Measuring Side Channel Vulnerability using SVF
Speaker: Simha Sethumadhavan, Columbia University
Date: Tuesday, March 19 2013
Time: 4:00PM to 5:00PM
Refreshments: 4:00PM
Location: G575
Contact: Raluca Ada Popa, raluca@csail.mit.edu
Abstract: There have been many attacks that exploit side-effects of program execution to expose secret information, and many proposed countermeasures to protect against these attacks. However there is currently no systematic, holistic methodology for understanding information leakage. As a result, it is not well known how design decisions affect information leakage or the vulnerability of systems to side-channel attacks.
In this talk, I will describe a metric for measuring information leakage called the Side-channel Vulnerability Factor (SVF). SVF is based on our observation that all side-channel attacks ranging from physical to microarchitectural to software rely on recognizing leaked execution patterns. SVF quantifies patterns in attackers’ observations and measures their correlation to the victim’s actual execution patterns and in doing so captures systems’ vulnerability to side-channel attacks.
In a detailed case study of on-chip memory systems, I will show how SVF measurements help expose unexpected vulnerabilities in whole-system designs and shows how designers can make performance-security trade-offs. SVF provides a quantitative approach to secure computer architecture.
Time permitting I will also mention the SPARCHS hardware security project at Columbia.
See other events that are part of CSAIL Security Seminar 2012/2013
See other events happening in March 2013
