安德斯·福格与丹尼尔·格鲁斯_微架构漏洞的过去现在和未来.pdf

《安德斯·福格与丹尼尔·格鲁斯_微架构漏洞的过去现在和未来.pdf》由会员分享，可在线阅读，更多相关《安德斯·福格与丹尼尔·格鲁斯_微架构漏洞的过去现在和未来.pdf（66页珍藏版）》请在三个皮匠报告上搜索。

1、Microarchitecture VulnerabilitiesPast,Present and FutureDaniel Gruss(Graz University of Technology)Anders Fogh(Intel Corporation)IntroductionDaniel GrussGraz University of TechnologyAnders FoghIntelDaniel and Andersdo not always agree!PastPast earliest daysSide Channels always existedPast earliest d

2、aysSide Channels always existedFirst scientific observations in 1943Past earliest daysSide Channels always existedFirst scientific observations in 1943Concept of“covert channels”in 1973Past earliest daysSide Channels always existedFirst scientific observations in 1943Concept of“covert channels”in 19

3、731974-1980:Provable secure operating systems with exceptions for side channels1985:Orange book.Covert channels with low bandwidth not a problem1996:Paul Kochers seminal work on timing attacksPast:cryptographic attacks1996-2015 Mainly side channels on cryptography(threat model!)Past:cryptographic at

4、tacks1996-2015 Mainly side channels on cryptography(threat model!)Colin Percival(2005):“Cache Missing for fun and profit”ISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic w

5、orks on attacking TEEs with side channelsUSENIX+BlackHat US 2018,S&P 2019:Spectre&MeltdownPast:Moving beyond cryptoISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic works o

6、n attacking TEEs with side channelsUSENIX+BlackHat US 2018,S&P 2019:Spectre&MeltdownPast:Moving beyond cryptoISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic works on atta