Liran Lerman

PhD thesis (2015)

• A Machine Learning Approach for Automatic and Generic Side-Channel Attacks

master thesis (2010)

• Cryptanalyse par analyse de consommation : une approche basée sur l'apprentissage automatique

research project

• SCAUT (July 2015 - February 2018)
• CRYPTASC (February 2011 - September 2011)
• ARMURS (May 2010 - August 2010)

international contests

• DPAContest V4.1 (September 19, 2013; February 16, 2014; and March 6, 2014)

publications

Journal:

1. Lerman L., Markowitch O. Efficient profiled attacks on masking schemes. IEEE Transactions on Information Forensics & Security, 14(6):1445-1454, 2019 [bibtex].
2. Lerman L., Veshchikov N., Markowitch O., Standaert F.-X. Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling. IEEE Transactions on Computers, 67(2):268-283, 2018 [pdf] [bibtex].
3. Veshchikov N., Fernandes Medeiros S., Lerman L. Variety of scalable shuffling countermeasures against side channel attacks. Journal of Cyber Security and Mobility, 5(3):195-232, 2017. [pdf] [bibtex].
4. Lerman L., Poussier R., Markowitch O., Standaert F.-X. Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version. Journal of Cryptographic Engineering, 8(4):301-313, 2018. [pdf] [bibtex].
5. Lerman L., Martinasek Z., Markowitch O. Robust profiled attacks: should the adversary trust the dataset?. IET Information Security, 11(4):188-194, 2017. [pdf] [bibtex].
6. Lerman L., Bontempi G., Markowitch O. The bias-variance decomposition in profiled attacks. Journal of Cryptographic Engineering, 5(4):1-13, 2015. [pdf] [bibtex].
7. Lerman L., Bontempi G., Markowitch O. A Machine Learning Approach Against a Masked AES. Journal of Cryptographic Engineering, 5(2):123-139, 2015. [pdf] [bibtex].
8. Lerman L., Bontempi G., Markowitch O. Power analysis attack: an approach based on machine learning. International Journal of Applied Cryptography, 3(2): 97-115, 2014. [pdf] [bibtex].

Conference/Workshop:

1. Andrikos C., Batina L., Chmielewski L., Lerman L., Mavroudis V., Papagiannopoulos K., Perin G., Rassias G., Sonnino A. Location, Location, Location: Revisiting Modeling and Exploitation for Location-Based Side Channel Leakages . In the Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2019, volume 11923 of Lecture Notes in Computer Science, pages 285-314, Springer, 2019. [pdf] [bibtex]
2. Lerman L., Veshchikov N., Picek S., Markowitch O. Higher Order Side-Channel Attacks Resilient S-boxes. In the Proceedings of ACM International Conference on Computing Frontiers, CF 2018, pages 336-341, ACM, 2018. [pdf] [bibtex].
3. Andrikos C., Rassias G., Lerman L., Papagiannopoulos K., Batina L. Location-based leakages: New directions in modeling and exploiting. In the Proceedings of International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation, SAMOS 2017, pages 246-252, 2017. [pdf] [bibtex].
4. Lerman L., Veshchikov N., Picek S., Markowitch O. On the Construction of Side-Channel Attack Resilient S-boxes. In the Proceedings of International Workshop on Constructive Side-Channel Analysis and Security Design, COSADE 2017, volume 10348 of Lecture Notes in Computer Science, pages 102-119, Springer, 2017. [pdf] [bibtex].
5. Lerman L., Markowitch O., Veshchikov N. Comparing Sboxes of Ciphers from the Perspective of Side-Channel Attacks. In the Proceedings of IEEE Asian Hardware Oriented Security and Trust Symposium, AsianHOST 2016. [pdf] [bibtex].
6. Fernandes Medeiros S., Gérard F., Veshchikov N., Lerman L., Markowitch O. Breaking Kalyna with Side Channel Attacks. In the Proceedings of International Conference on Security, Privacy and Applied Cryptographic Engineering, SPACE 2016, volume 10076 of Lecture Notes in Computer Science, pages 402-414, Springer, 2016. [bibtex].
7. Lerman L., Poussier R., Bontempi G., Markowitch O., Standaert F.-X. Template Attacks vs. Machine Learning Revisited (and the Curse of Dimensionality in Side-Channel Analysis). In the Proceedings of International Workshop on Constructive Side-Channel Analysis and Security Design, COSADE 2015, volume 9064 of Lecture Notes in Computer Science, pages 20-33, Springer, 2015. [pdf] [bibtex].
8. Lerman L., Fernandes S., Bontempi G., Markowitch O. A Machine Learning Approach Against a Masked AES. In the Proceedings of 12th Smart Card Research and Advanced Application Conference, CARDIS 2013, volume 8419 of Lecture Notes in Computer Science, pages 61-75, Springer International Publishing, 2014. [pdf] [bibtex].
9. Lerman L., Bontempi G., Ben Taieb S., Markowitch O. A time series approach for profiling attack. In the Proceedings of 3rd International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2013, volume 8204 of Lecture Notes in Computer Science, pages 75-94, Springer, 2013. [bibtex].
10. Lerman L., Nakahara Jr. J., Veshchikov N. Improving Block Cipher Design by Rearranging Internal Operations. In the Proceedings of 10th International Conference on Security and Cryptography, SECRYPT 2013, 29-31 July 2013, Reykjavik, Iceland. [bibtex].
11. Lerman L., Fernandes S., Veshchikov N., Meuter C., Bontempi G., Markowitch O. Semi-Supervised Template Attack. In the Proceedings of 4nd International Workshop on Constructive Side-Channel Analysis and Security Design (COSADE 2013), volume 7864 of Lecture Notes in Computer Science, pages 184-199, Springer Berlin Heidelberg, 2013. [bibtex].
12. Lerman L., Markowitch O., Nakahara Jr. J. (2012) Key Management as a Service. In the Proceedings of 9th International Conference on Security and Cryptography, SECRYPT 2012. [bibtex].
13. Lerman L., Bontempi G., Markowitch O. (2011) Side Channel Attack: an Approach based on Machine Learning. In the Proceedings of 2nd International Workshop on Constructive Side-Channel Analysis and Security Design, COSADE 2011. [pdf] [bibtex].

reviewer for

Journal: Advances in Software Engineering Journal (2012), Electronics and Telecommunications Research Institute Journal (2014), Elsevier Procedia Computer Science, Information Processing Letters (Elsevier journal 2016), IEEE Transactions on Information Forensics and Security (2017, 2018, 2019, 2021), IEEE Transactions on Dependable and Secure Computing (2017, 2018), China Communications (2017), IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (2018), Journal of Cryptographic Engineering (2018, 2019), IET Information Security (2018), IEEE Access (2019), Microprocessors and Microsystems (Elsevier journal 2020).

Conference/Workshop: SECRYPT2011, DMIN12, SECRYPT2012, DMIN13, ESANN2014, ISPEC2014, ACNS2014, CHES2014, ECMLPKDD2014, COSADE2015, SECRYPT2015, ACM CCS 2015, ECML/PKDD Workshop AALTD'2015, CARDIS2015, SECRYPT2016, ESORICS2016, AFRICACRYPT2017, SECRYPT2017, Dexa 2017 - Trustbus, ESORICS2017, ESORICS2018, AIHWS 2020, AIHWS 2021.