Side-Channel Attacks and Defenses Michael Schwarz

News

16.03.2022

saarsec CTF Workshop (Non-Lecture Content)

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security... Read more

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security vulnerabilities. CTFs are a great way to actually fiddle around with the practical details of mounting attacks and defenses that were theoretically discussed during your studies. This practical experience can not only be beneficial for your studies but also come in handy during later stages of your career. The workshop starts with a short introduction to Linux, followed by different topics such as File Inclusions, SQL Injections, and Command Injections. For each topic, we will discuss how we can find these vulnerabilities, exploit them on a large scale, and how we can fix them. Then, for each each topic, you'll spend more than 50% of the time in each slot on actual challenges. At the end, we will host a CTF for all workshop participants where they can use their newly acquired skills against each other.

FAQ:

Q: When and where?

A: April 10th and 11th, the format (virtual, onsite, or hybrid) will be announced later

Q: Requirements?

A: We do not require any certain skills as we will start with the basics. However, the knowledge from Cysec1 or Security is definitely an advantage.

Q: Sounds awesome! Where can I register or get more information?

A: https://workshop.saarsec.rocks

 

See you there,

saarsec

15.03.2022

Re-Exam Results

Hi, 

the re-exam points are online in the CMS. If you want to inspect your exam, write me a mail or send me a message on Mattermost. 

Cheers,
Michael

07.03.2022

Re-Exam

Hi, 

the re-exam is already next week (15.3.2022 10:00), so do not forget to register in LSF. The registration deadline ends tomorrow!

A few details regarding the exam:

  • The exam takes place in person on March 15, 10:00 in E2 2, Günter-Hotz-Hörsaal.
  • You... Read more

Hi, 

the re-exam is already next week (15.3.2022 10:00), so do not forget to register in LSF. The registration deadline ends tomorrow!

A few details regarding the exam:

  • The exam takes place in person on March 15, 10:00 in E2 2, Günter-Hotz-Hörsaal.
  • You need at least 26 points in the practical part to be admitted to the exam
  • The university hygiene rules apply, so there is 3G for the exam
  • No lecture notes or any other materials are allowed during an exam

Cheers,
Michael

10.02.2022

Exam Inspection

Hi, 

the exam inspection tomorrow (10:00 - 11:00am) is at CISPA in room 0.07 (the one you see in front of you when entering through the main door).

Cheers,
Michael & Daniel

08.02.2022

Exam Results

Hi, 

the exam points are online in the CMS. The inspection will be this Friday (11.2.) 10:00 - 11:00 at CISPA. We will announce the exact room on Thursday. 

Cheers,
Michael & Daniel

07.02.2022

Final Points + Exam

Hi, 

the final points for the practicals are now online. The results are really good, congratulations to everyone! If you have >= 26 points, you are admitted to the exam (if you are registered). 

As a reminder for the exam tomorrow:

Hi, 

the final points for the practicals are now online. The results are really good, congratulations to everyone! If you have >= 26 points, you are admitted to the exam (if you are registered). 

As a reminder for the exam tomorrow:

  • Everyone must comply with the 3G rule (you need to be able to prove that if asked by the University's security service)
  • A medical mouth-nose-protection mask (surgical mask or FFP2/KN95/N95) must be worn during the entire exam

Good luck,
Michael & Daniel

04.02.2022

Practical 3 Deadline - Tag Your Solutions!

Hello together,

it's less than 24 hours until the deadline of our last practical. Hence, please don't forget to tag your solutions! Instructions on how to do so can be found in the descriptions of the practicals.

Cheers,

Daniel

31.01.2022

Exam

Hi, 

the exam is already next week (8.2.2022 10:00), so do not forget to register in LSF. The registration deadline ends tomorrow!

A few details regarding the exam:

  • The exam takes place in person on February 8, 10:00 in room E9 1.
  • You need at least 26... Read more

Hi, 

the exam is already next week (8.2.2022 10:00), so do not forget to register in LSF. The registration deadline ends tomorrow!

A few details regarding the exam:

  • The exam takes place in person on February 8, 10:00 in room E9 1.
  • You need at least 26 points in the practical part to be admitted to the exam
  • The university hygiene rules apply, so there is 3G for the exam
  • No lecture notes or any other materials are allowed during an exam
  • The lecture-challenge system closes on 07.02.2022 23:59. Until then, you can collect bonus points for the exam. If you did not register with your student mail address, you have to write your username on the exam sheet to get the points!

Cheers,
Michael

21.01.2022

Fourth Tutorial

Hello together,

on January 31, 2pm, the fourth (and last) tutorial will take place. In the tutorial, we will go through common errors in the third assignment as well as exercises that are similar to what you can expect from the exam.

