Seminar: Side-Channel Attacks on Software

Form:
Seminar - 3 CP (2 SWS)
Organizer:
Prof. Dr. Heiko Mantel, Dr. Artem Starostin
Dates:
Block seminar on June 11-12, 2015, 9:00-20:00, in E202/E302
(please reserve both days, the exact schedule will be determined depending on the actual number of participants)
Language:
English
Registration:
in TUCAN, course id 20-00-0798-se
Max. participants:
20
Preparation Meeting:
April 14, 2015, 16:15-17:55, in E302

Material

Materials for the seminar, including the list of articles that we discuss, is available in the internal area.

Content

In this seminar we will discuss research articles on different aspects of side-channel attacks on software as well as countermeasures against them. Exemplary topics include:

  • side-channel attacks on cryptographic software,

  • side-channel attacks on web applications,

  • side-channel attacks on operating systems,

  • side-channel attacks on mobile devices,

  • side-channel attacks in the cloud.

Side channels are unintended indirect flows of information revealed by physical executions of a computer program. Examples of side channels include program's running time, cache behavior, power consumption, electromagnetic or acoustic emanation, etc. Such unintended flows of information can be correlated to secrets e.g., private cryptographic keys, and this makes side channels a severe security vulnerability. During a side-channel attack the hacker collects the information revealed through side channels, carefully analyzes this information, and recovers the secrets from it. Due to improvements in security protection mechanisms traditional security vulnerabilities like programming bugs are getting harder to exploit, and that is why side channels are becoming now more and more attractive to hackers.

Read how you can exploit acoustic side channels to extract private keys from RSA!

Sample Articles

You can access PDFs of these articles from the university network. Further articles will be announced during the preparation meeting. We will consider articles from prime conferences in security in order to ensure interesting, significant, high-quality content.

Learning Objectives

After successfully participating in this seminar you will know the concept and examples of side-channel attacks on software. You will understand the severity of side-channel vulnerabilities, their pervasiveness, and how to protect selected systems against them. You will have improved you skills in reading and understanding scientific articles, in presenting scientific results, and in discussing and comparing of approaches.

Prerequisites

Knowledge of Computer Science equivalent to the first four semesters in the Computer Science Bachelor program.

Last modified on 2 December 2016.

A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang