Faulting Hardware from Software

Presented at DeepSec 2020 „The Masquerade“, Unknown date/time (Unknown duration).

Fault attacks induce incorrect behavior into a system, enabling the compromise of the entire system and the disclosure of confidential data. Traditionally, fault attacks required hardware equipment and local access. In the past five years multiple fault attacks have been discovered that do not require local access, as they can be mounted from software. We will discuss the Rowhammer attack and how it can subvert a system. We then show that a new primitive, Plundervolt, can similarly lead to a system compromise and information disclosure.

Presenters:

  • Daniel Gruss - Graz University of Technology
    Daniel Gruss (@lavados) is an Assistant Professor at Graz University of Technology. He finished his PhD with distinction in less than three years. He has been involved in teaching operating system undergraduate courses since 2010. Daniel's research focuses on side channels and security on the hardware-software boundary. His research team was involved in several vulnerability disclosures, including Meltdown and Spectre. He has co-authored more than 20 top-tier academic publications in the past five years and received several prizes for his research.

Links:

Similar Presentations: