A5052765719- Security and Verification in Computing
- Advanced Malware Detection Techniques
- Cryptographic Implementations and Security
- Advanced Data Storage Technologies
- Cellular Automata and Applications
- Advanced Memory and Neural Computing
- Chaos-based Image/Signal Encryption
- Cryptography and Residue Arithmetic
- Polynomial and algebraic computation
- Radiation Effects in Electronics
- Cryptography and Data Security
- Physical Unclonable Functions (PUFs) and Hardware Security
- Parallel Computing and Optimization Techniques
- Diamond and Carbon-based Materials Research
- Cloud Data Security Solutions
Graz University of Technology
2020-2024
In this paper, we present Nethammer, a remote Rowhammer attack without single attacker-controlled line of code on the targeted system, i.e., not even JavaScript. Nethammer works commodity consumer-grade systems that either are protected with quality-of-service techniques like Intel CAT or use uncached memory, flush instructions, non-temporal instructions while handling network requests (e.g., for interaction device). We demonstrate frequency cache misses is in all three cases high enough to...
In this paper, we present CSI:Rowhammer, a principled hardware-software co-design Rowhammer mitigation with cryptographic security and integrity guarantees, that does not focus on any specific properties of Rowhammer. We design new memory error detection mechanism based low-latency MAC an exception initiating software-level correction routine. The handler uses novel instruction-set extension for the resumes execution afterward. contrast to regular ECC-DRAM remains exploitable if more than 2...
Memory safety vulnerabilities are a severe threat to modern computer systems allowing adversaries leak or modify security-critical data. To protect from this attack vector, full memory is required. As software-based countermeasures tend induce significant runtime overheads, which not acceptable for production code, hardware assistance needed. Tagged architectures, e.g., already offered by the ARM MTE and SPARC ADI extensions, assign meta-information objects, thus implement policies. However,...
C/C++ memory safety issues, such as out-of-bounds errors, are still prevalent in today's applications. The presence of a single exploitable software bug allows an adversary to gain unauthorized access and ultimately compromise the entire system. Typically, schemes only achieve widespread adaption if they provide lightweight practical security. Thus, hardware support is indispensable. However, countermeasures often restrict data using heavy-weight protection mechanisms that extensively...
Trusted Execution Environments (TEEs) and enclaves have become increasingly popular are used from embedded devices to cloud servers. Today, many enclave architectures exist for different ISAs. However, some suffer performance issues controlled-channel attacks, while others only support constrained use cases or impose unrealistic constraints on the software. Modern applications require a more flexible architecture that is both secure against such attacks not by, e.g., limited number of...
Efficient cloud computing relies on in-process isolation to optimize performance by running workloads within a single process. Without heavy-weight process isolation, memory safety errors pose significant security threat allowing an adversary extract or corrupt the private data of other co-located tenants. Existing mechanisms are not suitable for modern requirements, e.g., MPK's 16 protection domains insufficient isolate thousands workers per Consequently, service providers have strong need...
Gr\"obner bases are an important tool in computational algebra and, especially cryptography, often serve as a boilerplate for solving systems of polynomial equations. Research regarding (efficient) algorithms computing spans large body dedicated work that stretches over the last six decades. The pioneering Bruno Buchberger 1965 can be considered blueprint all subsequent basis to date. Among most efficient this line signature-based algorithms, with first its kind published late 1990s by...