The security and architecture communities will remember the past five years as the era of side channels. Starting from Spectre and Meltdown, time and again we have seen how basic performance-improving features can be exploited to violate fundamental security guarantees. Making things worse, the rise of side channels points to a much larger problem, namely the inadequacy of existing security abstractions in capturing the complexity of modern computer systems.
In this talk, I will give a high-level survey on side channel attacks. I will survey a line of work on speculative execution attacks such as Spectre, Meltdown, and follow ups. I will also discuss browser-based side channels, highlighting deficiencies in existing side channel mitigation efforts. Finally, I will discuss future side channel directions on emerging CPU architectures.
Daniel Genkin is an Alan and Anne Taetle Early Career Associate Professor at the School of Cybersecurity and Privacy at Georgia Tech. Daniel’s research interests are in hardware and system security, with particular focus on side channel attacks and defenses. Daniel’s work has won the Distinguished Paper Award at IEEE Security and Privacy, an IEEE Micro Top Pick, the Black Hat Pwnie Awards, as well as top-3 paper awards in multiple conferences. Most recently, Daniel has been part of the team performing the first analysis of speculative and transient execution, resulting in the discovery of Spectre, Meltdown and follow ups. Daniel has a PhD in Computer Science from the Technion Israel’s Institute of Technology and was a Postdoctoral fellow at the University of Pennsylvania and University of Maryland.