What you will learn
- Ability to spot side channels.
- Ability to utilize side channels to leak information.
- Understand how side channels can be mitigated.
- High-level overview of side channel attacks in the real world and in computers.
Side channels are everywhere. They allow attackers to steal secret information that is protected and never directly exposed to the attacker. They are incredibly powerful and have disrupted the world in the last years, especially with attacks like Meltdown and Spectre that impacted most computers on the planet. You have also likely seen side channels and used them already yourself.
In this program, consisting of two courses, you will learn and practice the side-channel mindset , understand how to spot side channels in the real-world and how to use them in non-technical and semi-technical settings. The first course will provide you with the ability to spot side channels and the security problems they introduce in your job, research, studies, and in everyday life. In both courses, you will solve simple exercises using side channels in the real world and on computer systems to practically apply the acquired skills.
The first course requires no programming skills and has an entirely web-based exercise. In the second course, you will need basic programming skills (reading C code is required). We will provide you with all basics beyond that, including basics on operating systems, computer architecture, cryptography, and most importantly side-channel analysis. You will learn and practice how basic software-based side channels work and how you can mitigate them to protect yourself as well as the hardware and software you develop. We will provide you with Docker containers (and a tutorial on how to use them), to run the exercises on your own computer.
Daniel Gruss is a internationally renowned expert in side-channel research and has written many seminal works in this field and presented them at renowned international conferences, especially on transient-execution attacks that affected the entire industry and defenses that have been implemented in all operating systems.
Courses in this program
TUGrazX's Side Channel Security Basics Professional Certificate
- 1–3 hours per week, for 10 weeks
Side channels are everywhere. They are incredibly powerful and have disrupted the world in the last years, especially with attacks like Meltdown and Spectre that impacted most computers on the planet. You also have seen side channels and used them already yourself. In this course, you will learn and practice the side-channel mindset and how to spot side channels in the real-world and how to use them in non-technical and semi-technical settings.
- 2–3 hours per week, for 10 weeks
Side channels exist in the real world, but they also exist in computers and can be exploited directly from software. This is a substantial computer security problem today, that we need to learn about to be able to stop attacks. In this course, you will learn and practice basic software-based side channels and understand the thought process to utilize a side channel. You will then learn how to mitigate or avoid side channels in software.
- This course is particularly beneficial if you work in or pursue a career as an offensive security engineer, security architect, embedded software engineer, research scientist, cryptologist, or blockchain engineer.
- Expertise on side channel discovery and mitigation is relevant to most computer technology companies today, including companies like Qualcomm, Nvidia, Intel, Microsoft, PayPal, and Facebook.
- Expertise in side channel security will advance your skills in vulnerability discovery and mitigation, penetration testing, threat modelling, and risk assessment. You will also acquire knowledge on C, computer architectures, and cryptographic algorithms.
Meet your instructor from Graz University of Technology (TUGrazX)
Experts from TUGrazX committed to teaching online learning