[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:04.68,0:00:12.63,Default,,0000,0000,0000,,{\i1}rc3 preroll music{\i0}
Dialogue: 0,0:00:12.63,0:00:17.34,Default,,0000,0000,0000,,Herald: In the world of bad puns, everyone\Nknows and loves the famous line from the
Dialogue: 0,0:00:17.34,0:00:22.81,Default,,0000,0000,0000,,cinematic masterpiece, where the IT\Nsecurity specialists ask the CPU architect
Dialogue: 0,0:00:22.81,0:00:30.05,Default,,0000,0000,0000,,"Warum leakt hier Strom?" or in English,\N"why is power leaking here?". In this talk
Dialogue: 0,0:00:30.05,0:00:35.66,Default,,0000,0000,0000,,our four speakers demonstrate how they can\Nattack modern processors purely in
Dialogue: 0,0:00:35.66,0:00:43.08,Default,,0000,0000,0000,,software, relying on technical, techniques\Nfrom classical power side channel attacks.
Dialogue: 0,0:00:43.08,0:00:47.47,Default,,0000,0000,0000,,They'll explain how to use these\Nunprivileged access to energy monitoring
Dialogue: 0,0:00:47.47,0:00:53.96,Default,,0000,0000,0000,,features and modern Intel and AMD CPU's.\NPlease welcome with a round of digital
Dialogue: 0,0:00:53.96,0:00:58.45,Default,,0000,0000,0000,,applause. Moritz Lipp, Michael Schwarz,\NDaniel Gruss and Andreas Kogler.
Dialogue: 0,0:01:07.58,0:01:11.46,Default,,0000,0000,0000,,Moritz: Warum leaked hier Strom?\N{\i1}laugh track{\i0}
Dialogue: 0,0:01:11.46,0:01:13.71,Default,,0000,0000,0000,,Andreas: Und warum wendest du \Nkein Masking an?
Dialogue: 0,0:01:13.71,0:01:16.77,Default,,0000,0000,0000,,{\i1}laugh track{\i0}
Dialogue: 0,0:01:16.77,0:01:20.76,Default,,0000,0000,0000,,Daniel: But to understand how we got here,\Nwe have to go back to San Diego in May
Dialogue: 0,0:01:20.76,0:01:23.34,Default,,0000,0000,0000,,2017.\NA: This is a great, Moritz, this is
Dialogue: 0,0:01:23.34,0:01:26.03,Default,,0000,0000,0000,,a great talk title. We have to use this.\N{\i1}laugh track{\i0}
Dialogue: 0,0:01:26.03,0:01:29.74,Default,,0000,0000,0000,,M: Yeah, but actually, before we can\Ndo a talk, we should do some interesting
Dialogue: 0,0:01:29.74,0:01:32.01,Default,,0000,0000,0000,,research that we can present, right?\N{\i1}laugh track{\i0}
Dialogue: 0,0:01:32.01,0:01:35.63,Default,,0000,0000,0000,,A: Of course. Of course. But we have\Nto remember this talk title, it's great.
Dialogue: 0,0:01:35.63,0:01:36.60,Default,,0000,0000,0000,,{\i1}laugh track{\i0}\NM: Yes.
Dialogue: 0,0:01:36.60,0:01:47.99,Default,,0000,0000,0000,,{\i1}music{\i0}
Dialogue: 0,0:01:47.99,0:01:51.26,Default,,0000,0000,0000,,Michael: Hey Moritz. Today I have found\Nsomething really cool.
Dialogue: 0,0:01:51.26,0:01:54.65,Default,,0000,0000,0000,,Moritz: OK, what is it?\NMichael: Our computers, they give
Dialogue: 0,0:01:54.65,0:01:59.40,Default,,0000,0000,0000,,us the current energy consumption in\Nmicrojoule and you can access that
Dialogue: 0,0:01:59.40,0:02:00.65,Default,,0000,0000,0000,,from userspace.\N{\i1}laugh track{\i0}
Dialogue: 0,0:02:00.65,0:02:05.20,Default,,0000,0000,0000,,Moritz: What? Are you for real?\NMichael: That, that basically means we
Dialogue: 0,0:02:05.20,0:02:08.54,Default,,0000,0000,0000,,could mount something like software based\Npower side channels.
Dialogue: 0,0:02:08.54,0:02:13.40,Default,,0000,0000,0000,,Moritz: Nice. We should try that out.\NMichael: Yes, I already did, because I
Dialogue: 0,0:02:13.40,0:02:15.70,Default,,0000,0000,0000,,thought you might not believe me.\NMoritz: OK.
Dialogue: 0,0:02:15.70,0:02:20.58,Default,,0000,0000,0000,,Michael: So this is one of the experiments\NI did. Here you can already see that. I
Dialogue: 0,0:02:20.58,0:02:23.72,Default,,0000,0000,0000,,measured the power consumption using that\Ninterface.
