Main | Publications | Teaching |
Events
Boris Köpf
2024
Principled Microarchitectural Isolation on Cloud CPUs
Joint work with Stavros Volos, Cédric Fournet, Jana Hofmann,
and Oleksii Oleksenko
31st ACM Conference on Computer and Communications Security (CCS), 2024
Distinguished paper award
[pdf]
Gaussian Elimination of Side-channels: Linear Algebra for Memory Coloring
Joint work with Jana Hofmann, Cédric Fournet, and Stavros Volos
31st ACM Conference on Computer and Communications Security (CCS), 2024
[pdf]
Closed-form Bounds for DP-SGD against Record-level Inference Attacks
Joint work with Giovanni Cherubin, Andrew Paverd, Shruti Tople, Lukas Wutschitz, and Santiago Zanella-Béguelin
33rd USENIX Security Symposium, 2024
[pdf]
2023
Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions
Joint work with Jana Hofmann, Emanuele Vannacchi, Cédric Fournet, and Oleksii Oleksenko
32nd USENIX Security Symposium, 2023
[pdf]
Revizor: Testing Black-box CPUs against Speculation Contracts
Joint work with Oleksii Oleksenko, Christof Fetzer, and Mark Silberstein
IEEE Micro, vol. 43, no. 4, 2023
Top Picks version of the ASPLOS '22 paper
[pdf]
SoK: Let The Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning
Joint work with Ahmed Salem, Giovanni Cherubin, David Evans, Andrew Paverd, Anshuman Suri, Shruti Tople, and Santiago Zanella-Béguelin
44th IEEE Symposium on Security and Privacy (Oakland), 2023
[pdf]
Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing
Joint work with Oleksii Oleksenko, Marco Guarnieri, and Mark Silberstein
44th IEEE Symposium on Security and Privacy (Oakland), 2023
[pdf]
Bayesian Estimation of Differential Privacy
Joint work with Santiago Zanella-Béguelin, Shruti Tople, Lukas Wutschitz, Ahmed Salem, Victor Rühle, Andrew Paverd, Mohammad Naseri, and Daniel Jones
40th International Conference on Machine Learning (ICML), 2023
[pdf]
2022
Revizor: Testing Black-box CPUs against Speculation Contracts
Joint work with Oleksii Oleksenko, Christof Fetzer, and Mark Silberstein
27th Intl. Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2022
IEEE Micro Top Pick
[pdf]
2021
Grey-box Extraction of Natural Language Models
Joint work with Santiago Zanella-Béguelin, Shruti Tople, and Andrew Paverd
38th International Conference on Machine Learning (ICML), 2021
[bib][pdf]
Hardware-Software Contracts for Secure Speculation
Joint work with Marco Guarnieri, Jan Reineke, and Pepe Vila
42nd IEEE Symposium on Security and Privacy (Oakland), 2021
Best paper award
[bib][pdf]
2020
Analyzing Information Leakage of Updates to Natural Language Models
Joint work with Santiago Zanella Béguelin, Lukas Wutschitz, Shruti Tople, Victor Rühle, Andrew Paverd, Olga Ohrimenko, and Marc Brockschmidt
27th ACM Conference on Computer and Communications Security (CCS), 2020
[bib][pdf]
CacheQuery: Learning Replacement Policies from Hardware Caches
Joint work with Pepe Vila, Pierre Ganty, and Marco Guarnieri
41st ACM Conference on Programming Language Design and Implementation (PLDI), 2020
[bib][pdf]
Spectector: Principled Detection of Speculative Information Flows
Joint work with Marco Guarnieri, José F. Morales, Jan Reineke, and Andrés Sanchez
41st IEEE Symposium on Security and Privacy (Oakland), 2020
[bib][pdf]
2019
Theory and Practice of Finding Eviction Sets
Joint work with Pepe Vila and José F. Morales
40th IEEE Symposium on Security and Privacy (Oakland), 2019
[bib][pdf]
On Aggregation of Information in Timing Attacks
Joint work with Itsaka Rakotonirina
4th IEEE European Symposium on Security and Privacy (EuroS&P), 2019
[bib][pdf]
