19.09.2024 | 11:00 am - 12:00 pm: Yuval Yarom, Ruhr University Bochum

The lecture will be held as a hybrid event.
The venue for the face-to-face event is TU Darmstadt | Hörsaal Uhrturm (S2|08) | Hochschulstraße 4 | 64289 Darmstadt.
The event will be held online via MS Teams.

If you take part in a presentation, you will have the opportunity to meet and exchange with the key players in cybersecurity in person after the lecture.

Biography

Yuval Yarom is a Professor of Computer Security at Ruhr University Bochum. His research focuses on the interface between the software and the hardware. In particular, He is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He is a recipient of a 2020 ARC Discovery Early Career Award and the 2020 CORE Chris Wallace Award for Outstanding Research, a 2020 Young Tall Poppy. His research has won best paper awards at PLDI 2023, IEEE SP 2019, EuroSys 2019, ApSys 2018, and best student paper award at ICEIS 2020.
Previously, he has been an Associate Professor at the University of Adelaide, the Vice President of Research in Memco Software, and a co-founder and Chief Technology Officer of Girafa.com. Yuval earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively.


Turing-Complete Cache Attacks

Abstract

Over the last two decades, multiple works have shown that cache attacks pose a significant risk to information confidentiality in shared computer systems. In these attacks, the adversary first manipulates the cache to a known state and then monitor the state to identify victim activity. While countless attack techniques and countermeasures have been published, little effort has been dedicated into understanding the fundamental capabilities that an attacker can gain from manipulating the cache state.
In this talk we bridge this gap. We first identify "weird" gates that allow computation of logic functions of cache state. We then demonstrate that these gates allow arbitrary computation on cache state, i.e. they are Turing-complete.  We finally investigate the security impact of these gates, demonstrating their capacity to improve cache attacks and to overcome countermeasures.

Registration