Seminar: Side-Channel Attacks on Software

Form: Seminar - 3 CP (2 SWS)
Organizer: Prof. Dr. Heiko Mantel
Contact: Tobias Hamann, Alexandra Weber
Time and place:
Block seminar on 1 or 2 days, tentative dates:
Thursday, 13.06.2019 and Friday, 14.06.2019
in room S2|02 A126
(please reserve both days, the exact schedule will be determined depending on the actual number of participants)
Language: English
Registration:  via TUCaN, course id 20-00-0798-se
Max. participants:
TBA
Preparation Meeting: Thursday, 18.04.2019, 15:20
in room S2|02 A213

Literature: Will be announced during the preparation meeting
  

Material

Materials for the seminar, including the list of articles that we discuss, will be available in moodle.

Content

In this seminar we will discuss research articles on different aspects of side-channel attacks on software as well as countermeasures against them. Exemplary topics include:

  • side-channel attacks on cryptographic software,

  • side-channel attacks on web applications,

  • side-channel attacks on operating systems,

  • side-channel attacks on mobile devices,

  • side-channel attacks in the cloud.

Side channels are unintended indirect flows of information revealed by physical executions of a computer program. Examples of side channels include program's running time, cache behavior, power consumption, electromagnetic or acoustic emanation, etc. Such unintended flows of information can be correlated to secrets e.g., private cryptographic keys, and this makes side channels a severe security vulnerability. During a side-channel attack the hacker collects the information revealed through side channels, carefully analyzes this information, and recovers the secrets from it. Due to improvements in security protection mechanisms traditional security vulnerabilities like programming bugs are getting harder to exploit, and that is why side channels are becoming now more and more attractive to hackers.

Read how you can exploit acoustic side channels to extract private keys from RSA!

Learning Objectives

After successfully participating in this seminar you will know the concept and examples of side-channel attacks on software. You will understand the severity of side-channel vulnerabilities, their pervasiveness, and how to protect selected systems against them. You will have improved you skills in reading and understanding scientific articles, in presenting scientific results, and in discussing and comparing of approaches.

Prerequisites

Knowledge of Computer Science equivalent to the first four semesters in the Computer Science Bachelor program.

Last modified on 7 March 2019.

A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang