Ivan Puddu
YOU?
Author Swipe
View article: Breaking Bad: How Compilers Break Constant-Time Implementations
Breaking Bad: How Compilers Break Constant-Time Implementations Open
The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid. Ex…
View article: On (the Lack of) Code Confidentiality in Trusted Execution Environments
On (the Lack of) Code Confidentiality in Trusted Execution Environments Open
Trusted Execution Environments (TEEs) have been proposed as a solution to protect code confidentiality in scenarios where computation is outsourced to an untrusted operator. We study the resilience of such solutions to side-channel attacks…
View article: Using Local Cache Coherence for Disaggregated Memory Systems
Using Local Cache Coherence for Disaggregated Memory Systems Open
Disaggregated memory provides many cost savings and resource provisioning benefits for current datacenters, but software systems enabling disaggregated memory access result in high performance penalties. These systems require intrusive cod…
View article: On (the Lack of) Code Confidentiality in Trusted Execution Environments
On (the Lack of) Code Confidentiality in Trusted Execution Environments Open
Trusted Execution Environments (TEEs) have been proposed as a solution to protect code confidentiality in scenarios where computation is outsourced to an untrusted operator. We study the resilience of such solutions to side-channel attacks…
View article: It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones
It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones Open
Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust …
View article: Composite Enclaves: Towards Disaggregated Trusted Execution
Composite Enclaves: Towards Disaggregated Trusted Execution Open
The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized hardware, which is readily available across modern datacenters through disaggregated infrastructure. On the other hand, trusted execution envi…
View article: CODIC: A Low-Cost Substrate for Enabling Custom In-DRAM Functionalities\n and Optimizations
CODIC: A Low-Cost Substrate for Enabling Custom In-DRAM Functionalities\n and Optimizations Open
DRAM is the dominant main memory technology used in modern computing systems.\nComputing systems implement a memory controller that interfaces with DRAM via\nDRAM commands. DRAM executes the given commands using internal components\n(e.g.,…
View article: IChannels: Exploiting Current Management Mechanisms to Create Covert Channels in Modern Processors
IChannels: Exploiting Current Management Mechanisms to Create Covert Channels in Modern Processors Open
To operate efficiently across a wide range of workloads with varying power requirements, a modern processor applies different current management mechanisms, which briefly throttle instruction execution while they adjust voltage and frequen…
View article: CODIC: A Low-Cost Substrate for Enabling Custom In-DRAM Functionalities and Optimizations
CODIC: A Low-Cost Substrate for Enabling Custom In-DRAM Functionalities and Optimizations Open
DRAM is the dominant main memory technology used in modern computing systems. Computing systems implement a memory controller that interfaces with DRAM via DRAM commands. DRAM executes the given commands using internal components (e.g., ac…
View article: Rethinking software runtimes for disaggregated memory
Rethinking software runtimes for disaggregated memory Open
Disaggregated memory can address resource provisioning inefficiencies in current datacenters. Multiple software runtimes for disaggregated memory have been proposed in an attempt to make disaggregated memory practical. These systems rely o…
View article: Sovereign Smartphone: To Enjoy Freedom We Have to Control Our Phones
Sovereign Smartphone: To Enjoy Freedom We Have to Control Our Phones Open
The majority of smartphones either run iOS or Android operating systems. This has created two distinct ecosystems largely controlled by Apple and Google - they dictate which applications can run, how they run, and what kind of phone resour…
View article: PIE: A Platform-wide TEE
PIE: A Platform-wide TEE Open
While modern computing architectures rely on specialized hardware such as accelerators to provide performance and functionality, trusted execution environments (TEEs), one of the most promising recent developments in security, can only pro…
View article: PIE: A Dynamic TCB for Remote Systems with a Platform Isolation Environment.
PIE: A Dynamic TCB for Remote Systems with a Platform Isolation Environment. Open
Trusted execution environments (TEE) remove the OS and the hypervisor from the trusted computing base (TCB) and provide isolation to applications, known as enclaves. TEEs also provide remote attestation, which allows a remote verifier to c…
View article: Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend
Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend Open
We introduce a new timing side-channel attack on Intel CPU processors. Our Frontal attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observ…
View article: I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks
I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks Open
Low-power wide area networks (LPWANs), such as LoRa, are fast emerging as the preferred networking technology for large-scale Internet of Things deployments (e.g., smart cities). Due to long communication range and ultra low power consumpt…
View article: Project PBerry
Project PBerry Open
Recent research efforts propose remote memory systems that pool memory from multiple hosts. These systems rely on the virtual memory subsystem to track application memory accesses and transparently offer remote memory to applications. We o…
View article: TEEvil: Identity Lease via Trusted Execution Environments
TEEvil: Identity Lease via Trusted Execution Environments Open
We investigate identity lease, a new type of service in which users lease their identities to third parties by providing them with full or restricted access to their online accounts or credentials. We discuss how identity lease could be ab…
View article: Dataplant: Enhancing System Security with Low-Cost In-DRAM Value Generation Primitives
Dataplant: Enhancing System Security with Low-Cost In-DRAM Value Generation Primitives Open
DRAM manufacturers have been prioritizing memory capacity, yield, and bandwidth for years, while trying to keep the design complexity as simple as possible. DRAM chips do not carry out any computation or other important functions, such as …
View article: ProximiTEE: Hardened SGX Attestation and Trusted Path through Proximity Verification
ProximiTEE: Hardened SGX Attestation and Trusted Path through Proximity Verification Open
Intel's Software Guard Extensions (SGX) enables isolated execution environments, called enclaves, on untrusted operating systems (OS), and thus it can improve the security for various applications and online services. However, SGX has also…
View article: I Send, Therefore I Leak
I Send, Therefore I Leak Open
Low-power wide area networks (LPWANs), such as LoRa, are fast emerging as the preferred networking technology for large-scale Internet of Things deployments (e.g., smart cities). Due to long communication range and ultra low power consumpt…