log in  |  register  |  feedback?  |  help  |  web accessibility
Real world security: from theory to practice and back again
Wednesday, February 14, 2018, 11:00 am-12:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)

The security of any system relies on models and assumptions that
attempt to capture potential adversarial behavior. Unfortunately, when
faced with real-world adversaries, these assumptions often become
flaky, inaccurate, or even flat out wrong. In this talk, I will show
several examples of this gap between theoretical and real-world
security. First, I will present Spectre and Meltdown, two
microarchitectural attacks that read protected OS kernel memory by
exploiting speculative execution, a performance optimization typically
performed by all modern CPUs. Second, I will show how to utilize
unintentional physical side-channel leakage from complex computing
devices in order to extract secret cryptographic keys. Finally, on the
defensive side, I will show how theory can potentially help by
discussing how to construct and deploy verifiable computation schemes
for arbitrary C programs.

The talk will include live demonstrations of cryptographic techniques.


Dr. Daniel Genkin is currently a Postdoctoral Researcher splitting his
time between the University of Pennsylvania and the University of
Maryland where he is hosted by Prof. Nadia Heninger and Prof. Jonathan
Katz, respectively. He earned his Ph.D. in 2016 from the Computer
Science Department at the Technion — Israel's Institute of Technology,
where he was co-advised by Prof. Yuval Ishai and Prof. Eran Tromer.

Daniel’s research interests are in cryptography and systems security.
He is interested in both theory and practice with particular interests
in side-channel attacks, hardware security, cryptanalysis, secure
multiparty computation (MPC), verifiable computation, and SNARKS.

This talk is organized by Brandi Adams