Dialogue: 0,0:02:23.72,0:02:26.32,Default,,0000,0000,0000,,Moritz: yeah\NMichael: First while doing nothing, idling
Dialogue: 0,0:02:26.32,0:02:28.05,Default,,0000,0000,0000,,around sleeping\NMoritz: like always
Dialogue: 0,0:02:28.05,0:02:34.59,Default,,0000,0000,0000,,Michael: and then I increased the CPU\Nload, I just did an endless loop which
Dialogue: 0,0:02:34.59,0:02:38.25,Default,,0000,0000,0000,,accessed a bit of memory. It's nothing\Ninteresting but you can already see the
Dialogue: 0,0:02:38.25,0:02:42.12,Default,,0000,0000,0000,,difference for that. So you can see that\Nthere's a difference in doing nothing and
Dialogue: 0,0:02:42.12,0:02:47.28,Default,,0000,0000,0000,,doing a lot. That's pretty nice.\NMoritz: We should look take a closer look
Dialogue: 0,0:02:47.28,0:02:49.82,Default,,0000,0000,0000,,at that, I think.\NMichael: Definitely.
Dialogue: 0,0:02:49.82,0:02:53.90,Default,,0000,0000,0000,,{\i1}music{\i0}
Dialogue: 0,0:02:53.90,0:02:57.19,Default,,0000,0000,0000,,Moritz: {\i1}sings{\i0} You can create \Nmy power trace
Dialogue: 0,0:02:57.19,0:02:59.01,Default,,0000,0000,0000,,Andreas: Oh, this is great. We already
Dialogue: 0,0:02:59.01,0:03:05.48,Default,,0000,0000,0000,,have a song for this paper now. Okay.\NWell, this is a great song that we can use
Dialogue: 0,0:03:05.48,0:03:06.53,Default,,0000,0000,0000,,for the paper...
Dialogue: 0,0:03:06.53,0:03:13.07,Default,,0000,0000,0000,,{\i1}music{\i0}
Dialogue: 0,0:03:13.07,0:03:16.54,Default,,0000,0000,0000,,Michael: Powertrace, \Nlike power analysis attacks?
Dialogue: 0,0:03:16.75,0:03:20.84,Default,,0000,0000,0000,,Moritz: Yeah, but that would be \Nan attack with physical access.
Dialogue: 0,0:03:21.05,0:03:23.18,Default,,0000,0000,0000,,Daniel: Software-only would be great
Dialogue: 0,0:03:23.30,0:03:26.36,Default,,0000,0000,0000,,Michael: Yes, I told you already,\NI found one can measure energy
Dialogue: 0,0:03:26.36,0:03:27.96,Default,,0000,0000,0000,,consumption in micro joules
Dialogue: 0,0:03:27.96,0:03:32.74,Default,,0000,0000,0000,,Moritz: Like attacking all server, \Ndesktop and laptop CPUs
Dialogue: 0,0:03:32.74,0:03:35.76,Default,,0000,0000,0000,,Daniel: Ideally with unprivileged access
Dialogue: 0,0:03:35.76,0:03:38.90,Default,,0000,0000,0000,,Michael: Imagine if you could\Ndistinguish different instructions
Dialogue: 0,0:03:38.90,0:03:42.40,Default,,0000,0000,0000,,or even observe the Hamming weights of \Noperands and memory loads
Dialogue: 0,0:03:42.40,0:03:44.02,Default,,0000,0000,0000,,Daniel: Control flow monitoring
Dialogue: 0,0:03:44.02,0:03:47.92,Default,,0000,0000,0000,,Moritz: In physical attacks they often go\Nfor cryptographic keys.
Dialogue: 0,0:03:47.92,0:03:52.80,Default,,0000,0000,0000,,That would be great.\NAttacking AES-NI and RSA
Dialogue: 0,0:03:52.80,0:03:56.25,Default,,0000,0000,0000,,Daniel: There's just one problem:\Nthere is no such channel
Dialogue: 0,0:03:56.25,0:03:59.68,Default,,0000,0000,0000,,Michael: As I said,\Ndon't you listen, Daniel?
Dialogue: 0,0:03:59.68,0:04:04.66,Default,,0000,0000,0000,,It's like always, there is this RAPL \Nregister. This interface is already there
Dialogue: 0,0:04:04.66,0:04:07.08,Default,,0000,0000,0000,,and you can measure power consumption
Dialogue: 0,0:04:07.08,0:04:11.90,Default,,0000,0000,0000,,Daniel: Yes, but only on a \Nvery coarse granularity
Dialogue: 0,0:04:14.78,0:04:16.75,Default,,0000,0000,0000,,Moritz: But first, we need to get a bit
Dialogue: 0,0:04:16.75,0:04:21.01,Default,,0000,0000,0000,,more understanding of the CPU power\Nmanagement. The thermal design power, the
Dialogue: 0,0:04:21.01,0:04:26.81,Default,,0000,0000,0000,,TDP, is the power consumption under the\Nmaximum theoretical load of the processor.
