Hardware is often represented as an abstract layer that behaves correctly, executes instructions and produces a result. However, side effects due to the execution of computations on actual computers can lead to information leakage. Fault attacks also threaten security, by generating errors in the physical system and thus bypassing security mechanisms. Typically, information leakage from side-channel attacks includes power consumption or electromagnetic emissions, and fault attacks include altering the system’s power supply or clock. All of these attacks require physical access to the device. In contrast, my research activities since October 2015 have focused on side-channel and fault attacks that do not require physical access, and instead use the micro-architecture components of the processors. These attacks are software-based, and, therefore, remotely executable. The main research challenge in micro-architectural attacks is to build secure systems and hardware that are immune to these vulnerabilities. In this manuscript, I give a partial view of my contributions in this domain, focusing on the attack surface, one of the main issues we face. In the first part, we cover the hardware attack surface, i.e., the discovery of new side channels in unsuspected micro-architectural components. In the second part, we focus on a particular delivery method for side-channel attacks: web browsers.
defended on 24/05/2023