See you there,

Daniel

06.01.2022

Exam Date

Hello together,

as some of you may have already read in the forum or in our calendar, we have settled for an exam date.

The exam will take place on February 8, 10:00 in room E9 1.

 

Cheers,

Daniel

04.01.2022

Assignment 03 released + Tutorial Zoom Link

Hello together,

we just released the third assignment. In contrast to the first two assignments, this last assignment will test whether you can defend against the attacks discussed in this course.

Also, you can now find the link for tomorrow's Zoom session in... Read more

Hello together,

we just released the third assignment. In contrast to the first two assignments, this last assignment will test whether you can defend against the attacks discussed in this course.

Also, you can now find the link for tomorrow's Zoom session in the Materials Section of the CMS.

 

Cheers,

Daniel

28.12.2021

Third Tutorial Session

Hello everybody,

the third tutorial will take place on January 5th, 2pm. Once again, we will meet in a Zoom session. This tutorial will mainly discuss the upcoming third assignment and provide you with a chance to ask further questions about the second... Read more

Hello everybody,

the third tutorial will take place on January 5th, 2pm. Once again, we will meet in a Zoom session. This tutorial will mainly discuss the upcoming third assignment and provide you with a chance to ask further questions about the second assignment.

See you there,

Daniel

15.12.2021

Additional Binary for Challenge 3

Hello together,

unfortunately, we figured out that the binary for challenge 3 made the challenge for some systems harder to solve than originally intended. This led to some exploits working locally (on your systems) but not on our server. We apologize for... Read more

Hello together,

unfortunately, we figured out that the binary for challenge 3 made the challenge for some systems harder to solve than originally intended. This led to some exploits working locally (on your systems) but not on our server. We apologize for that.

Hence, we pushed a patched binary [1] for challenge 3 to the upstream repository and we recommend that you should develop your attacks against this new binary [1]. As we do not want to negatively impact students that already have working solutions against our original binary [2] we will test your exploits against both binaries and you will pass the test if your exploit works against one of them.

 

Cheers,

Daniel

 

[1]: md5sum of new binary: abb3facf71e8ba4897febe6818ed4df2
[2]: md5sum of old binary: ee4e586d4fa4d9ed66f7b8c0e6a0da93

06.12.2021

Tutorial 2 - Zoom Link

Hello,

you can now find the Zoom link for today's tutorial in the Materials Section of the CMS.

See you there,

Daniel

30.11.2021

Assignment 02 + Tutorial

Hello,

we just released the second assignment "The Fault in Our Keys". As always, if there are any questions ask them via the Forum or Mattermost preferably and in case your question would spoil solutions via mail or Mattermost PM.

Next Monday, 4pm (c.t.), we... Read more

Hello,

we just released the second assignment "The Fault in Our Keys". As always, if there are any questions ask them via the Forum or Mattermost preferably and in case your question would spoil solutions via mail or Mattermost PM.

Next Monday, 4pm (c.t.), we will have our second tutorial. The tutorial will be a chance for you to ask last-minute questions about the first assignment and we will discuss concepts that will help you solve the second assignment.

 

Cheers,

Daniel

22.11.2021

Online lecture starting from tomorrow

Hi,

Due to the new COVID-related regulations regarding access to CISPA and the general worsening of the entire situation, our next lectures will, unfortunately, be online-only via YouTube.

The slot of the lecture stays the same, starting every Tuesday at... Read more

Hi,

Due to the new COVID-related regulations regarding access to CISPA and the general worsening of the entire situation, our next lectures will, unfortunately, be online-only via YouTube.

The slot of the lecture stays the same, starting every Tuesday at 10:15. You will always find the link to the current stream in the Materials section of the CMS. As before, all lectures are recorded and stay on YouTube. 

We hope to be able to return to physical lectures soon as the COVID situation improves.

See you (online) tomorrow,
Michael

11.11.2021

Tutorial Session - Uploaded Materials + AMD Turbo Core

Hello all,

thanks for the participation and the interaction during the tutorial!
We have uploaded the slides and the solution to the histogram exercise to the Materials section of the CMS.

During the tutorial, I was asked whether there is an AMD equivalent... Read more

Hello all,

thanks for the participation and the interaction during the tutorial!
We have uploaded the slides and the solution to the histogram exercise to the Materials section of the CMS.

During the tutorial, I was asked whether there is an AMD equivalent for Intel Turbo Boost and it seems there is one called AMD Turbo Core. Fortunately, it seems like we can disable that in a similar manner (at least it worked on the AMD where I just tested this):
To disable AMD Turbo Core:

echo "0" | sudo tee /sys/devices/system/cpu/cpufreq/boost

To enable it again:
echo "1" | sudo tee /sys/devices/system/cpu/cpufreq/boost

As always: Be careful when using these commands as they directly affect the behavior of your processor and we recommend using all these things only when debugging microarchitectural experiments.