Dialogue: 0,0:04:26.81,0:04:32.08,Default,,0000,0000,0000,,And you probably know that number from the\NCPU specification. And this gives
Dialogue: 0,0:04:32.08,0:04:38.43,Default,,0000,0000,0000,,integrators a target to find the proper\Nthermal solution when you integrate CPU in
Dialogue: 0,0:04:38.43,0:04:46.22,Default,,0000,0000,0000,,a computer so that it doesn't run too hot.\NBut for short periods of time, the CPU can
Dialogue: 0,0:04:46.22,0:04:52.92,Default,,0000,0000,0000,,consume more power than that. And this we\Ncan see in this graphic. So here for this
Dialogue: 0,0:04:52.92,0:04:58.88,Default,,0000,0000,0000,,Tau moment, the power consumption is much\Nhigher than for the rest of the CPU.
Dialogue: 0,0:04:58.88,0:05:05.52,Default,,0000,0000,0000,,Because usually a CPU is not instantly hot\Nand thermal properties propagate over a
Dialogue: 0,0:05:05.52,0:05:12.12,Default,,0000,0000,0000,,bit of time. So on the other hand, you\Nshould also be able to save power. And you
Dialogue: 0,0:05:12.12,0:05:16.24,Default,,0000,0000,0000,,can do this in different ways. For\Ninstance, you could just shut down
Dialogue: 0,0:05:16.24,0:05:21.87,Default,,0000,0000,0000,,resources completely that you do not need\Nat the moment, or you can reduce the
Dialogue: 0,0:05:21.87,0:05:27.17,Default,,0000,0000,0000,,voltage of the processor or those\Ncomponents and then it also consumes less
Dialogue: 0,0:05:27.17,0:05:32.87,Default,,0000,0000,0000,,power. And on top of that, you could also\Nreduce the frequency of the processor and
Dialogue: 0,0:05:32.87,0:05:39.70,Default,,0000,0000,0000,,then it also consumes less power. And you\Nneed this for different scenarios. For
Dialogue: 0,0:05:39.70,0:05:44.81,Default,,0000,0000,0000,,instance, with your laptop, you need to\Nbudget the power consumption because you
Dialogue: 0,0:05:44.81,0:05:49.79,Default,,0000,0000,0000,,want to have a long run time. And you also\Nknow these options that you can change,
Dialogue: 0,0:05:49.79,0:05:54.45,Default,,0000,0000,0000,,like the performance level if it should\Nrun on high performance or to save
Dialogue: 0,0:05:54.45,0:05:57.22,Default,,0000,0000,0000,,battery. And you need this in different\Nscenarios.
Dialogue: 0,0:05:57.22,0:06:01.93,Default,,0000,0000,0000,,Michael: Yes, Moritz, that's exactly what\NI showed you before. Do you remember? I
Dialogue: 0,0:06:01.93,0:06:07.27,Default,,0000,0000,0000,,showed you this intel running average\Npower limit, short RAPL, that provides
Dialogue: 0,0:06:07.27,0:06:13.18,Default,,0000,0000,0000,,exactly that functionality. So with this\NIntel RAPL, you have the power limiting
Dialogue: 0,0:06:13.18,0:06:19.61,Default,,0000,0000,0000,,features so you can do exactly what you\Njust described, reduce the power usage for
Dialogue: 0,0:06:19.61,0:06:25.100,Default,,0000,0000,0000,,your system or for parts of your system.\NAnd additionally, you also have the energy
Dialogue: 0,0:06:25.100,0:06:30.72,Default,,0000,0000,0000,,readings. So you know exactly how much\Npower is currently used on a system which
Dialogue: 0,0:06:30.72,0:06:36.42,Default,,0000,0000,0000,,helps you do exactly the things you just\Nmentioned before, like getting a better
Dialogue: 0,0:06:36.42,0:06:40.49,Default,,0000,0000,0000,,power performance balance. So this is\Nalready there.
Dialogue: 0,0:06:40.49,0:06:44.41,Default,,0000,0000,0000,,Moritz: Because the CPU needs to know in a\Nway how much power it consumes, right?
Dialogue: 0,0:06:44.41,0:06:49.55,Default,,0000,0000,0000,,Michael: Exactly and the scheduler also\Nuses that feature to ensure that you get a
Dialogue: 0,0:06:49.55,0:06:54.82,Default,,0000,0000,0000,,better battery runtime on your laptop, for\Nexample. And because this is an important
Dialogue: 0,0:06:54.82,0:07:00.37,Default,,0000,0000,0000,,feature you can directly get that from the\Noperating system as well. On Linux, you
Dialogue: 0,0:07:00.37,0:07:04.38,Default,,0000,0000,0000,,can even get that as an unprivileged\Napplication. There's the powercap
Dialogue: 0,0:07:04.38,0:07:10.51,Default,,0000,0000,0000,,framework that you can directly access in\Nthis pseudo file system where you get the
Dialogue: 0,0:07:10.51,0:07:15.73,Default,,0000,0000,0000,,current power readings, you can directly\Nsee how much power your CPU currently
Dialogue: 0,0:07:15.73,0:07:17.73,Default,,0000,0000,0000,,consumes.\NMoritz: How convenient!
