The security of a system is only as good as its weakest link. Even if a system's software is perfectly secure, the complex interactions between the system's hardware and the physical world have not been properly understood. Side-channel attacks exploit unintentional, abstraction-defying leakage from physical devices (such as the device's power consumption, electromagnetic radiation or execution timing variations) to recover otherwise-unavailable secret information.
In this class, we shall review recent papers in the area of side channel attacks and their mitigations. Specific topics include (but not limited to):
Prior experience in low level programing (C / C++ / assembly) is required. Familiarly with basic signal processing (for physical attacks) as well as basic operating system principles (for microarchitectural attacks) will be helpful. The class might also include some basic cryptographic background which is required for understanding attacks on cryptographic systems.
|Sep 3, 2019||Introduction to side channels||Daniel Genkin||Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems||TBD|
|Sep 10, 2019||Remote Timing Attacks Are Practical||TBD||On Subnormal Floating Point and Abnormal Timing||TBD|
|Sep 17, 2019||On the effectiveness of mitigations against floating-point timing channels||TBD||CACHE MISSING FOR FUN AND PROFIT||TBD|
|Sep 24, 2019||Cache attacks and countermeasures: the case of AES||TBD||Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds||TBD|
|Oct 1, 2019||FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack||TBD||Last-Level Cache Side-Channel Attacks are Practical||TBD|
|Oct 15 2019||ARMageddon: Cache Attacks on Mobile Devices||TBD||Drive-By Key-Extraction Cache Attacks from Portable Code||TBD|
|Oct 29, 2019||Foreshadow+Foreshadow-NG||TBD||RIDL and Fallout: MDS attacks||TBD|
|Nov 5, 2019||Electromagnetic Eavesdropping Risks of Flat-Panel Displays||TBD||Keyboard Acoustic Emanations||TBD|
|Nov 12, 2019||Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels||TBD||Introduction to differential power analysis||TBD|
|Nov 19, 2019||Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs||TBD||Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation||TBD|
|Dec 3, 2019||Drammer: Deterministic Rowhammer Attacks on Mobile Platforms||TBD||Flip Feng Shui: Hammering a Needle in the Software Stack||TBD|
|Dec 10, 2019||Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU||TBD||Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks||TBD|