A5029386182- Security and Verification in Computing
- Cryptographic Implementations and Security
- Advanced Malware Detection Techniques
- Cryptography and Data Security
- Physical Unclonable Functions (PUFs) and Hardware Security
- Complexity and Algorithms in Graphs
- Cloud Data Security Solutions
- Parallel Computing and Optimization Techniques
- Chaos-based Image/Signal Encryption
- Distributed systems and fault tolerance
- Digital Media Forensic Detection
- Cryptography and Residue Arithmetic
- Diamond and Carbon-based Materials Research
- User Authentication and Security Systems
- Adversarial Robustness in Machine Learning
- Privacy-Preserving Technologies in Data
- Scientific Computing and Data Management
- Logic, programming, and type systems
- Digital and Cyber Forensics
- DNA and Biological Computing
- semigroups and automata theory
- Advanced Data Storage Technologies
- Advanced Memory and Neural Computing
- Formal Methods in Verification
- Web Application Security Vulnerabilities
Georgia Institute of Technology
2022-2025
Atlanta Technical College
2022-2024
University of Michigan
2018-2021
Toronto Metropolitan University
2021
University of Pennsylvania
2016-2019
Philadelphia University
2017-2018
University of Maryland, College Park
2017-2018
California University of Pennsylvania
2017-2018
Technion – Israel Institute of Technology
2010-2016
Tel Aviv University
2013-2016
Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a depends on memory value that is in process being read, CPUs will try guess attempt execute ahead. When finally arrives, CPU either discards or commits computation. Speculative logic unfaithful how it executes, can access victim's registers, perform operations with measurable side effects. Spectre attacks involve inducing victim speculatively would not occur during...
The Rowhammer bug allows unauthorized modification of bits in DRAM cells from unprivileged software, enabling powerful privilege-escalation attacks. Sophisticated countermeasures have been presented, aiming at mitigating the or its exploitation. However, state art provides insufficient insight on completeness these defenses. In this paper, we present novel attack and exploitation primitives, showing that even a combination all defenses is ineffective. Our new technique, one-location...
Meltdown and Spectre enable arbitrary data leakage from memory via various side channels. Short-term software mitigations for are only a temporary solution with significant performance overhead. Due to hardware fixes, these disabled on recent processors. In this paper, we show that Meltdown-like attacks still possible CPUs which not vulnerable Meltdown. We identify two behaviors of the store buffer, microarchitectural resource reduce latency stores, powerful attacks. The first behavior,...
The recent Spectre attack first showed how to inject incorrect branch targets into a victim domain by poisoning microarchitectural prediction history. In this paper, we generalize injection-based methodologies the memory hierarchy directly injecting incorrect, attacker-controlled values victim's transient execution. We propose Load Value Injection (LVI) as an innovative technique reversely exploit Meltdown-type data leakage. LVI abuses that faulting or assisted loads, executed legitimate...
Lessons learned from Meltdown's exploitation of the weaknesses in today's processors.
We show that elliptic-curve cryptography implementations on mobile devices are vulnerable to electromagnetic and power side-channel attacks. demonstrate full extraction of ECDSA secret signing keys from OpenSSL CoreBitcoin running iOS devices, partial key leakage Android iOS's CommonCrypto. These non-intrusive attacks use a simple magnetic probe placed in proximity the device, or phone's USB cable. They bandwidth merely few hundred kHz, can be performed cheaply using an audio card improvised probe.
Cloud database systems such as Amazon RDS or Google SQLenable the outsourcing of a large to server who then responds SQL queries. A natural problem here is efficiently verify correctness responses returned by (untrusted) server. In this paper we present vSQL, novel cryptographic protocol for publicly verifiable queries on dynamic databases. At high level, our construction relies two extensions CMT interactive-proof [Cormode et al., 2012]: (i) supporting outsourced input via use...
Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a depends on memory value that is in process being read, CPUs will try guess attempt execute ahead. When finally arrives, CPU either discards or commits computation. Speculative logic unfaithful how it executes, can access victim's registers, perform operations with measurable side effects. Spectre attacks involve inducing victim speculatively would not occur during...
The Rowhammer bug is a reliability issue in DRAM cells that can enable an unprivileged adversary to flip the values of bits neighboring rows on memory module. Previous work has exploited this for various types fault attacks across security boundaries, where attacker flips inaccessible bits, often resulting privilege escalation. It widely assumed however, bit within adversary's own private have no implications, as already modify its via regular write operations.We demonstrate assumption...
Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a depends on memory value that is in process being read, CPUs will try guess attempt execute ahead. When finally arrives, CPU either discards or commits computation. Speculative logic unfaithful how it executes, can access victim's registers, perform operations with measurable side effects. Spectre attacks involve inducing victim speculatively would not occur during...
Recent transient-execution attacks, such as RIDL, Fallout, and ZombieLoad, demonstrated that attackers can leak information while it transits through microarchitectural buffers. Named Microarchitectural Data Sampling (MDS) by Intel, these attacks are likened to "drinking from the firehose", attacker has little control over what data is observed origin. Unable prevent buffers leaking, Intel issued countermeasures via microcode updates overwrite when CPU changes security domains.In this work...
We study the question of protecting arithmetic circuits against additive attacks, which can add an arbitrary fixed value to each wire in circuit. This extends notion algebraic manipulation detection (AMD) codes, protect information that AMD computation.