Skip to main content

Cache Side-Channel Attacks and Mitigations

Software-based side-channel attacks can pose a severe security threat in practice. In this course, we focus on a particularly prominent case: caches and cache side-channel attacks and we will go beyond the basic Flush+Reload attack. You will work with different cache side channels and understand where timing differences in architectures originate. You will learn which mechanisms can mitigate specific side-channel techniques in practice.

...
Cache Side-Channel Attacks and Mitigations

There is one session available:

38 already enrolled!
After a course session ends, it will be archivedOpens in a new tab.
Started Aug 23
Ends Nov 1

Cache Side-Channel Attacks and Mitigations

Software-based side-channel attacks can pose a severe security threat in practice. In this course, we focus on a particularly prominent case: caches and cache side-channel attacks and we will go beyond the basic Flush+Reload attack. You will work with different cache side channels and understand where timing differences in architectures originate. You will learn which mechanisms can mitigate specific side-channel techniques in practice.

Cache Side-Channel Attacks and Mitigations
10 weeks
3–4 hours per week
Instructor-paced
Instructor-led on a course schedule
Free
Optional upgrade available

There is one session available:

After a course session ends, it will be archivedOpens in a new tab.
Started Aug 23
Ends Nov 1

About this course

Skip About this course

In this course, we build upon basic knowledge of software-based timing and cache attacks as well as the side-channel mindset. Same as in the prior courses, we do not just enumerate side-channel effects but we provide you with the experience of discovering side channels yourself in a group of students, living in a shared appartment. We dive deeper into the microarchitecture and get an in-depth understanding of virtual memory and caches in the course. We will learn about different cache side channels, such as Flush+Flush, Evict+Reload, and Prime+Probe. This requires some skills in reading and writing code, mainly C code. You will learn which attacks are relevant in the concrete native and virtualized environments you are working with, contributing to your risk assessment skills. In a set of small exercises, you will demonstrate that you understood the virtual memory, caches, and are able to find and exploit cache side channels in small software programs.

At a glance

  • Institution: TUGrazX
  • Subject: Computer Science
  • Level: Intermediate
  • Prerequisites:

    Knowledge and skills from the prerequisite course Side Channel Security S2: Introduction to Software Side Channels and Mitigations.

    We expect basic programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.

What you'll learn

Skip What you'll learn

- Spot and exploit side channels in cache hierarchies of concrete systems
- Use different software-based cache side channels to extract secret information
- Understand the security risks posed by cache side channels and which cache side channels can be mitigated in practice

- Episode 1: Down the Rabbit Hole

The flatmates figure out how virtual addresses and caches work and they start realizing which timing differences might be hidden in there.

- Episode 2: Gone with the Flush

The flatmates discover the Flush+Flush and Evict+Reload attacks and learn a lot about how cache replacement works.

- Episode 3: Optimus Prime+Probe

The flatmates discover the Prime+Probe attack. They realize that it works in cases where Flush+Reload does not work and believe it is something completely new.

- Episode 4: Jonas and the Template of Doom

The flatmates realize that they can scan binaries for cache activity and automatically build cache side-channel attacks with that, forming the concept of Cache Template Attacks. In the end, upon Jonas' suggestion, they retrieve the Template of Doom; but they also attack AES for instance.

- Episode 5: Drama with Manuel

Manuel hurt his leg and cannot move. The timing differences he introduces in the flat activity inspire the discovery of DRAM Addressing (DRAMA) side channels.

About the instructors

Who can take this course?

Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.

Interested in this course for your business or team?

Train your employees in the most in-demand topics, with edX For Business.