 

Cheers,

Daniel

04.11.2021

Tutorial Session - First Assignment

Hello together,

next Thursday, November 11th at 11:59am, we will hold our first tutorial session in the CISPA lecture hall.
We will go through a few tips and tricks when developing code for microarchitectural attacks.

This will also be an opportunity to ask... Read more

Hello together,

next Thursday, November 11th at 11:59am, we will hold our first tutorial session in the CISPA lecture hall.
We will go through a few tips and tricks when developing code for microarchitectural attacks.

This will also be an opportunity to ask project-related questions in person and clarify everything that is unclear. However, if you are unable to join, remember that you can also always ask questions via Mattermost and the forum or via email and Mattermost PMs (the latter two in case your question contains code or specific questions regarding your solution).

See you there :)

18.10.2021

First Lecture

Hello and welcome everyone registered to this course!

The first lecture starts tomorrow at 10 am (c.t., so 10:15) in the CISPA lecture hall. I'm really looking forward to in-person teaching again, and hope to see many of you in the lecture hall. Note that the... Read more

Hello and welcome everyone registered to this course!

The first lecture starts tomorrow at 10 am (c.t., so 10:15) in the CISPA lecture hall. I'm really looking forward to in-person teaching again, and hope to see many of you in the lecture hall. Note that the regulations of the university apply, i.e., 3G rule, contract tracing with the Staysio app, and the requirement to wear a mask. There will also be a live stream of the lecture on YouTube. The link to the stream can be found on the Materials page. The stream is unlisted, so please don't share it outside of this lecture.  

Cheers,
Michael

Show all
 

Side-Channel Attacks and Defenses

In this lecture, you will learn about side channels in software and hardware, their security implications, how they can be exploited from software, and ways to prevent data leakage. Since 2018, side channels received a lot of attention as they are a vital part of Meltdown and Spectre attacks. Meltdown and Spectre showed that the security boundaries of modern CPUs can be circumvented with the help of side channels. However, besides these publicly known attacks, there are many more attacks relying on side channels. In particular, this lecture provides an overview of attack techniques and countermeasures for

  • Timing Attacks
  • Cache Attacks
  • Page Table Attacks
  • Transient Execution Attacks (Meltdown- and Spectre-type Attacks)
  • Fault Attacks

This course provides hands-on experience with various exercises, in which attacks and defenses have to be implemented and evaluated.

Prerequisites

There are no formal prerequisites for this course. However, if you want to participate, you should

  • be familiar with programming C (it helps if you also have a basic understanding of x86 Assembly)
  • have a basic understanding of operating systems (e.g., the concept of virtual memory)
  • be able to work on Linux, as some exercises are only officially supported on Linux

Time and Location

The lecture will take place in-presence every Tuesday from 10.00 (c.t.) - 12.00, starting 19.10.2021. Location: E9 1 (CISPA), room 0.05 (lecture hall ground floor). A stream is also provided via YouTube (links in the Material section).

Grading

There is a total of 100 points for this course. There are up to 50 points for the practical assignments and 50 points for the final exam. Additionally, there are optional lecture challenges that give you bonus points if you solve them.

Note that you need a minimum of 26 points in the practical assignments and a minimum of 26 points in the exam to pass this course. Bonus points can only be used to get a better grade if you already passed the course, i.e., if you have at least 52 points without the bonus points.

Practical Assignments

There are three practical assignments with a total of 50 points. You need at least 26 points in total to pass the course. The practical assignments cover the topics covered in the lecture and aim to deepen your knowledge of the topics.

You can discuss the assignments with other students, but you should not collaborate on the solution with anyone. Your solution should be original and not be an existing solution (e.g., from someone else, or from the internet). All submissions will be automatically checked for plagiarism. Plagiarism automatically results in zero points.

Written Exam

Exams are done in writing. The final exam will take place on February 8th, 2022 at 10:00 in E9 1. Note that physical presence is required for the exam.

Exams consist of both theoretical questions and practical questions. Theoretic questions are basically the theoretic parts of the slides and possibly additional content presented in the lecture, which is not part of the slides. Practical questions are, in principle, similar to the tasks given in the lecture challenges as well as in the practicals. However, the complexity of the questions is scaled to make them adequate for the time available during an exam.

All questions of the exam are in English. Answers can be given either in English or in German, at the student’s discretion.

No lecture notes or any other materials are allowed during an exam. All materials required to solve the practical questions are provided at the exam.

Lecture Challenges

During the lecture, there will be small “Lecture Challenges” that you can optionally solve as a bonus. These challenges are optional, but solving them results in bonus points. The aim of the challenges is to dig deeper into a certain topic of the respective lecture. Thus, it is advisable to try to complete the challenge soon after the lecture.



Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators