Blogs (61) >>

First Workshop on Speculative Side Channel Analysis

Side channels have dramatically gained attention in January this year when security researchers disclosed several attacks with the potential to improperly gather sensitive data from the majority of computing devices. Vendors of both processors and operating systems are scrambling to fix their systems. There is no reason to believe these attacks form an exhaustive listing of the vulnerabilities. Research into different forms of side channels shows that the last 30 years of performance increase in have made our CPU architectures prone to information leaks and integrity violations. SPECTRE, Meltdown, Rowhammer, and other cache-based micro-architectural attacks are likely only the first tip of the iceberg. How should the research community, in particular researchers in programming languages, compilers, or virtual machines react. We believe that a discussion with industrial practitioners is crucial to set a research agenda. This workshop will focus on Speculative Side Channels and their implications for programming language security and systems/software security. Salient topics:
  • Implications of side channels for language virtual machines
  • Implications of side channels for secure enclaves
  • Implications of side channels for hypervisors
  • Weaknesses of software mitigation techniques (e.g., ASLR)
  • Side channel analysis techniques and tools
  • Side channel resilient defenses
  • CPU side-channel vulnerabilities
  • Cache-based side-channel vulnerabilities
  • Formal models of micro-architectural speculation
  • Formal models of timing channels
  • Implications for cloud computing

Attendance by industry experts is particularly encouraged. Attendance to the workshop will be limited and there will be no public recording of the discussion.

Discussions

Title
Application-Specific Principals Must Align With Platform Boundaries
WoSSCA
Electromagnetic Side-Channel Attacks: Potential for Progressing Hindered Digital Forensic Analysis
WoSSCA
Hardware and Software Mitigations
WoSSCA
Pacer: Efficient I/O Side-Channel Mitigation in the Cloud
WoSSCA
Peering behind the Turing Mirror
WoSSCA
Software Diversity vs. Side Channels
WoSSCA
Speculative side channels: the view from WebKit
WoSSCA
Systematizing speculative execution side channel vulnerabilities and their mitigations
WoSSCA

Call for Papers, Talk abstracts, Position statements

This workshop will be organized around a few short presentations and several open discussions on topics selected by the attendees. To ensure participation and lively discussions the workshop attendance is by invitation only. Prospective attendees must submit one of (a) statement of interest (a one page description of research interests and short bio), (b) a talk abstract (one page description of a talk), (c) short paper (6 page paper). Short papers may be published in the ACM Digital Library if authors request it. The program committee will invite a set of participants, and will select a set of talks from the submissions based on fit with the workshop themes.

You're viewing the program in a time zone which is different from your device's time zone change time zone

Wed 18 Jul

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

14:00 - 15:30
WoSSCA 2WoSSCA at Hamburg
Chair(s): Eric Jul University of Oslo
14:00
30m
Talk
Peering behind the Turing Mirror
WoSSCA
14:30
30m
Talk
Hardware and Software Mitigations
WoSSCA
15:00
30m
Talk
Pacer: Efficient I/O Side-Channel Mitigation in the Cloud
WoSSCA
Aastha Mehta MPI-SWS
16:00 - 17:30
WoSSCA 3WoSSCA at Hamburg
Chair(s): Jan Vitek Northeastern University
16:00
45m
Talk
Software Diversity vs. Side Channels
WoSSCA
Stefan Brunthaler Bundeswehr University Munich
16:45
45m
Talk
Electromagnetic Side-Channel Attacks: Potential for Progressing Hindered Digital Forensic Analysis
WoSSCA
Asanka Sayakkara University College Dublin