March 6, 2013
Computing and information sciences distinguished lecture: 'How to Misuse, Use and Mitigate Side Channels in Virtualized Environments'
Mike Reiter, from the department of computer science at the University of North Carolina at Chapel Hill, will present "How to Misuse, Use and Mitigate Side Channels in Virtualized Environments" at 12:30 p.m. March 7 in 126 Nichols Hall.
Abstract: Usually, a side channel is an attack against a cryptographic algorithm that leverages aspects of the algorithm's implementation, versus relying entirely on its abstract design or underlying assumptions. Side channels have been studied for decades but have received renewed attention due to the increasing use of virtualization to isolate mutually distrustful virtual machines, or VMs, from each other — such as in clouds — thereby highlighting the question of whether modern virtualization techniques do an adequate job of isolating VMs against side-channel attacks from their co-tenants. In this talk we will answer this question in the negative, and then paradoxically show how side channels can be used constructively to help defend cloud-resident VMs from abuse by others. Finally, we will describe a novel design for cloud environments to mitigate potential sources of side channels.
Reiter is the Lawrence M. Slifkin distinguished professor in the department of computer science at the University of North Carolina. He received a bachelor's degree in mathematical sciences from North Carolina in 1989, and a master's and doctoral degrees in computer science from Cornell University in 1991 and 1993, respectively. He joined AT&T Bell Labs in 1993 and became a founding member of AT&T Labs — Research when NCR and Lucent Technologies, including Bell Labs, were split away from AT&T in 1996. He then returned to Bell Labs in 1998 as director of secure systems research. In 2001, he joined Carnegie Mellon University as a professor of electrical and computer engineering and computer science, where he was also the founding technical director of CyLab. He joined the faculty at University of North Carolina in 2007.
Reiter's research interests include all areas of computer and communications security and distributed computing. He regularly publishes and serves on conference organizing committees in these fields. He served as program chair for the flagship computer security conferences of the IEEE, the ACM and the Internet Society; as editor-in-chief of ACM Transactions on Information and System Security; and on the editorial boards of IEEE Transactions on Software Engineering, IEEE Transactions on Dependable and Secure Computing, the International Journal of Information Security, and Communications of the ACM. He also served on the emerging technology and research advisory committee for the United States Department of Commerce for four years. Reiter was named an ACM fellow in 2008.