Timing Leaks and Coarse-grained Clocks
Joint work with Panagiotis Vasilikos, Flemming Nielson, and Hanne Riis Nielson
32th IEEE Computer Security Foundations Symposium (CSF), 2019
[bib][pdf]
On the Incomparability of Cache Algorithms in Terms of Timing Leakage
Joint work with Pablo Cañones and Jan Reineke
Logical Methods in Computer Science (LMCS), 2019
[bib][pdf]
2017
Loophole: Timing Attacks on Shared Event Loops in Chrome
Joint work with Pepe Vila
26th USENIX Security Symposium, 2017
Distinguished paper award
[bib][pdf]
Rigorous Analysis of Software Countermeasures against Cache Attacks
Joint work with Goran Doychev
38th ACM Conference on Programming Language Design and Implementation (PLDI), 2017
[bib][pdf]
Security Analysis of Cache Replacement Policies
Joint work with Pablo Cañones and Jan Reineke
6th Conference on Principles of Security and Trust (POST), 2017
[bib][pdf] (Extended version available at arXiv:1701.06481)
A Language-theoretic View on Network Protocols
Joint work with Pierre Ganty and Pedro Valero
9th International Symposium on Automated Technology for Verification and Analysis (ATVA), 2017
[bib][pdf]
A Systematic Study of Cache Side Channels across AES Implementations
Joint work with Heiko Mantel and Alexandra Weber
9th International Symposium on Engineering Secure Software and Systems (ESSoS), 2017
[bib][pdf]
2015
CacheAudit: A Tool for the Static Analysis of Cache Side Channels
Joint work with Goran Doychev, Laurent Mauborgne, and Jan Reineke
ACM Transactions on Information and Systems Security (TISSEC), 2015
Extends the USENIX Security '13 paper
[bib][pdf]
Rational Protection against Timing Attacks
Joint work with Goran Doychev
28th IEEE Computer Security Foundations Symposium (CSF), 2015
[bib][pdf]
Symbolic Polytopes for Quantitative Interpolation and Verification
Joint work with Klaus von Gleissenthall and Andrey Rybalchenko
27th International Conference on Computer Aided Verification (CAV), 2015
[bib][pdf]
Quantifying Information Flow in Cryptographic Systems
Joint work with Michael Backes
Mathematical Structures in Computer Science (MSCS), 2015
[bib][pdf]
2014
Leakage Resilience against Concurrent Cache Attacks
Joint work with Gilles Barthe, Laurent Mauborgne, and Martín Ochoa
3rd Conference on Principles of Security and Trust (POST), 2014
[bib][pdf]
2013
CacheAudit: A Tool for the Static Analysis of Cache Side Channels
Joint work with Goran Doychev, Dominik Feld, Laurent Mauborgne, and Jan Reineke
22nd USENIX Security Symposium, 2013
[bib][pdf][www][slides] (Extended version available at IACR ePrint 2013/253)
Preventing Side-Channel Leaks in Web Traffic: A Formal Approach
Joint work with Michael Backes and Goran Doychev
20th Network and Distributed Systems Security Symposium (NDSS), 2013
[bib][pdf]
Probabilistic Relational Reasoning for Differential Privacy
Joint work with Gilles Barthe, Federico Olmedo, and Santiago Zanella Béguelin
ACM Transactions on Programming Languages and Systems (TOPLAS), 2013
Extends the POPL '12 paper
[bib][pdf]
Verifying Information Flow Properties of Hybrid Systems
Joint work with Pavithra Prabhakar
2nd ACM International Conference on High Confidence Networked Systems (HiCoNS), 2013
[bib][pdf]
Automation of Quantitative Information-Flow Analysis
Joint work with Andrey Rybalchenko
13th International School on Formal Methods for the Design of Computer, Communication, and Software Systems (SFM), 2013
[bib][pdf]
2012
Probabilistic Relational Reasoning for Differential Privacy
Joint work with Gilles Barthe, Federico Olmedo, and Santiago Zanella Béguelin