Dialogue: 0,0:07:17.73,0:07:22.88,Default,,0000,0000,0000,,Michael: On MacOS and on Windows you have\Na similar thing, but for that you first
Dialogue: 0,0:07:22.88,0:07:26.59,Default,,0000,0000,0000,,need to install a driver because usually\Nyou don't need that as a userspace
Dialogue: 0,0:07:26.59,0:07:32.25,Default,,0000,0000,0000,,application. But some drivers might want\Nto have that and some drivers even expose
Dialogue: 0,0:07:32.25,0:07:36.82,Default,,0000,0000,0000,,that to you and you can use that. So there\Nare some drivers that are even
Dialogue: 0,0:07:36.82,0:07:41.30,Default,,0000,0000,0000,,preinstalled on some of the motherboards\Nthat expose that information to
Dialogue: 0,0:07:41.30,0:07:47.23,Default,,0000,0000,0000,,applications as well on Windows.\NMoritz: Interesting, but what can we do
Dialogue: 0,0:07:47.23,0:07:52.98,Default,,0000,0000,0000,,with this? So I ran some experiments\Nbecause I wanted to know how good this
Dialogue: 0,0:07:52.98,0:07:58.58,Default,,0000,0000,0000,,energy consumption monitoring works. And\Nin a first run we tried to distinguish
Dialogue: 0,0:07:58.58,0:08:04.09,Default,,0000,0000,0000,,instructions from each other. So we\Nimplemented a small program just running
Dialogue: 0,0:08:04.09,0:08:08.05,Default,,0000,0000,0000,,the same instructions all the time, and we\Nmeasured its power consumption. And as we
Dialogue: 0,0:08:08.05,0:08:12.80,Default,,0000,0000,0000,,can see easily in this plot, different\Ninstructions need a different amount of
Dialogue: 0,0:08:12.80,0:08:19.42,Default,,0000,0000,0000,,power. So we can distinguish instructions\Nfrom each other. In addition, what I
Dialogue: 0,0:08:19.42,0:08:23.56,Default,,0000,0000,0000,,tried, I changed the operands that\Ndifferent instructions used. For instance,
Dialogue: 0,0:08:23.56,0:08:28.75,Default,,0000,0000,0000,,for a multiplication, you can multiply\Ndifferent numbers with each other. And
Dialogue: 0,0:08:28.75,0:08:33.78,Default,,0000,0000,0000,,also here we see, depending on the bits\Nthat are set in the operand a different
Dialogue: 0,0:08:33.78,0:08:39.13,Default,,0000,0000,0000,,power consumption of the same instruction,\Nbut just depending on the operand so we
Dialogue: 0,0:08:39.13,0:08:44.61,Default,,0000,0000,0000,,can also distinguish them from each other.\NThis could also come in handy later on.
Dialogue: 0,0:08:44.61,0:08:51.18,Default,,0000,0000,0000,,But I also tried to load data with an\Ninstruction and I wanted to know if I
Dialogue: 0,0:08:51.18,0:08:55.09,Default,,0000,0000,0000,,could see differences in the power\Nconsumption, depending on the data that
Dialogue: 0,0:08:55.09,0:09:00.86,Default,,0000,0000,0000,,has been loaded by the processor. And as\Nyou can see in this plot, the more bits
Dialogue: 0,0:09:00.86,0:09:07.97,Default,,0000,0000,0000,,that are set in the data that is loaded,\Nthe more power the CPU consumes. But let's
Dialogue: 0,0:09:07.97,0:09:14.21,Default,,0000,0000,0000,,be honest here, to record these\Nmeasurements, it took more than 23 days,
Dialogue: 0,0:09:14.21,0:09:19.95,Default,,0000,0000,0000,,so it took quite some time to get to this\Ngranularity to see those differences, but
Dialogue: 0,0:09:19.95,0:09:23.19,Default,,0000,0000,0000,,in other cases, if you just...\NMichael: still a fascinating result.
Dialogue: 0,0:09:23.19,0:09:27.46,Default,,0000,0000,0000,,Moritz: Yes, it's a very interesting\Nresult. And in other cases, Michael, you
Dialogue: 0,0:09:27.46,0:09:33.93,Default,,0000,0000,0000,,only want to know if one operand or one\Nvalue is a zero or if it's not a zero. And
Dialogue: 0,0:09:33.93,0:09:40.31,Default,,0000,0000,0000,,to come to this result, you don't need\Nthat many measurements. And the last
Dialogue: 0,0:09:40.31,0:09:45.54,Default,,0000,0000,0000,,experiments that we did was we wanted to\Nknow if we would see a difference in the
Dialogue: 0,0:09:45.54,0:09:51.00,Default,,0000,0000,0000,,energy consumption, depending where data\Nhas been loaded from. For instance, as
Dialogue: 0,0:09:51.00,0:09:55.54,Default,,0000,0000,0000,,we've seen also at CCC in many different\Ntalks over the past years, they are like
Dialogue: 0,0:09:55.54,0:09:59.92,Default,,0000,0000,0000,,cache attacks. And here in this\Nexperiment, we also were able to see a
Dialogue: 0,0:09:59.92,0:10:04.32,Default,,0000,0000,0000,,difference in the power consumption if\Nyour value has been loadad from the cache
Dialogue: 0,0:10:04.32,0:10:09.55,Default,,0000,0000,0000,,or if it has to be loaded from the main\Nmemory, because, of course, then DRAM is
Dialogue: 0,0:10:09.55,0:10:16.29,Default,,0000,0000,0000,,activated and it consumes more power. But\Nthese results are very nice.
