⚡ Breaking "Perfect" Security with Timing Attacks - grhkm

Channel:
United Kingdom UWCS - University of Warwick Computing Society
Subscribers:
2,950
Published on ● Video Link: https://www.youtube.com/watch?v=OC5D6DD1-_w


Duration: 13:33
3,415 views
120

Just because a computer system is cryptographically secure, doesn't mean we can't break it in other ways. This talk introduces and explores timing attacks and more generally side-channel attacks, on real world examples. While usually easy to fix, they can be subtle to spot, and lead to critical vulnerabilities if not properly considered when writing secure code.

Talk by grhkm ( https://grhkm21.github.io/ )

Links:
https://nvd.nist.gov/vuln/detail/CVE-2019-18887
https://mystiz.hk/posts/2021/2021-11-27-balsn-dlog/
https://www.usenix.org/conference/usenixsecurity20/presentation/van-goethem

00:00 - Introduction
00:43 - "Perfect" Code
02:38 - First Timing Attack
03:56 - Case Study: Symfony
06:50 - Case Study: RSA
09:28 - Timeless Timing Attacks
12:21 - Conclusion



Other Videos By UWCS - University of Warwick Computing Society


2023-11-28X-Soc Python - Data Processing
2023-11-19⚡Talking about Emacs for 11 minutes - Aidan H
2023-11-11⚡ Cursed Turing Completeness - Joel C
2023-11-06⚡The Mathematics of Lasagne - Edmund G
2023-11-02X-Soc Python - Classes, Libraries & Readability
2023-10-26X-Soc Python - Files & the Command Line
2023-10-19X-Soc Python: Lists & Loops
2023-10-12X-Soc Python: Flow Control and Functions
2023-10-12🐍 Python Basics Sample Solutions: Variables, Datatypes, Debugging
2023-10-06X-Soc Python: Variables, Datatypes & Debugging
2023-05-23⚡ Breaking "Perfect" Security with Timing Attacks - grhkm
2023-05-07⚡ Making QR Code Art - Felix B
2023-05-02⚡ 5 Horrifying Python Techniques to get you fired - Andrew L
2023-03-24The Graduate Experience - Abhyuday R
2023-03-08Why AI Academia is Dying (and how to fix it) - Herbie B
2023-03-05Why Rust is bad, actually*
2023-03-03⚡ How Computers (try to) Keep Time - Joel C
2023-01-28Java: What They Don't Teach You
2022-12-24⚡Interpreting Neural Networks - Avi S
2022-12-21⚡ Type Level Arithmetic in Haskell - Felix B
2022-12-19⚡ Formal Concept Analysis - Josh F


Tags:
computing
uwcs
university
society
coding
programming
crypto
cryptography
hashing
RSA
timing attacks
side channel attacks
breaking RSA
computer security
security vulnerability
computer science