Lecturer: | Dr. Artem Starostin |
Form: | Integrated course (IV4) - 6CP |
Language: | English |
Place and time: | S2|02 C120, Mondays 18:05-19:45 and Wednesdays 9:50-11:30, starting from 14.10.15 |
Exams: | Mid-term: 18.11.15 at 9:50 in S101/A04, Final: 10.02.16 at 9:50 in S101/A04 |
Registration: | in TUCaN (course id 20-00-0927-iv) |
Max. participants: | 80 |
Slides and exercise are available in Moodle.
In this course we will study methods for detection, exploitation, assessment and mitigation of side channels in software. Covered topics will include:
Side channels are unintended communication channels that transmit information during the execution of programs. Running time, power consumption, electromagnetic radiation, cache behavior, and other characteristics can cause side channels. Side channels may be correlated with secrets processed by programs e.g., private cryptographic keys, and this makes side channels a serious security concern. By exploiting the correlation between the information transmitted through a side channel and the secrets, a hacker can recover the secrets. This is known as a side-channel attack.
Due to improvements in security protection mechanisms, traditional security vulnerabilities, like programming bugs, are getting harder to exploit. That is why, side-channel vulnerabilities are becoming now more and more attractive to hackers. During the last two decades, side-channel attacks have been successfully demonstrated on many cryptographic algorithms (e.g., RSA, AES, DES), protocols (e.g., SSL, TLS, SSH), web applications, operating systems, mobile devices, and the cloud.
Side-channel analysis is the area of computer security that studies detection and assessment of side-channel vulnerabilities, construction of side-channel attacks, and design of proper countermeasures.
This lecture covers important topics which are part of the current research in the collaborative research center CROSSING.
After successfully finishing the course you will be able to
Knowledge of computer science equivalent to the first four semesters in the Computer Science Bachelor program, in particular basic knowledge of cryptography and semantics of programming languages.
Dr. Artem Starostin is a postdoctoral researcher at MAIS, TU Darmstadt. He has a PhD and MSc in Computer Science from Saarland University (Germany) and a Diploma in Software Engineering from Pacific National University (Russia). His research interests are security and software engineering, in particular side-channel analysis and mitigation, information-flow control, and program analysis. He is a member of IEEE and ACM. You can meet him during his office hour on Tuesdays 17:00-17:45 in office E319. |
Last modified on 28 June 2016.