Dialogue: 0,0:10:16.29,0:10:20.78,Default,,0000,0000,0000,,Michael: Yes, these are really fascinating\Nresults. So we should actually exploit
Dialogue: 0,0:10:20.78,0:10:25.96,Default,,0000,0000,0000,,them and build attacks from that. I mean,\Nit's fascinating to see that all these
Dialogue: 0,0:10:25.96,0:10:29.86,Default,,0000,0000,0000,,measurements are possible, but we also\Nwant to do something security related.
Dialogue: 0,0:10:29.86,0:10:32.09,Default,,0000,0000,0000,,Moritz: Do you have any idea what we\Ncould do?
Dialogue: 0,0:10:32.09,0:10:36.97,Default,,0000,0000,0000,,Michael: Yes, I have that idea I already\Nshowed you something from before. If you
Dialogue: 0,0:10:36.97,0:10:41.24,Default,,0000,0000,0000,,remember from the office, this one\Nmeasurement. And I extended that
Dialogue: 0,0:10:41.24,0:10:42.40,Default,,0000,0000,0000,,measurement.\NMoritz: Yes.
Dialogue: 0,0:10:42.40,0:10:47.56,Default,,0000,0000,0000,,Michael: Into a covert channel. So a\Ncovert channel is a communication channel
Dialogue: 0,0:10:47.56,0:10:52.29,Default,,0000,0000,0000,,between two parties that are usually not\Nallowed to communicate with each other. So
Dialogue: 0,0:10:52.29,0:10:56.31,Default,,0000,0000,0000,,there might be different reasons for that.\NMaybe ther's no interface, maybe there's a
Dialogue: 0,0:10:56.31,0:11:01.89,Default,,0000,0000,0000,,policy or a firewall or something that\Nprevents them from communicating. And
Dialogue: 0,0:11:01.89,0:11:06.74,Default,,0000,0000,0000,,still, in this scenario, I want to\Ncommunicate. So for that, I'm using
Dialogue: 0,0:11:06.74,0:11:11.59,Default,,0000,0000,0000,,exactly these power side channels and all\Nthis analysis you have done to actually
Dialogue: 0,0:11:11.59,0:11:17.94,Default,,0000,0000,0000,,communicate. And that's is very simple to\Ndo, actually. I have two processes, a
Dialogue: 0,0:11:17.94,0:11:24.38,Default,,0000,0000,0000,,sender and a receiver, and the sender\Ntries to send single bits, zeros and ones.
Dialogue: 0,0:11:24.38,0:11:31.12,Default,,0000,0000,0000,,And to send a one bit. I do something that\Nuses a lot of energy, like accessing main
Dialogue: 0,0:11:31.12,0:11:37.38,Default,,0000,0000,0000,,memory. And if I want to send a zero bit,\Nthen I don't do anything. And now as a
Dialogue: 0,0:11:37.38,0:11:42.41,Default,,0000,0000,0000,,receiver, I just have to measure the power\Nconsumption and I see if the power
Dialogue: 0,0:11:42.41,0:11:47.96,Default,,0000,0000,0000,,consumption has a spike. Then I know the\Nsender is sending a one. If there's
Dialogue: 0,0:11:47.96,0:11:53.87,Default,,0000,0000,0000,,nothing the sender is apparently sending a\Nzero and from that I can get this
Dialogue: 0,0:11:53.87,0:11:57.98,Default,,0000,0000,0000,,information a Sender wants to send me.\NMoritz: But did you try that out?
Dialogue: 0,0:11:57.98,0:12:02.07,Default,,0000,0000,0000,,{\i1}laugh track{\i0}\NMichael: Yes, I also tried that and we can
Dialogue: 0,0:12:02.07,0:12:07.38,Default,,0000,0000,0000,,see that here in this graph. So this is\Nthe energy measurement.
Dialogue: 0,0:12:07.38,0:12:11.01,Default,,0000,0000,0000,,Moritz: That's a very clean signal.\NMichael: Yes, it's the energy measurement
Dialogue: 0,0:12:11.01,0:12:16.08,Default,,0000,0000,0000,,on the receiver side. And we see exactly\Nwhat I told you before. If there are one
Dialogue: 0,0:12:16.08,0:12:20.50,Default,,0000,0000,0000,,bits, then the energy consumption is\Nhigher. If there are zero bits, it's
Dialogue: 0,0:12:20.50,0:12:26.22,Default,,0000,0000,0000,,lower. And from that we can deduce the\Ninformation that I wanted to send on the
Dialogue: 0,0:12:26.22,0:12:30.85,Default,,0000,0000,0000,,sender side. Pretty neat, huh?\NMoritz: Yeah, but this is just from one
Dialogue: 0,0:12:30.85,0:12:37.19,Default,,0000,0000,0000,,process to another process. Actually, I\Ntook your idea and used this in a
Dialogue: 0,0:12:37.19,0:12:43.46,Default,,0000,0000,0000,,hypervisor scenario where we attack the\NXen hypervisor. So it's not limited to two
Dialogue: 0,0:12:43.46,0:12:49.78,Default,,0000,0000,0000,,processes. I installed the Xen hypervisor\Nwith two virtual machines. And what Xen
Dialogue: 0,0:12:49.78,0:12:56.02,Default,,0000,0000,0000,,does is it also exposes those RAPL\Nregisters to the virtual machine. So now
Dialogue: 0,0:12:56.02,0:13:01.08,Default,,0000,0000,0000,,as a virtual machine, I can have direct\Naccess to that and then I can establish a
Dialogue: 0,0:13:01.08,0:13:04.22,Default,,0000,0000,0000,,covert channel between two virtual\Nmachines in the cloud.
