Understanding Side-Channel Threats

Description:

Side-channel attacks exploit the implementation of a system rather than its design. For example, such attacks include extracting cryptographic keys by probing the CPU cache during a decryption operation or through inference from a power analysis trace. Despite a growing set of prominent instances targeting real-world systems such as Spectre and Meltdown, side-channel threats remain poorly understood. There is a dearth of systematic knowledge about the cause of side-channel vulnerabilities and ways to effectively mitigate them. This project seeks to better understand side-channel threats through studying attacks on diverse systems ranging from CPU secure enclaves to cloud-based multi-tenant search systems.

Related Publications: