • Financial Cryptography and Data Security (FC) 2013
  • ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) 2013
  • International Conference on Cryptology and Network Security (CANS) 2012
  • International Workshop on Trustworthy Embedded Devices (TrustED) 2012
  • SecureCloud 2012
  • ACM Workshop on Digital Rights Management (ACM DRM) 2011
  • ACM Workshop on Scalable Trusted Computing (ACM STC) 2011
  • International Conference on Trust and Trustworthy Computing (TRUST) 2011

Program Committee

  • IEEE Workshop on Mobile Security Technologies (MoST), co-located with IEEE S&P, 2013
  • IEEE Symposium on Security & Privacy (IEEE S&P) 2013
  • ACM Conference on Computer and Communications Security (ACM CCS) 2012
  • Network & Distributed System Security Symposium (NDSS) 2013, 2012
  • ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) 2012
  • European Symposium on Research in Computer Security (ESORICS) 2013, 2012, 2011
  • ACM Symposium on Information, Computer and Communications Security (AsiaCCS) 2013, 2012
  • ACM Conference on Data and Application Security and Privacy (CODASPY) 2013
  • ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (ACM SPSM) 2012
  • ACM Cloud Computing Security Workshop (ACM CCSW) 2012
  • Workshop on RFID Security and Privacy (RFIDSec) 2012
  • Conference on Privacy, Security and Trust (PST) 2012
  • ACM SIGHIT International Health Informatics Symposium (IHI) 2012
  • IEEE International Workshop on Information Forensics and Security (WIFS) 2012
  • IEEE Symposium on Hardware-Oriented Security and Trust (HOST) 2012, 2009
  • Information Hiding Conference (IH) 2012, 2011
  • International Conference on Current Trends in Theory and Practice of Computer Science (SOFSEM) 2012, 2011
  • International Multidisciplinary Privacy Award (CPDP MPA) 2012, 2011
  • Smart Card Research and Advanced Application Conference (CARDIS) 2012
  • Financial Cryptography and Data Security (FC) 2011, 2006, 2005
  • Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2011, 2005
  • International Conference on Applied Cryptography and Network Security (ACNS) 2011, 2010
  • International Conference on Information Security and Cryptology (ISISC) 2011
  • Computer & Electronics Security Applications Rendez-vous (C&ESAR) 2011
  • International Conference on Network and System Security (NSS) 2011
  • International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2011
  • International Conference on Trusted Systems (INTRUST) 2011, 2010, 2009
  • International Workshop on Trustworthy Embedded Devices (TrustED) 2011
  • Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications (LightSec) 2011
  • Workshop on Real-Life Cryptographic Protocols and Standardization (RLCPS) 2011, 2010
  • Workshop on Secure Data Management (SDM) 2011
  • International Conference on E-voting and Identity (VoteID) 2009
  • ACM Workshop on Scalable Trusted Computing (ACM STC) 2008, 2006
  • Benelux Workshop on Information and System Security 2006
  • International Conference on Cryptology in India (INDOCRYPT) 2006
  • International Workshop on Digital Watermarking (IWDW) 2006
  • International Workshop on Information Security Applications (WISA) 2006
  • Workshop on Advances in Trusted Computing (WATC) 2006
  • ACM Workshop on Digital Rights Management (ACM DRM) 2005, 2004, 2003
  • Information Security and Hiding (ISH) 2005
  • New Security Paradigm Workshop (NSPW) 2005, 2004
  • SKOLIS Conference on Information Security and Cryptography (CISC) 2005
  • European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS) 2004

Publications

A Security Framework for Analysis and Design of Software Attestation

Author Frederik Armknecht, Ahmad-Reza Sadeghi, Steffen Schulz, Christian Wachsmann
Date November 2013
Kind Inproceedings
PublisherACM Press
Book titleACM Conference on Computer and Communications Security (CCS)
Pages1-12
Keywordssoftware attestation, security framework, keyless cryptography
KeyTUD-CS-2013-0124
Research Areas ICRI-SC, System Security Lab, CASED, Secure Things
Abstract Software attestation has become a popular and challenging research topic at many established security conferences with an expected strong impact in practice. It aims at verifying the software integrity of (typically) resource-constrained embedded devices. However, for practical reasons, software attestation cannot rely on stored cryptographic secrets or dedicated trusted hardware. Instead, it exploits side-channel information, such as the time that the underlying device needs for a specific computation. As traditional cryptographic solutions and arguments are not applicable, novel approaches for the design and analysis are necessary. This is certainly one of the main reasons why the security goals, properties and underlying assumptions of existing software attestation schemes have been only vaguely discussed so far, limiting the confidence in their security claims. Thus, putting software attestation on a solid ground and having a founded approach for designing secure software attestation schemes is still an important open problem. We provide the first steps towards closing this gap. Our first contribution is a security framework that formally captures security goals, attacker models, and various system and design parameters. Moreover, we present a generic software attestation scheme that covers most existing schemes in the literature. Finally, we analyze its security within our framework, yielding sufficient conditions for provably secure software attestation schemes. We expect that such a consolidating work allows for a meaningful security analysis of existing schemes and supports the design of arguably secure software attestation schemes and will inspire new research in this area.
Website http://eprint.iacr.org/2013/083
Full paper (pdf)
[Export this entry to BibTeX]
[Back to List-View]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang