News
Next Seminar on 14.09.2022
Written on 11.09.2022 19:48 by Mang Zhao
Dear All,
The next seminar(s) take place on 14.09. at 14:00 (Session A) and 15:00 (Session B).
Session A: (RA 3, 4) (14:00 - 14:30 && 15:00 - 15:30)
Julian Augustin, Niklas Flentje
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (RA 5) (15:00-15:30)
Johanna Girndt
https://cispa-de.zoom.us/j/99025989421?pwd=cWJIM29LYktsbStxTXlKUStZRi9MUT09
Meeting-ID: 990 2598 9421
Kenncode: 3mZyE$
Session A:
14:00-14:30
Speaker: Julian Augustin
Type of talk: Bachelor Intro
Advisor: Andreas Zeller
Title: Hierarchical Delta Debugging and DDSet on context-sensitive Inputs
Research Area: RA4
Abstract:
Fuzzing is a well-known technique to find inputs that trigger bugs in programs.
A good way to fix the bug is to have a look at the usually very large failure-inducing input and see which part of it actually triggers the bug.
Delta debugging is an algorithm used to minimize the input as much as possible while still preserving the error.
Using delta debugging on context-sensitive data is often not successful because wrong length fields or checksums often throw errors before the actual problem gets parsed.
I am going to use FormatFuzzer a framework that can fuzz context-sensitive data and use its mutation functions to implement a more refined version of delta debugging namely hierarchical delta debugging for context-sensitive inputs.
New work has gone even further. Instead of just minimizing the error-inducing input, DDSet is able to give a grammar for all inputs that create this error.
I will also implement the key functions of this approach for context-sensitive data using FormatFuzzer.
15:00-15:30
Speaker: Niklas Flentje
Type of talk: Bachelor Intro
Advisor: Michael Schwarz
Title: Elimination of Optimization: breaking Supersingular Isogeny Key Encapsulation with Zero Store Elimination
Research Area: RA3
Abstract: Performance is one of the fundamental goals modern computers aim to achieve. While a CPU's frequency is restricted due to space and heat constraints, microarchitectural optimizations are developed and deployed to increase a computer's performance further. With the discovery of side-channel attacks, we have seen that such optimizations may introduce various security vulnerabilities.
In many cases, the resulting performance gains triumph over the desire for security, leading to the optimizations being deployed with more or less successful mitigations against the respective security vulnerabilities (e.g., in the case of caches). But there are other cases where the optimization disappears without disclosing much or any information about possible security vulnerabilities. One of these cases is Zero Store Elimination.
This talk is meant to introduce the concept of Zero Store Elimination and outline how we plan to analyze the resulting security vulnerability by breaking one of NIST's 4th round candidates for quantum-safe cryptography: SIKE.
Session B:
15:00-15:30
Speaker: Johanna Girndt
Type of talk: Bachelor Intro
Advisor: Prof. Andreas Zeller, Dr. Dominic Steinhoefel
Title: Conversion of ISLa Constraints into Binary Templates
Research Area: RA5
Abstract:
Grammar-based fuzzing is an effective method to generate structured inputs for testing programs. Efficient fuzzers exist for this purpose, but they are usually not precise enough since context-free grammars are not sufficient to specify all input formats. To overcome this lack of precision, the input description language ISLa was built. It is easy to adapt for developers, due to the fact that it is based on context-free grammars, but it has a slow working speed. For its turn, the grammar-based fuzzer and parser generator Format Fuzzer is much more time efficient, but the binary template language used by Format Fuzzer is complicated for humans to write.
In order to provide both a commonly accepted way to describe a broad variety of input formats and generate inputs at a fast pace, this work is dedicated to the translation of ISLa constraints to binary template language based on an existing LL1 parser generator that generates Binary Templates from context-free grammars.
We plan to evaluate the effectiveness of the tool by comparing it to the reference implementation, the ISLa solver, in terms of time savings, generation versatility, and precision as a parser and generator.