University of Minnesota
Security and Privacy in Computing
index.php

Readings on: architecture-level security

Optional background reading: Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. “A Systematic Evaluation of Transient Execution Attacks and Defenses” In USENIX Security Symposium, August 2019.
[USENIX]

Candidate main reading: Federico Canale, Tim Güneysu, Gregor Leander, Jan Philipp Thoma, Yosuke Todo, and Rei Ueno. “SCARF — A Low-Latency Block Cipher for Secure Cache-Randomization”. In USENIX Security Symposium, August 2023.
[USENIX]

Main reading for Tuesday, March 26th: Daniel Katzman, William Kosasih, Chitchanok Chuengsatiansup, Eyal Ronen, and Yuval Yarom. “The Gates of Time: Improving Cache Attacks with Transient Execution”. In USENIX Security Symposium, August 2023.
[USENIX]

Main reading for Thursday, March 28th: Yuanyuan Yuan, Zhibo Liu, and Shuai Wang. “CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software”. In USENIX Security Symposium, August 2023.
[USENIX]

Candidate main reading: Luca Di Bartolomeo, Hossein Moghaddas, and Mathias Payer. “ARMore: Pushing Love Back Into Binaries”. In USENIX Security Symposium, August 2023.
[USENIX]

Candidate main reading: Xhani Marvin Saß, Richard Mitev, and Ahmad-Reza Sadeghi. “Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M”. In USENIX Security Symposium, August 2023.
[USENIX]

Candidate main reading: Jana Hofmann, Emanuele Vannacci, Cédric Fournet, Boris Köpf, and Oleksii Oleksenko. “Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions”. In USENIX Security Symposium, August 2023.
[USENIX]

Candidate main reading: Zhiyuan Zhang, Mingtian Tao, Sioli O'Connell, Chitchanok Chuengsatiansup, Daniel Genkin, and Yuval Yarom. “BunnyHop: Exploiting the Instruction Prefetcher”. In USENIX Security Symposium, August 2023.
[USENIX]

Bonus last-minute addition: Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher W. Fletcher, David Kohlbrenner, Riccardo Paccagnella, and Daniel Genkin. “GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers”. Whitepaper from disclosure web site, apparently submitted to USENIX Security 2024.
[self-published]