39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 2012
[bib][pdf]
Automatic Quantification of Cache Side-Channels
Joint work with Laurent Mauborgne and Martín Ochoa
24th International Conference on Computer Aided Verification (CAV), 2012
[bib][pdf][slides] (Extended version available at IACR ePrint 2012/034)
2011
Information-Theoretic Bounds for Differentially Private Mechanisms
Joint work with Gilles Barthe
24th IEEE Computer Security Foundations Symposium (CSF), 2011
[bib][pdf][slides]
Automatically Deriving Information-Theoretic Bounds for Adaptive Side-Channel Attacks
Joint work with David Basin
Journal of Computer Security (JCS), 2011
Extends the CCS '07 paper
[bib][pdf]
Non-Uniform Distributions in Quantitative Information-Flow
Joint work with Michael Backes and Matthias Berg
6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2011
[bib][pdf]
2010
Approximation and Randomization for Quantitative Information-Flow
Analysis
Joint work with Andrey Rybalchenko
23rd IEEE Computer Security Foundations Symposium (CSF), 2010
[bib][pdf][slides]
Vulnerability Bounds and Leakage Resilience of Blinded Cryptography
under Timing Attacks
Joint work with Geoffrey Smith
23rd IEEE Computer Security Foundations Symposium (CSF), 2010
[bib][pdf][slides]
Speaker Recognition in Encrypted Voice Streams
Joint work with Michael Backes, Goran Doychev, and Markus Dürmuth
15th European Symposium on Research in Computer Security (ESORICS), 2010
[bib][pdf]
2009
Automatic Discovery and Quantification of Information Leaks
Joint work with Michael Backes and Andrey Rybalchenko
30th IEEE Symposium on Security and Privacy (Oakland), 2009
[bib][pdf][slides]
A Provably Secure and Efficient Countermeasure against Timing Attacks
Joint work with Markus Dürmuth
22nd IEEE Computer Security Foundations Symposium (CSF), 2009
[bib][pdf][slides]
2008
Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks
Joint work with Michael Backes
13th European Symposium On Research In Computer Security (ESORICS), 2008
[bib][pdf]
(Extended version available at IACR ePrint 2008/162)
2007
An Information-Theoretic Model for Adaptive Side-Channel Attacks
Joint work with David Basin
14th ACM Conference on Computer and Communications Security (CCS), 2007
[bib][pdf][slides]
Transformational Typing and Unification for Automatically Correcting Insecure Programs
Joint work with Heiko Mantel
International Journal of Information Security (IJIS), 2007
Extended version of the FAST '05 paper
[bib][pdf]
Formal Approaches to Countering Side-Channel Attacks
Ph.D. thesis, ETH Zurich, 2007
[bib][pdf]
2001-2006
Timing-Sensitive Information Flow Analysis for Synchronous Systems
Joint work with David Basin
11th European Symposium On Research In Computer Security (ESORICS), 2006
[bib][pdf][slides]
Eliminating Implicit Information Leaks by Transformational Typing and Unification
Joint work with Heiko Mantel
3rd Intl. Workshop on Formal Aspects of Security and Trust (FAST), 2005
[bib][pdf][slides]
Eliminating Timing Leaks by Unification
Joint work with Heiko Mantel
1st Intl. Workshop on Programming Language Interference and Dependence (PLID), 2004
[bib][pdf]
Fixed Parameter Algorithms on Planar Graphs
M.Sc. thesis, Universität Konstanz, 2002
[bib][pdf]
Fast and Simple Horizontal Coordinate Assignment
Joint work with Ulrik Brandes
9th Intl. Symposium on Graph Drawing (GD), 2001
[bib][pdf]
visone - Software for Visual Social Network Analysis.
Joint work with Michael Baur, Marc Benkert, Ulrik Brandes, Sabine Cornelsen, Marco Gaertler, Jürgen Lerner, and Dorothea Wagner
9th Intl. Symposium on Graph Drawing (GD), 2001
[bib][ps]