Floragasse 7 – 5th floor, 1040 Vienna

Guest talk: Reverse-engineering CPUs for fun and profit

November 25, 2016
3:30 pm - 5:00 pm
SBA Research - Favoritenstraße 16 1040 Wien

Clémentine Maurice, postdoctoral researcher in the Secure Systems Group of the Institute of Applied Information Processing and Communications of TU Graz, gives a talk on “Reverse-engineering CPUs for fun and profit“.

Abstract: Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are executing, paving the way for covert or side-channel attacks. Yet, the internal state of a CPU is tightly tied with its microarchitecture, which is becoming increasingly complex and is often undocumented by manufacturers.

In this talk, we present methods to reverse-engineer modern CPU components. In the first part, we present one automatic and generic method to reverse engineer the addressing function of the last-level cache in Intel CPUs, using performance counters. As the last-level cache is shared between cores, we then explain how to use this function in a cross-core side-channel attack. In the second part, we focus on the DRAM addressing function on both x86 and ARM CPUs. We then demonstrate covert and side-channel attacks across CPUs without any shared memory, leveraging DRAM row buffers.

This event is hosted as a joint activity by the Vienna ACM SIGSAC Chapter and the IEEE CS/SMCS Austria Chapter.



This Website uses Cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.