About the talk
Researchers present TLBleed, a novel side-channel attack that leaks information out of Translation Lookaside Buffers (TLBs). TLBleed shows a reliable side channel without relying on the CPU data or instruction caches. This, therefore, bypasses several proposed CPU cache side-channel protections. Their TLBleed exploit successfully leaks a 256-bit EdDSA key from
Further, they show how another exploit based on TLBleed can leak bits from the side-channel resistant RSA implementation in
Security Researcher, Vrije Universiteit AmsterdamBen Gras has been in the VUSec security research group since 2015. He has worked on software reliability, defensive research projects, and most recently, offensive research. The offensive research was most noticeably making cross-VM Rowhammer exploitation reliable and a cache-based MMU side-channel attack. Most recently is this TLB side channel. He also can raise one eyebrow independently of the other.
In Feb-July 2017, he did a research internship with Cisco in the security research group in Knoxville, TN.
He is presently pursuing a Ph.D. in mischief.
Security Researcher, Vrije Universiteit AmsterdamKaveh Razavi is a security researcher at the Vrije Universiteit Amsterdam in the Netherlands. He is currently most interested in reliable exploitation and mitigation of hardware vulnerabilities and side-channel attacks on OS/hardware interfaces. He has previously been part of a CERT team specializing on operating system security, has worked on authentication systems of a Swiss bank, and has spent two summers in Microsoft Research building large-scale system prototypes. He holds a BSc from the Sharif University of Technology, Tehran, an MSc from ETH Zurich and a Ph.D. from Vrije Universiteit Amsterdam.