TITLE: Building Trusted Systems on Top of Leaky Abstractions

ABSTRACT:

A modern application’s safety and security relies on a staggeringly complex stack of abstractions, from software libraries and operating systems to firmware and chip architectural choices. Often, performance-oriented design choices at a lower level can impact security in surprising ways and have no clean fix.

This talk will cover how I construct secure and deployable systems without needing to know the adversary’s exact technique. To understand the threat posed by leaky abstractions, I first detail my work on a novel class of side-channel attacks. With this as motivation, I present my Fuzzyfox project for securing the Firefox web browser against all known and unknown timing attacks. Finally, I describe a new way to construct trusted systems leveraging both software and hardware in the Keystone Trusted Execution Environment Framework and future projects.

BIO:

David Kohlbrenner is a postdoctoral scholar working with Dawn Song at UC Berkeley. He previously received his Ph.D. from UC San Diego, where he was advised by Hovav Shacham.

His research focuses on building deployable secure systems with both hardware and software. Adaptations of his research have been deployed in Firefox, Chrome, and the Linux kernel. His adversarial research discovered major vulnerabilities in popular web browsers, resulting in extensive changes to Chrome, Safari, and Firefox. Kohlbrenner also co-founded the San Diego-based embedded security company Somerset Recon in 2012.