-
In this program, you will learn about side channels in software and hardware. In software, we will focus on different types of caches, that are one of the main targets in software-based side-channel attacks.
On the hardware side, we will mount power analysis attacks on the cryptographic algorithms RSA and AES. We will see that simple power analysis attacks and differential power analysis attacks are powerful enough to obtain fine-grained information such as cryptographic keys, user input, or secrets of the operating system. This skill set and knowledge will give you the ability to spot these side channels in hardware and software projects. We will then cover countermeasures and mitigation strategies that allow you to develop side-channel-resilient hardware and software and protect your security-critical applications and sensitive information.
In both courses, you will practically apply the acquired skills in simple exercises based on measurements you perform on your own computer or measurements we obtained from physical devices, that we provide to you. Both courses require rudimentary programming skills (C, C++, Python). We will provide you with the knowledge required beyond these, including basics on operating systems, computer architecture, and hardware design.
Daniel Gruss is an internationally renowned expert in side-channel research and has written many seminal works in this field and presented them at renowned international conferences, especially on transient-execution attacks that affected the entire industry and defenses that have been implemented in all operating systems.
-
Courses under this program:
Course 1: Cache Side-Channel Attacks and MitigationsSoftware-based side-channel attacks can pose a severe security threat in practice. In this course, we focus on a particularly prominent case: caches and cache side-channel attacks and we will go beyond the basic Flush+Reload attack. You will work with different cache side channels and understand where timing differences in architectures originate. You will learn which mechanisms can mitigate specific side-channel techniques in practice.
Course 2: Physical and Advanced Side-Channel AttacksSoftware-based and physical side-channel attacks have similar techniques. But physical attacks can observe properties and side effects that are usually not visible on the software layer. Thus, they are often considered the most dangerous side-channel attacks. In this course, we learn both about physical side-channel attacks but also about more advanced software-based side channels using prefetching and branch prediction. You will work with these attacks and understand how to mitigate them.