Dialogue: 0,0:13:04.22,0:13:08.11,Default,,0000,0000,0000,,Michael: That's even better.\NMoritz: And this is really working, as you
Dialogue: 0,0:13:08.11,0:13:13.41,Default,,0000,0000,0000,,can see here. I mean, here I'm just\Nsending ones and zeros, but the signal is
Dialogue: 0,0:13:13.41,0:13:15.59,Default,,0000,0000,0000,,pretty clear.\NMichael: That's nice.
Dialogue: 0,0:13:15.59,0:13:20.96,Default,,0000,0000,0000,,Moritz: But it's the more that we can do?\NMichael: Yes. I mean, covert channels are
Dialogue: 0,0:13:20.96,0:13:26.05,Default,,0000,0000,0000,,great to demonstrate something, that it\Nactually works, across VM, really great. I
Dialogue: 0,0:13:26.05,0:13:32.41,Default,,0000,0000,0000,,like that. That gives you a different\Nthreat model here, but still they are a
Dialogue: 0,0:13:32.41,0:13:37.58,Default,,0000,0000,0000,,bit boring. So I decided to have something\Nmore interesting as another example of
Dialogue: 0,0:13:37.58,0:13:43.32,Default,,0000,0000,0000,,what we can do. I always like to break\Nkernel address space layout randomization,
Dialogue: 0,0:13:43.32,0:13:48.90,Default,,0000,0000,0000,,KASLR. With this kernel address space\Nlayout randomization, the kernel is mapped
Dialogue: 0,0:13:48.90,0:13:54.18,Default,,0000,0000,0000,,to different virtual locations every time\NI boot my computer to make it difficult to
Dialogue: 0,0:13:54.18,0:13:58.05,Default,,0000,0000,0000,,actually exploit something in the kernel\Nbecause it's not predictable where the
Dialogue: 0,0:13:58.05,0:14:05.67,Default,,0000,0000,0000,,kernel is located. And I again use the\Nenergy consumption to figure out where
Dialogue: 0,0:14:05.67,0:14:12.59,Default,,0000,0000,0000,,this kernel is located. So how does that\Nwork? In this address space I have the
Dialogue: 0,0:14:12.59,0:14:17.98,Default,,0000,0000,0000,,kernel which is actually mapped using\Nphysical pages and I have a lot of nothing
Dialogue: 0,0:14:17.98,0:14:24.35,Default,,0000,0000,0000,,where no physical page is mapped. And if I\Ntry to access these addresses, I can't, of
Dialogue: 0,0:14:24.35,0:14:29.17,Default,,0000,0000,0000,,course, because I don't have the\Nprivileges for that. But I will still see
Dialogue: 0,0:14:29.17,0:14:33.60,Default,,0000,0000,0000,,differences when doing that because the\NCPU has to do different things depending
Dialogue: 0,0:14:33.60,0:14:38.34,Default,,0000,0000,0000,,on whether there's actually a page or not,\Nwhether this page can be cached, this
Dialogue: 0,0:14:38.34,0:14:42.65,Default,,0000,0000,0000,,translation, or whether this translation\Nis always invalid because there's nothing
Dialogue: 0,0:14:42.65,0:14:47.78,Default,,0000,0000,0000,,there and it can't be cached. We can see\Nthat here in an illustration, if you're
Dialogue: 0,0:14:47.78,0:14:53.57,Default,,0000,0000,0000,,wondering how that really works. So it\Nturns out the kernel can only be mapped to
Dialogue: 0,0:14:53.57,0:14:59.69,Default,,0000,0000,0000,,a limited number of places because it has\Nto be aligned by two megabytes, so I only
Dialogue: 0,0:14:59.69,0:15:06.01,Default,,0000,0000,0000,,need to check the spots there where the\Nkernel could be located. And for all these
Dialogue: 0,0:15:06.01,0:15:11.44,Default,,0000,0000,0000,,places in the address space, I just try to\Naccess it and measure how much energy that
Dialogue: 0,0:15:11.44,0:15:17.67,Default,,0000,0000,0000,,consumes. And if there's nothing mapped,\Nit consumes quite a lot of energy because
Dialogue: 0,0:15:17.67,0:15:21.94,Default,,0000,0000,0000,,the CPU has to figure out that there's\Nnothing mapped. It goes through the page
Dialogue: 0,0:15:21.94,0:15:26.90,Default,,0000,0000,0000,,tables, the page table walk, and at the\Nend figures out, oh, there's nothing here,
Dialogue: 0,0:15:26.90,0:15:32.18,Default,,0000,0000,0000,,so I can't do anything, and aborts that.\NAnd that uses quite some energy. But if
Dialogue: 0,0:15:32.18,0:15:39.20,Default,,0000,0000,0000,,there's actually the kernel here, then\Nthis translation is valid. It works. There
Dialogue: 0,0:15:39.20,0:15:43.94,Default,,0000,0000,0000,,is something there. It will likely be\Nalready in the translation caches in the
Dialogue: 0,0:15:43.94,0:15:49.71,Default,,0000,0000,0000,,TLB, so the CPU has less work. It just\Nneeds to check the cache, sees: "Oh it's
Dialogue: 0,0:15:49.71,0:15:54.94,Default,,0000,0000,0000,,there. I know that. But wait a moment, you\Ncan't access it" and can immediately abort
Dialogue: 0,0:15:54.94,0:16:01.94,Default,,0000,0000,0000,,and that uses less energy. So just from\Nthe energy consumption, I can see if
Dialogue: 0,0:16:01.94,0:16:06.25,Default,,0000,0000,0000,,there's something mapped and with that see\Nwhere the kernel is actually mapped.
