We are happy to invite you to the next edition of the SILM Seminar:
https://silm-seminar.gitlabpages.inria.fr
Friday, June 18th, 4pm-6pm CEST
remotely (stream): https://silm-seminar.gitlabpages.inria.fr/live/
or remotely (BigBlueButton): https://bbb.irisa.fr/b/las-nqt-ko4-txv access code: 200835
Maria Mendez Real (Université de Nantes) / 4pm-5pm CEST: Security vulnerabilities of energy management systems
Remote attacks exploiting energy management systems from software have recently emerged showing that these latter are vulnerable and can be attacked leading to fault injection, for confidentiality and denial of service attacks. In this talk we present recent work on the implementation on remote attacks targeting Dynamic Voltage and Frequency Scaling and their capabilities on multi-core systems. Finally, we introduce ongoing work on the investigation of exploiting embedded sensors measurements, on which energy managers rely to take runtime decisions, in order to gain information on manipulated data and executed instructions that will otherwise be non-accessible. The proposed methodology has been successfully applied in order to recover AES encryption key.
Daniel Moghimi (UCSD) / 5pm-6pm CEST: Exploring and Synthesizing Microarchitectural Data Sampling Attacks via Transynther
In May 2019, a new class of transient execution attack based on Meltdown called microarchitectural data sampling (MDS), was disclosed. MDS enables adversaries to leak secrets across security domains by collecting data from shared CPU resources such as data cache, fill buffers, and store buffers. These resources may temporarily hold data that belongs to other processes and privileged contexts, which could falsely be forwarded to memory accesses of an adversary.
We perform an in-depth analysis of these Meltdown-style attacks using our novel fuzzing-based approach. We introduce an analysis tool, named Transynther, which mutates the basic block of existing Meltdown variants to generate and evaluate new Meltdown subvariants. We apply Transynther to analyze modern CPUs and better understand the root cause of these attacks. As a result, we find new variants of MDS that only target specific memory operations, e.g., fast string copies.
Based on our findings, we propose a new attack, named Medusa, which can leak data from implicit write-combining memory operations. Since Medusa only applies to specific operations, it can be used to pinpoint vulnerable targets. In a case study, we apply Medusa to recover the key during the RSA signing operation. We show that Medusa can leak various parts of an RSA key during the base64 decoding stage. Then we build leakage templates and recover full RSA keys by employing lattice-based cryptanalysis techniques.
---
To receive the SILM announcements, please subscribe to the SILM mailing list
https://sympa.inria.fr/sympa/subscribe/silm-seminar
To unsubscribe from the SILM mailing list, send a mail to sympa_inria
inria [*] fr (subject: unsubscribe%20silm-seminar) (sympa_inria[at]inria[dot]fr) with "unsubscribe silm-seminar" as the subject.
Future SILM talks are announced at