Seminar: Side-Channel Attacks on Software

Form: Seminar - 3 CP (2 SWS)
Organizer: Prof. Dr. Heiko Mantel
Contact: Johannes Schickel
Time and place: Block seminar on 1 or 2 days,
Thursday 01.06 and Friday 02.06.2017
Language: English
Registration: via TUCaN, course id 20-00-0798-se
Max. participants: TBD
Preparation Meeting: Friday, 21.04.2017, 13:30-15:10 in E302
Literature: Will be announced during the preparation meeting

Material

Materials for the seminar, including the list of articles that we discuss, is available in moodle.

Content

In this seminar we will discuss research articles on different aspects of side-channel attacks on software as well as countermeasures against them. Exemplary topics include:

  • side-channel attacks on cryptographic software,

  • side-channel attacks on web applications,

  • side-channel attacks on operating systems,

  • side-channel attacks on mobile devices,

  • side-channel attacks in the cloud.

Side channels are unintended indirect flows of information revealed by physical executions of a computer program. Examples of side channels include program's running time, cache behavior, power consumption, electromagnetic or acoustic emanation, etc. Such unintended flows of information can be correlated to secrets e.g., private cryptographic keys, and this makes side channels a severe security vulnerability. During a side-channel attack the hacker collects the information revealed through side channels, carefully analyzes this information, and recovers the secrets from it. Due to improvements in security protection mechanisms traditional security vulnerabilities like programming bugs are getting harder to exploit, and that is why side channels are becoming now more and more attractive to hackers.

Read how you can exploit acoustic side channels to extract private keys from RSA!

Sample Articles

You can access PDFs of these articles from the university network. Further articles will be announced during the preparation meeting. We will consider articles from prime conferences in security in order to ensure interesting, significant, high-quality content.

Learning Objectives

After successfully participating in this seminar you will know the concept and examples of side-channel attacks on software. You will understand the severity of side-channel vulnerabilities, their pervasiveness, and how to protect selected systems against them. You will have improved you skills in reading and understanding scientific articles, in presenting scientific results, and in discussing and comparing of approaches.

Prerequisites

Knowledge of Computer Science equivalent to the first four semesters in the Computer Science Bachelor program.

A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang