Seminarier
2022
Research Seminar
Speaker: Prof. Elena Dubrova, KTH
Title: Breaking cryptographic algorithms using power and EM side-channels.
Time: Tuesday April 19, 13.15
Zoom: kth-se.zoom.us/j/66041535170
Abstract
Side-channel attacks are one of the most efficient physical attacks against implementations of cryptographic algorithms at present. They exploit the correlation between physical measurements (power consumption, electromagnetic emissions, timing) taken at different points during the algorithm's execution and the secret key. In this talk, I will give an introduction to power and EM-based side-channel attacks and present some of our recent results, including a power-based attack on a USIM card and a far field EM-based attack on a Bluetooth device.
Biography
Elena Dubrova received the Diploma Engineer degree in Computer Science from Technical University of Sofia, Bulgaria, in 1993, Ph.D. degree in Computer Science from University of Victoria, B.C., Canada, in 1998. Currently she is a professor in Electronic Systems Design at the School of Information and Communication Technology at Royal Institute of Technology, Stockholm, Sweden.
She held visiting appointments at the University of California at Berkeley in 2003, University of New South Wales, Sydney, in 2002, and University of Queensland, Brisbane, 2005. She has authored over 100 publications in electronic system design. Major contributions include new algorithmic techniques for Boolean decomposition, FPGA technology mapping, probabilistic verification, and binary sequence generation. Some of these algorithms asymptotically reduced complexity of problem solving and lead to order-of-magnitude improvements in practice. Many of them are implemented in software including open-source projects and industrial tools. Her work has been awarded prestigious prices such as IBM faculty partnership award for outstanding contributions to IBM research and development.
Her current research interests include hardware security, lightweight cryptography, and fault-tolerant computing.
Distinguished Speaker Seminar
Speaker: Prof. Virgil Gligor, CMU
Title: How to defend against a remote adversary even on a compromised computer system
Date: Thursday March 24, 15.15
Abstract
The "axioms" of insecurity of commodity computer systems suggest that an adversary will always have an asymmetric advantage over a defender. This implies that remote attacks likely favor the adversary, who can compromise a local user’s system, as often witnessed over the past two decades. In this presentation, I illustrate how a local user can defend against a remote adversary even on an already compromised commoditycomputer system; e.g., a system that contains persistent malware that is controlled by the remote adversary. A key observation is that regardless how secure the isolation of application enclaves may be, on-demand I/O separation must also be provably achieved on commodity systems. Another requirement is that local user must be able to verify on-demand switching from potentially compromised system code to an isolated uncompromised enclave. To accomplish this, a formally verified trusted path must rely on root-of-trust establishment. Finally, I conclude that reversing a remote adversary’s asymmetric advantage over a local defender requires provable local users’ control over their compromised systems beyond that which can be exercised in today. I anticipate that such control will be available on commodity systems within the next few years.
Biography
Virgil D. Gligor is a Professor of Electrical and Computer Engineering at Carnegie Mellon University. His research interests have ranged from access control mechanisms, penetration analysis, and denial-of-service protection, to cryptographic protocols and applied cryptography. Gligor was an Associate Editor of several ACM and IEEE journals and theEditor in Chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST and NSA, the 2011 Outstanding Innovation Award of ACM SIGSAC, and the 2013 Technical Achievement Award of IEEE Computer Society. He was inducted into the National Cyber Security Hall of Fame in 2019.