2021-12-08: Testing Software and Hardware against Speculation Contracts

Boris Köpf (Microsoft Research Cambridge) will give a seminar on December 8rd, 2021, 14:00-15:00, Stockholm time.

Abstract:
Attacks such as Spectre and Meltdown use a combination of speculative execution and shared icroarchitectural state to leak information across security domains. Defeating them without massive performance overheads requires careful co-design of software and hardware. In this talk I will present a principled approach to this problem, based on hardware-software contracts for secure speculation, and on techniques that enable testing of software and hardware against them.

Bio:
Boris Köpf is a Principal Researcher in the Confidential Computing group at Microsoft Research Cambridge, working on techniques for tracking information flow in microarchitecture and machine learning systems. Prior to joining MSR in November 2018, he was a tenured faculty at the IMDEA Software Institute, a postdoc at the Max Planck Institute for Software Systems, and a Ph.D. student at ETH Zurich.

You are welcome to attend the seminar virtually: Zoom link: kth-se.zoom.us/j/69020011731

Title
2021-12-08: Testing Software and Hardware against Speculation Contracts
2021-12 03: Practical Data Access Minimization in Trigger-Action Platforms
2021-11-16: Securing software in the presence of realistic attackers and polices
2021-11-9: An In-depth Study of Java Deserialization Exploits and Vulnerabilities
2019-02-05 Faceted Secure Multi-Execution
2019-01-11 Privacy-preserving ridesharing and multi key-homomorphic signatures
2018-11-06 Authentication and Pairing Using Human Body Impedance
2018-10-26 Security and Privacy in the IoT: An Information-Theoretic Perspective
2018-09-17 Cyber-Defence Panel
2018-09-13: Reconfigurable Distributed MIMO for Physical-layer Security in Mobile Networks
2018-09-03: A Constraint Programming approach to deliver a Tolerant Algebraic Side-Channel Attack of AES
2018-06-18: Coarse-grained information-flow control as a library in Haskell
2018-06-07: The capacity of private information retrieval with eavesdroppers
2018-05-23: Information-Flow Control for Concurrent Programs with Declassification
2018-05-09: Browser fingerprinting: past, present and possible future
2018-05-07: The Verificatum Project 10-year Anniversary

Title

2021-12-08: Testing Software and Hardware against Speculation Contracts

2021-12 03: Practical Data Access Minimization in Trigger-Action Platforms

2021-11-16: Securing software in the presence of realistic attackers and polices

2021-11-9: An In-depth Study of Java Deserialization Exploits and Vulnerabilities

2019-02-05 Faceted Secure Multi-Execution

2019-01-11 Privacy-preserving ridesharing and multi key-homomorphic signatures

2018-11-06 Authentication and Pairing Using Human Body Impedance

2018-10-26 Security and Privacy in the IoT: An Information-Theoretic Perspective

2018-09-17 Cyber-Defence Panel

2018-09-13: Reconfigurable Distributed MIMO for Physical-layer Security in Mobile Networks

2018-09-03: A Constraint Programming approach to deliver a Tolerant Algebraic Side-Channel Attack of AES