Real World Security: From Theory to Practice and Back Again

The security of any system relies on models and assumptions that attempt to capture potential adversarial behavior. Unfortunately, when faced with real world adversaries, these assumptions often become flaky, inaccurate or even completely incorrect. In this talk, I will show several examples of this gap between theoretical and real-world security. First, I will present Spectre and Meltdown, two microarchitectural attacks that read protected OS kernel memory by exploiting speculative execution, a performance optimization typically performed by all modern CPUs. Second, I will show how to utilize unintentional physical side-channel leakage from complex computing devices in order to extract secret cryptographic keys. Finally, on the defensive side, I will show how to bridge theory and practice by discussing how to construct and deploy verifiable computation schemes for arbitrary C programs.

The talk will discuss cryptographic techniques and will include live demonstrations.
Daniel Genkin is currently a Postdoctoral Fellow at the University of Pennsylvania and the University of Maryland where he is hosted by Prof. Nadia Heninger and Prof. Jonathan Katz. He earned his Ph.D. in 2016 from the Computer Science Department at the Technion "” Israel's Institute of Technology, where he was co-advised by Prof. Yuval Ishai and Prof. Eran Tromer.

Daniel's research interests are in cryptography and systems security. He is interested in both theory and practice with particular interests in side-channel attacks, hardware security, cryptanalysis, secure multiparty computation (MPC), verifiable computation and SNARKS.