New security technical papers presented at the August 21 USENIX Security Symposium.
A number of hardware security-related technical papers were presented at the August 2021 USENIX Security Symposium. The organization provides open access research, and the presentation slides and papers are free to the public. Topics include side-channel attacks and defenses, embedded security, hardware security tokens, and more. Here are some highlights with associated links:
| Name of Paper | Research Organizations |
|---|---|
| SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript | ETH Zurich and VU Amsterdam |
| On the Usability of Authenticity Checks for Hardware Security Tokens | SBA Research, UC Irvine, Tokyo Institute of Technology, University of Vienna, CISPA Helmholtz Center for Info Security |
| Automatic Extraction Of Secrets From The Transistor Jungle Using Laser-Assisted Side-Channel Attacks | TU Berlin, Worcester Polytechnic, Fraunhofer SIT |
| Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical |
University of Illinois at Urbana-Champaign |
| Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend | ETH Zurich |
| VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface | School of Computer Science, University of Birmingham, UK |
| CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel | Ohio State University, Southern University of Science and Technology, Baidu Security, NIO Security Research |
| Cross-VM and Cross-Processor Covert Channels Exploiting Processor Idle Power Management | ShanghaiTech University |
| Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite | University of Maryland, Bilkent University |
| Does logic locking work with EDA tools? | Texas A&M University |
| CURE: A Security Architecture with CUstomizable and Resilient Enclaves | Technische Universität Darmstadt |
| DICE*: A Formally Verified Implementation of DICE Measured Boot | University of California, Davis, Microsoft Research, University of California, Davis |
| PEARL: Plausibly Deniable Flash Translation Layer using WOM coding | Stony Brook University |
| MIRAGE: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design | Georgia Institute of Technology |
| DOLMA: Securing Speculation with the Principle of Transient Non-Observability | University of Michigan |
| Osiris: Automated Discovery of Microarchitectural Side Channels | CISPA Helmholtz Center for Information Security |
| Swivel: Hardening WebAssembly against Spectre | UC San Diego, Worcester Polytechnic Institute, Intel Labs, UT Austin |
| Coco: Co-Design and Co-Verification of Masked Software Implementations on CPUs | Graz University of Technology, Lamarr Security Research |
| PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-Metal Embedded Applications | Purdue University, Indian Institute of Technology, Delhi, University of Central Oklahoma, University of Texas at Dallas |
| On the Design and Misuse of Microcoded (Embedded) Processors — A Cautionary Note | Ruhr University Bochum, Max Planck Institute for Security and Privacy, University of Massachusetts, Amherst |
| Jetset: Targeted Firmware Rehosting for Embedded Systems | UCSD, Oberlin College, University of Illinois at Urbana–Champaign |
A complete listing of all papers presented at this USENIX conference can be found here. Other topics covered include cryptography, authentication, usable security and privacy, private computation, cryptocurrency, machine learning, automated security analysis of source code and binaries, secure multiparty computation, fuzzing and more.
Note: Semiconductor Engineering is in the process of gathering content for a Technical Papers page for all technologies related to the chip industry. If you have a recent published paper that is relevant to the Semiconductor Engineering audience and would like it to be highlighted on the site, please send a link to [email protected]. We do not publish entire papers, but we do link to proper sources. This page will not include company-specific white papers.
Related
Semiconductor Engineering’s Security Knowledge Center
Special reports, top stories, blogs, videos and white papers on security.
Is There A Practical Test For Rowhammer Vulnerability?
New approaches surface for persistent DRAM issue.
IoT Security: Confusing And Fragmented
Regulations and compliance are inconsistent and often inadequate, but adding better security boosts cost and impacts performance and power.
Always On, Always At Risk
Chip security concerns rise with more processing elements, automatic wake-up, over-the-air updates, and greater connectivity.
New Security Risks Create Need For Stealthy Chips
Thinner dies and insulation layers add vulnerabilities for better hacker tools. Solutions do exist, but there are tradeoffs and no guarantees.
Security Concerns Rise For Connected Autos
Value of automotive data increases, widening the attack surface.
Leave a Reply