Fri, 28. Jun. 2019 Davi, Lucas
Run-Time Attack Tutorial in Sibenik, Croatia
Why software errors can undermine crypto algorithms? Tutorial at the Real-World Crypto and Privacy Summer School in Sibenik, Croatia.
How can hackers compromise the program-flow of software and which mitigation technologies have been developed over the last decades to protect software against attacks? Our group offered a tutorial on software exploits and defenses at the Real-World Crypto and Privacy Summer School. The 40 participants got an overview on existing state-of-the-art attacks and defenses, and developed proof-of-concept exploits on a test system. The proof-of-concept exploits demonstrated that programming errors in software can be abused by an attacker to steal or derive cryptographic keys of otherwise secure crypto algorithms. This shows that developing secure software systems is essential to enable secure integration of crypto algorithms.