Home Platypus: Power Side Channels in Software
Red Hat Research Days February 2022 main banner with speakers profiles and event details

Platypus: Power Side Channels in Software

June’s event in the Red Hat Research Days monthly series will focus on side-channel attacks featured by security researchers from Graz University of Technology. The event will take place on June 23rd from 4PM to 6PM CEST (10AM EDT, 5PM IDT). TU Graz computer scientists Daniel Gruss and Moritz Lipp will present Platypus attacks: a method that allows power side-channel attacks even without physical access. The whole session will be accompanied by a live interactive discussion led by Jon Masters, creator of the Red Hat Arm and microprocessor side-channel security vulnerability mitigation efforts. The discussion will be open to all attendees interested in exploring this topic deeper.

Abstract
In this talk, we will demonstrate how we can attack modern processors purely in software, using techniques from classical power side-channel attacks. We explain how we abuse the unprivileged access to energy-monitoring features of modern Intel and AMD CPUs. With Platypus, we show how to steal cryptographic keys from the operating system or trusted-execution environments, and how to break kernel address-space layout randomization within seconds. Finally, we discuss the mitigations that prevent our attacks.

Learn more about Platypus

Speakers
Daniel Gruss, Assistant Professor at Graz University of Technology
Moritz Lipp, University Assistant and PhD candidate at Graz University of Technology.

Conversation Leader
Jon Masters, Computer Architect and Distinguished Engineer at Red Hat


Session recording

Date

Jun 23 2021
Expired!

Time

EDT
10:00 am - 12:00 pm

Local Time

  • Timezone: America/New_York
  • Date: Jun 23 2021
  • Time: 10:00 am - 12:00 pm

Location

Virtual
Category

Organizer

Brno Research
Email
research-brno@redhat.com

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.