Static Analysis of Cache Side Channels
Event details
| Date | 09.04.2014 |
| Hour | 12:15 |
| Speaker | Dr Boris Köpf, IMDEA Software, Madrid |
| Location | |
| Category | Conferences - Seminars |
Side-channel attacks recover secret inputs to programs from physical characteristics of computations, such as execution time or power consumption. CPU caches are a particularly rich source of side channels because their behavior heavily impacts execution time and can be monitored in various ways.
CacheAudit is a novel platform that enables the automatic, static analysis of such cache side channels; it takes as input a program binary and a cache configuration, and it derives formal, quantitative security guarantees for a comprehensive set of side-channel adversaries, namely those based on observing cache states, traces of
hits and misses, and execution times.
In this talk I will present the theoretical foundations and the architecture of CacheAudit, and the results we obtain when analyzing library implementations of symmetric cryptosystems such as AES or Salsa. I will conclude with an outlook on how CacheAudit can be used for engineering certified proofs of security of leakage-resilient cryptosystems on platforms with concurrency and caches.
Bio: Boris is an assistant research professor at the Madrid Institute of Advanced Studies in Software Development Technologies (IMDEA Software). Prior to joining IMDEA Software he was a postdoctoral researcher at the Max Planck Institute for Software Systems and a PhD student at ETH Zurich.
CacheAudit is a novel platform that enables the automatic, static analysis of such cache side channels; it takes as input a program binary and a cache configuration, and it derives formal, quantitative security guarantees for a comprehensive set of side-channel adversaries, namely those based on observing cache states, traces of
hits and misses, and execution times.
In this talk I will present the theoretical foundations and the architecture of CacheAudit, and the results we obtain when analyzing library implementations of symmetric cryptosystems such as AES or Salsa. I will conclude with an outlook on how CacheAudit can be used for engineering certified proofs of security of leakage-resilient cryptosystems on platforms with concurrency and caches.
Bio: Boris is an assistant research professor at the Madrid Institute of Advanced Studies in Software Development Technologies (IMDEA Software). Prior to joining IMDEA Software he was a postdoctoral researcher at the Max Planck Institute for Software Systems and a PhD student at ETH Zurich.
Practical information
- General public
- Free
Organizer
- Bayrak Ali Galip <aligalip.bayrak@epfl.ch>
Contact
- Bayrak Ali Galip <aligalip.bayrak@epfl.ch>