How to Misuse, Use, and Mitigate Side Channels in Virtualized Environments
Michael Reiter, University of North Carolina
April 16, 2013 2:30pm, in DC 1304
A side channel is an attack against (usually) a cryptographic algorithm that leverages aspects of the algorithm's implementation, versus relying entirely on its abstract design or underlying assumptions. Side channels have been studied for decades but have received renewed attention due to the increasing use of virtualization to isolate mutually distrustful virtual machines (VMs) from each other (e.g., in clouds), thereby highlighting the question of whether modern virtualization techniques do an adequate job of isolating VMs against side-channel attacks from their co-tenants. In this talk we will answer this question in the negative, and then paradoxically show how side channels can be used constructively to help defend cloud-resident VMs from abuse by others. Finally, we will describe a novel design for cloud environments to mitigate potential sources of side channels.
Michael Reiter is the Lawrence M. Slifkin Distinguished Professor in the Department of Computer Science at the University of North Carolina at Chapel Hill (UNC). He received the B.S. degree in mathematical sciences from UNC in 1989, and the M.S. and Ph.D. degrees in Computer Science from Cornell University in 1991 and 1993, respectively. He joined AT&T Bell Labs in 1993 and became a founding member of AT&T Labs – Research when NCR and Lucent Technologies (including Bell Labs) were split away from AT&T in 1996. He then returned to Bell Labs in 1998 as Director of Secure Systems Research. In 2001, he joined Carnegie Mellon University as a Professor of Electrical & Computer Engineering and Computer Science, where he was also the founding Technical Director of CyLab. He joined the faculty at UNC in 2007.
Dr. Reiter's research interests include all areas of computer and communications security and distributed computing. He regularly publishes and serves on conference organizing committees in these fields. He served as program chair for the flagship computer security conferences of the IEEE, the ACM, and the Internet Society; as Editor-in-Chief of ACM Transactions on Information and System Security; and on the editorial boards of IEEE Transactions on Software Engineering, IEEE Transactions on Dependable and Secure Computing, the International Journal of Information Security, and Communications of the ACM. He also served on the Emerging Technology and Research Advisory Committee for the United States Department of Commerce for four years. Dr. Reiter was named an ACM Fellow in 2008.