In this program, you will learn about side channels in software and hardware. In software, we will focus on different types of caches, that are one of the main targets in software-based side-channel attacks.
On the hardware side, we will mount power analysis attacks on the cryptographic algorithms RSA and AES. We will see that simple power analysis attacks and differential power analysis attacks are powerful enough to obtain fine-grained information such as cryptographic keys, user input, or secrets of the operating system. This skill set and knowledge will give you the ability to spot these side channels in hardware and software projects. We will then cover countermeasures and mitigation strategies that allow you to develop side-channel-resilient hardware and software and protect your security-critical applications and sensitive information.
In both courses, you will practically apply the acquired skills in simple exercises based on measurements you perform on your own computer or measurements we obtained from physical devices, that we provide to you. Both courses require rudimentary programming skills (C, C++, Python). We will provide you with the knowledge required beyond these, including basics on operating systems, computer architecture, and hardware design.
Daniel Gruss is an internationally renowned expert in side-channel research and has written many seminal works in this field and presented them at renowned international conferences, especially on transient-execution attacks that affected the entire industry and defenses that have been implemented in all operating systems.
