Christian Weinert’s research while affiliated with Technical University of Darmstadt and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (4)


AirCollect: efficiently recovering hashed phone numbers leaked via Apple AirDrop
  • Conference Paper

June 2021

·

78 Reads

·

1 Citation

·

Matthias Hollick

·

·

[...]

·

Christian Weinert

RiCaSi: Rigorous Cache Side Channel Mitigation via Selective Circuit Compilation

December 2020

·

17 Reads

·

4 Citations

Lecture Notes in Computer Science

Cache side channels constitute a persistent threat to crypto implementations. In particular, block ciphers are prone to attacks when implemented with a simple lookup-table approach. Implementing crypto as software evaluations of circuits avoids this threat but is very costly. We propose an approach that combines program analysis and circuit compilation to support the selective hardening of regular C implementations against cache side channels. We implement this approach in our toolchain RiCaSi. RiCaSi avoids unnecessary complexity and overhead if it can derive sufficiently strong security guarantees for the original implementation. If necessary, RiCaSi produces a circuit-based, hardened implementation. For this, it leverages established circuit-compilation technology from the area of secure computation. A final program analysis step ensures that the hardening is, indeed, effective.



Citations (4)


... We quantify the practical efforts for service providers (or attackers who gain access to the server) for efficiently reversing hash values received from users by evaluating three approaches: (i) generating large-scale key-value stores of phone numbers and corresponding hash values for instantaneous dictionary lookups, (ii) hybrid brute-force attacks based on hashcat [94] and "John The Ripper" (JTR) [75], and (iii) a novel rainbow table construction. This involves bypassing scale limitations of existing key-value stores, reviewing source code of brute-force implementations to understand and avoid their performance bottlenecks, and implementing our own software when none exists, e.g., we implement our rainbow table construction in our own tool "RainbowPhones" for which already other use cases appeared [43]. ...

Reference:

Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations
AirCollect: efficiently recovering hashed phone numbers leaked via Apple AirDrop
  • Citing Conference Paper
  • June 2021

... [60,62]. Interestingly enough, as opposed to the argument in [28,43] suggesting the side-channel resiliency of garbled circuits, Levi et al. have recently demonstrated a sidechannel attack against garbling schemes leveraging the free-XOR optimization [37]. HWGN 2 is not susceptible to this attack since PFE is taken into account to make the function private. ...

RiCaSi: Rigorous Cache Side Channel Mitigation via Selective Circuit Compilation
  • Citing Chapter
  • December 2020

Lecture Notes in Computer Science

... SANCTUARY is a generic Trusted Execution Environment (TEE) solution that paves the road for protecting on-device ML models. Based on SANCTUARY, OMG [27] provides a prototype implementation of user-space enclaves to protect both client data and model privacy for TensorFlow Lite models. OMG can protect the whole model while lacking support for GPU acceleration and easy adaptation. ...

Offline Model Guard: Secure and Private ML on Mobile Devices
  • Citing Conference Paper
  • March 2020

... This is why prior privacy-preserving systems either have to run a model as large as 1.5 GB on device defeating the benefit of cloud offloading (Ahmed et al., 2020), or dodge the problem altogether by making the cloud infer only speech intents instead of transcripts , which prevents downstream tasks such as text/image generation. Hardware based keyword filtering such as (Olade et al., 2019) introduces a power heavy, computationally expensive intermediary device between the user and smart speaker; (Brasser et al., 2018) runs inference in a memory intensive trusted execution environment (TEE) -our overhead on commodity hardware is significantly lower (ref. §6.4). ...

VoiceGuard: Secure and Private Speech Processing
  • Citing Conference Paper
  • September 2018