Maria Mushtaq

Title Night's Watch: Because the night is dark and full of [side-channel] terrors!
Abstract

Information security is fast becoming a first-class design constraint in almost all domains of computing. Modern cryptographic algorithms are used to protect information at the software level. These algorithms are theoretically sound and require enormous computing power to break with bruteforce. For instance. However, recent research has shown that cryptosystems, such as AES and others as well, can be compromised due to the vulnerabilities of underlying hardware on which they run. Side-Channel Attacks exploit such physical vulnerabilities by targeting the underlying platforms on which these cryptosystems execute. The SCAs can use a variety of physical parameters, e.g., power consumption, electromagnetic radiation, memory accesses and timing patterns to extract secret keys/information. The baseline idea here is that the SCAs can exploit the variations in these parameters during the execution of cryptosystems on a particular hardware and can determine the secret information used by cryptosystems based on the observed parameters. In this talk, we shall discuss the attack vector, its potential implications, detection mechanisms and mitigation approaches.

Bio

Maria Mushtaq is a scientific researcher at LIRMM-CNRS, University of Montpellier (UM), France. She holds a PhD in information security from Lab-STICC, University of South Brittany (UBS), France. Maria has specific expertise in developing runtime detection and mitigation solutions against side-channel information leakage in computing systems. Her research interests mainly focus on cryptanalysis, constructing and validating software security components, and constructing OS-based security primitives against various hardware vulnerabilities.