News

Re-Exam Results

Written on 21.03.23 by Michael Schwarz

Hi, 
the re-exam points are online in the CMS. If you want to inspect your exam, write me a mail or send me a message on Discord.

Cheers,
Michael

Exam Results

Written on 28.02.23 by Michael Schwarz

Hi, 

the exam points are online in the CMS. If you want to inspect your exam, write me a mail or send me a message on Discord.

Cheers,
Michael

Exam

Written on 21.02.23 by Michael Schwarz

Hi, 

the exam is already next week (28.2.2023 10:00), so do not forget to register in LSF. The registration deadline ends today!

A few details regarding the exam:

  • The exam takes place in person on February 28, 10:00 in room E2 2 (Günter-Hotz-Hörsaal).
  • You need at least 26 points in the… Read more

Hi, 

the exam is already next week (28.2.2023 10:00), so do not forget to register in LSF. The registration deadline ends today!

A few details regarding the exam:

  • The exam takes place in person on February 28, 10:00 in room E2 2 (Günter-Hotz-Hörsaal).
  • You need at least 26 points in the practical part to be admitted to the exam
  • No lecture notes or any other materials are allowed during an exam
  • The lecture-challenge system closes on 27.02.2023 23:59. Until then, you can collect bonus points for the exam. If you did not register with your student mail address, you have to write your username on the exam sheet to get the points!

Cheers,
Michael

New lecture location

Written on 09.01.23 by Michael Schwarz

Hi, 

the next lectures (tomorrow 10.1., 17.1., and 24.1.) will be in room 0.01 in the CISPA building instead of 0.05. 

Cheers,
Michael

Q&A Session for Practical 2

Written on 03.01.23 (last change on 03.01.23) by Lukas Gerlach

Hey All,
on next Thursday 05.01 at 13:00-14:00 s.t., we will offer a Q&A session for the Practical 2. You can also message us with your questions in advance so that we can prepare materials for the Q&A.

- Lukas

Important: Practical 2 - Broken Keys

Written on 16.12.22 by Daniel Weber

Dear students,
unfortunately, we found out that some keys [0] from practical2 were incorrect.
Thus, the server tested against the wrong keys and we handed out the wrong keys for challenge3.

We've updated the keys on the server and in the upstream repo. Hence, you need to merge the upstream repo… Read more

Dear students,
unfortunately, we found out that some keys [0] from practical2 were incorrect.
Thus, the server tested against the wrong keys and we handed out the wrong keys for challenge3.

We've updated the keys on the server and in the upstream repo. Hence, you need to merge the upstream repo again [1]. We rerun the tests for exercise 2 and the changes result in some student solutions now achieving 5/5 correctly leaked keys on challenge2. So, luckily nobody lost points by this error.

We apologize kindly for the trouble caused by this.


[0]: the affected keys were one non-public key from challenge 2 and all keys (public and non-public) from challenge3.

[1]: The command for doing so is "git pull upstream master --allow-unrelated-histories"

Tutorial on Tips & Tricks for Microarchitectural Attacks

Written on 11.12.22 (last change on 11.12.22) by Daniel Weber

Hey all,

on next Tuesday, 13th Dec at 2pm, we will offer a tutorial session discussing a few tips and tricks to reduce the noise in your environment when developing microarchitectural attacks. Especially for those of you that are struggling with imprecise measurements in Practical 1, this tutorial… Read more

Hey all,

on next Tuesday, 13th Dec at 2pm, we will offer a tutorial session discussing a few tips and tricks to reduce the noise in your environment when developing microarchitectural attacks. Especially for those of you that are struggling with imprecise measurements in Practical 1, this tutorial should be helpful.

- Daniel

No Lecture Tomorrow

Written on 06.12.22 by Daniel Weber

Hey all,

just a quick reminder: there will be no lecture tomorrow. The next lecture will take place next Tuesday, December 13.

Cheers,

Daniel

Show all

Side-Channel Attacks and Defenses 

In this lecture, you will learn about side channels in software and hardware, their security implications, how they can be exploited from software, and ways to prevent data leakage. Since 2018, side channels received a lot of attention as they are a vital part of Meltdown and Spectre attacks. Meltdown and Spectre showed that the security boundaries of modern CPUs can be circumvented with the help of side channels. However, besides these publicly known attacks, there are many more attacks relying on side channels. In particular, this lecture provides an overview of attack techniques and countermeasures for

  • Timing Attacks
  • Cache Attacks
  • Page Table Attacks
  • Transient Execution Attacks (Meltdown- and Spectre-type Attacks)
  • Fault Attacks
  • Software-based Power Attacks

This course provides hands-on experience with various exercises, in which attacks and defenses have to be implemented and evaluated.

Note that this is not an easy course. Previous students liked the course but noted the workload is above an average course.

Prerequisites

There are no formal prerequisites for this course. However, if you want to participate, you should

  • be familiar with programming C (it helps if you also have a basic understanding of x86 Assembly)
  • have a basic understanding of operating systems (e.g., the concept of virtual memory)
  • be able to work on Linux, as some exercises are only officially supported on Linux

Time and Location

The lecture will take place in-presence every Tuesday from 10.00 (c.t.) - 12.00, starting 25.10.2022. Location: E9 1 (CISPA), room 0.05 (lecture hall ground floor). 

Grading

There is a total of 100 points for this course. There are up to 50 points for the practical assignments and 50 points for the final exam. Additionally, there are optional lecture challenges that give you bonus points if you solve them.

Note that you need a minimum of 26 points in the practical assignments and a minimum of 26 points in the exam to pass this course. Bonus points can only be used to get a better grade if you already passed the course, i.e., if you have at least 52 points without the bonus points.

Practical Assignments

There are three practical assignments with a total of 50 points. You need at least 26 points in total to pass the course. The practical assignments cover the topics covered in the lecture and aim to deepen your knowledge of the topics.

You can discuss the assignments with other students, but you should not collaborate on the solution with anyone. Your solution should be original and not be an existing solution (e.g., from someone else, or from the internet). All submissions will be automatically checked for plagiarism. Plagiarism automatically results in zero points.

Written Exam

Exams are done in writing. The final exam will take place on 28.2.2023 from 10:00 to 12:00 in E2 2 - Hörsaal 0.01 (Günter-Hotz-Hörsaal). Note that physical presence is required for the exam.

Exams consist of both theoretical questions and practical questions. Theoretic questions are basically the theoretic parts of the slides and possibly additional content presented in the lecture, which is not part of the slides. Practical questions are, in principle, similar to the tasks given in the lecture challenges as well as in the practicals. However, the complexity of the questions is scaled to make them adequate for the time available during an exam.

All questions of the exam are in English. Answers can be given either in English or in German, at the student’s discretion.

No lecture notes or any other materials are allowed during an exam. All materials required to solve the practical questions are provided at the exam.

Lecture Challenges

During the lecture, there will be small “Lecture Challenges” that you can optionally solve as a bonus. These challenges are optional, but solving them results in bonus points. The aim of the challenges is to dig deeper into a certain topic of the respective lecture. Thus, it is advisable to try to complete the challenge soon after the lecture.

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.