1 Information Security Theory vs. Reality 0368-4474-01, Winter
2012-2013 Lecture 1: Introduction Eran Tromer with guest appearance
by Daniel Genkin Slide 2 2 Case I Cryptographic algorithms vs. the
real world Slide 3 3 Cryptographic algorithms Model: Formal
security definitions (CPA, CCA1, CCA2, ) Well-studied algorithms
(RSA, AES, DES, ) Algorithmic attacks are believed infeasible.
Input: (plaintext, key) Output (ciphertext) Slide 4 4 ENGULF [Peter
Wright, Spycatcher, p. 84] In 1956, a couple of Post Office
engineers fixed a phone at the Egyptian embassy in London. Slide 5
5 ENGULF (cont.) The combined MI5/GCHQ operation enabled us to read
the Egyptian ciphers in the London Embassy throughout the Suez
Crisis. Slide 6 6 Case II Architectural attacks Slide 7 7 Cloud
Computing (Infrastructure as a Service) Instant virtual machines
Slide 8 8 Public Clouds (Amazon EC2, Microsoft Azure, Rackspace
Mosso) Instant virtual machines... for anyone Slide 9 9
Virtualization Instant virtual machines... for anyone on the same
hardware. Slide 10 10 Virtualization What if someone running on
that hardware is malicious? Slide 11 11 The Princess and the Pea A
Tale of Virtualization and Side Channels Slide 12 12
Virtualization: textbook description Hardware Virtual machine
manager Process OS Virtual memory 20 mattresses Slide 13 13
Cross-talk through architectural channels Hardware Virtual machine
manager Process OS Virtual memory Slide 14 14 Cross-talk through
architectural channels Hardware Virtual machine manager Process OS
Virtual memory Contention for shared hardware resources Slide 15 15
Cross-talk through architectural channels Hardware Virtual machine
manager OS Virtual memory cache Contention for shared hardware
resources Example: contention for CPU data cache AttackerVictim
Slide 16 16 Cross-talk through architectural channels Hardware
Virtual machine manager OS Virtual memory cache Contention for
shared hardware resources Example: contention for CPU data cache
AttackerVictim