Dialogue: 0,0:16:06.25,0:16:10.59,Default,,0000,0000,0000,,Moritz: And this is really working? Did\Nyou try it out or is this just some
Dialogue: 0,0:16:10.59,0:16:13.33,Default,,0000,0000,0000,,theoretical thing?\NMichael: You're always so skeptical. Of
Dialogue: 0,0:16:13.33,0:16:19.01,Default,,0000,0000,0000,,course I tried that and I brought the demo\Nwith me. So here you can see the demo
Dialogue: 0,0:16:19.01,0:16:24.15,Default,,0000,0000,0000,,running. This is on a real system. And you\Nsee it's super fast measuring the energy
Dialogue: 0,0:16:24.15,0:16:28.29,Default,,0000,0000,0000,,consumption going over the address space\Nand finding the kernel.
Dialogue: 0,0:16:28.29,0:16:32.28,Default,,0000,0000,0000,,{\i1}applause{\i0}\NMoritz: But these attacks are boring,
Dialogue: 0,0:16:32.28,0:16:36.68,Default,,0000,0000,0000,,Michael. We want to attack something real,\Nwe want to be like real attackers, we want
Dialogue: 0,0:16:36.68,0:16:40.80,Default,,0000,0000,0000,,to attack crypto, we want to get keys.\NMichael: Crypto is complicated. That's …
Dialogue: 0,0:16:40.80,0:16:43.33,Default,,0000,0000,0000,,{\i1}laugh track{\i0}\NMoritz: No, no, no, just listen. So, for
Dialogue: 0,0:16:43.33,0:16:47.86,Default,,0000,0000,0000,,instance, with RSA, this is a widely used\Npublic-key cryptosystem. This is really
Dialogue: 0,0:16:47.86,0:16:53.71,Default,,0000,0000,0000,,easy because to encrypt some data, you\Nhave a public key. To decrypt the data you
Dialogue: 0,0:16:53.71,0:16:59.75,Default,,0000,0000,0000,,have a private key. And if we get the\Nprivate key: profit, easy as that. What do
Dialogue: 0,0:16:59.75,0:17:03.19,Default,,0000,0000,0000,,you say?\NMichael: Yeah, I know how that works. So
Dialogue: 0,0:17:03.19,0:17:08.91,Default,,0000,0000,0000,,the theory is easy, that I have the two\Nkeys and I have a private key. But then
Dialogue: 0,0:17:08.91,0:17:12.54,Default,,0000,0000,0000,,the complicated part starts where you\Nreally have to understand the crypto to
Dialogue: 0,0:17:12.54,0:17:17.54,Default,,0000,0000,0000,,actually attack it. And that's really\Ncomplicated. And I don't really want to do
Dialogue: 0,0:17:17.54,0:17:22.59,Default,,0000,0000,0000,,that. Maybe we can a student who tries\Nthat but I'm out of here. {\i1}laughter{\i0}
Dialogue: 0,0:17:22.59,0:17:25.58,Default,,0000,0000,0000,,Andreas: Hi guys, I'm a student and I want\Na master thesis.
Dialogue: 0,0:17:25.58,0:17:29.37,Default,,0000,0000,0000,,Moritz: This is perfect. Your name is\NAndreas, right?
Dialogue: 0,0:17:29.37,0:17:32.88,Default,,0000,0000,0000,,Andreas: Yeah, sure, I'm Andreas.\N{\i1}laughter{\i0}
Dialogue: 0,0:17:32.88,0:17:36.89,Default,,0000,0000,0000,,M: OK, I don't know if you have heard\Nthe last bits, but we want to attack some
Dialogue: 0,0:17:36.89,0:17:39.68,Default,,0000,0000,0000,,crypto with power side channel attacks.\NA: OK
Dialogue: 0,0:17:39.68,0:17:44.18,Default,,0000,0000,0000,,Moritz: And for instance, with RSA, we\Nhave the private key and the public key.
