YoVDO

Plundervolt - Flipping Bits from Software Without Rowhammer

Offered By: media.ccc.de via YouTube

Tags

Conference Talks Courses Cybersecurity Courses System Security Courses Cryptographic Algorithms Courses Fault Attacks Courses

Course Description

Overview

Explore the Plundervolt attack, a software-based fault attack primitive that exploits privileged interfaces to undermine system security by manipulating processor frequency and voltage. Learn how this technique can be used to recover cryptographic keys and induce memory safety vulnerabilities in Intel SGX enclaves. Discover the implications of this vulnerability (CVE-2019-11157), its comparison to Rowhammer, and the challenges in mitigating such attacks. Gain insights into the research process, real-world attack scenarios, and the potential impact on trusted computing environments.

Syllabus

Intro
Clockscrew
VFS
TrustZone
Intel
Tools
Writing the code
How does it work
Rowhammer failed
AES
Plundervolt
Thunderbolt
QA
Is it practical
Hardware
Questions
Memory Access
Microcode update
Secure Enclave
Remote exploit


Taught by

media.ccc.de

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube