Abstract: Modern computers run on top of complex processors, but complexity is the worst enemy of security. Scientists and engineers have consistently tried to develop secure software systems for decades. However, my work shows that new classes of vulnerabilities in complicated processors can break the security guarantees provided by software systems, cryptographic protocols, and privacy technologies. In this talk, I will give an overview of my work on discovering, evaluating, and mitigating such vulnerabilities. First, I will talk about side-channel attacks on cryptographic implementations. Second, I will discuss vulnerabilities at the microarchitecture level. Finally, I highlight my future work on improving security and privacy through automated testing for hardware vulnerabilities and hardware-software co-design.
Bio: Daniel Moghimi (https://moghimi.org) is a postdoctoral fellow in Computer Science and Engineering at UCSD. Previously, he received his MS.c in CS and Ph.D. in ECE from Worcester Polytechnic Institute. He develops new techniques and tools to discover new classes of vulnerabilities in hardware, evaluate their impact on software, particularly cryptography, and defend against these vulnerabilities. His work has improved the security of commodity processors and cryptographic products used by billions of users worldwide. Several of his publications have been covered by the news media such as Forbes, Wired, and The Register.