Dialogue: 0,0:17:44.18,0:17:50.97,Default,,0000,0000,0000,,Here we have M the message and C the\Nciphertext and d the private exponent. And
Dialogue: 0,0:17:50.97,0:17:56.16,Default,,0000,0000,0000,,of course, it's a computer. It consists of\Nones and zeros. And depending on the key
Dialogue: 0,0:17:56.16,0:18:01.97,Default,,0000,0000,0000,,bit if it's a one, for the computation of\Nthe algorithm, we do a square and the
Dialogue: 0,0:18:01.97,0:18:08.51,Default,,0000,0000,0000,,multiply operation. And if it's zero, we\Njust do the square operation and we do
Dialogue: 0,0:18:08.51,0:18:14.11,Default,,0000,0000,0000,,this for the entire private key.\NA: Now OK, sounds easy enough.
Dialogue: 0,0:18:14.11,0:18:21.64,Default,,0000,0000,0000,,M: Yes. And if we can observe that we\Ncan extract the key. Sounds good. But I
Dialogue: 0,0:18:21.64,0:18:28.00,Default,,0000,0000,0000,,did some experiments and it didn't work\Nout as well as I've expected it to be. So
Dialogue: 0,0:18:28.00,0:18:31.86,Default,,0000,0000,0000,,we need to get a bit more control and\Nmaybe a better threat model how to do
Dialogue: 0,0:18:31.86,0:18:40.10,Default,,0000,0000,0000,,that. And there comes Intel SGX into play.\NAnd this is an instruction set extension
Dialogue: 0,0:18:40.10,0:18:47.34,Default,,0000,0000,0000,,and it provides you with integrity and\Nconfidentiality of code and data even in
Dialogue: 0,0:18:47.34,0:18:55.60,Default,,0000,0000,0000,,untrusted environments. So with Intel SGX,\Nyou can run programs using protected areas
Dialogue: 0,0:18:55.60,0:19:02.95,Default,,0000,0000,0000,,of memory. And even in the case where the\Noperating system is compromised and cannot
Dialogue: 0,0:19:02.95,0:19:07.30,Default,,0000,0000,0000,,be trusted at all.\NA: So basically we have the full
Dialogue: 0,0:19:07.30,0:19:11.50,Default,,0000,0000,0000,,access of all operating system features to\Nattack, the enclave.
Dialogue: 0,0:19:11.50,0:19:14.90,Default,,0000,0000,0000,,M: Yes, exactly\NA: OK, that sounds quite powerful
Dialogue: 0,0:19:14.90,0:19:21.13,Default,,0000,0000,0000,,M: But there's still one issue. It's\Nstill just executing a program. So we have
Dialogue: 0,0:19:21.13,0:19:26.63,Default,,0000,0000,0000,,more power, but we need to make use of\Nthat. And there is this paper called
Dialogue: 0,0:19:26.63,0:19:34.89,Default,,0000,0000,0000,,SGX-Step, which gives you more control of\Nenclaves and Jo Van Bulck the author maybe
Dialogue: 0,0:19:34.89,0:19:40.62,Default,,0000,0000,0000,,has time to explain this a bit to us so\Nmaybe we can give him a call.
Dialogue: 0,0:19:40.62,0:19:42.16,Default,,0000,0000,0000,,A: Sounds great.\N{\i1}ringing sound{\i0}
Dialogue: 0,0:19:42.16,0:19:48.76,Default,,0000,0000,0000,,M: Hi Jo, this is Moritz. I've seen\Nthe paper of yours, this SGX-Step paper.
Dialogue: 0,0:19:48.76,0:19:52.99,Default,,0000,0000,0000,,It might be the thing that we need, but\Ncan you explain a bit what it is about?
Dialogue: 0,0:19:52.99,0:19:59.91,Default,,0000,0000,0000,,Jo: Yes, surely Moritz, so SGX-Step I\Nthink in one sentence it's an enclave
Dialogue: 0,0:19:59.91,0:20:04.92,Default,,0000,0000,0000,,execution control framework. What I mean\Nwith that is that it allows you to
Dialogue: 0,0:20:04.92,0:20:09.31,Default,,0000,0000,0000,,precisely control the execution of the\Nenclave so that you can interleave it with
Dialogue: 0,0:20:09.31,0:20:13.75,Default,,0000,0000,0000,,attacker code, as the name implies, you\Nwould do one step of the enclave, one step
Dialogue: 0,0:20:13.75,0:20:17.43,Default,,0000,0000,0000,,of the attacker again one step of the\Nenclave, one step of the attacker, etc.
Dialogue: 0,0:20:17.43,0:20:19.89,Default,,0000,0000,0000,,M: That's perfect.\NJ: That's the high level.
Dialogue: 0,0:20:19.89,0:20:23.58,Default,,0000,0000,0000,,Moritz: Can you expand it a bit on the\Ntechnical point of view? How do you do
Dialogue: 0,0:20:23.58,0:20:26.00,Default,,0000,0000,0000,,that?\NJ: Yes, I'm very excited about the
Dialogue: 0,0:20:26.00,0:20:32.10,Default,,0000,0000,0000,,technical details, Moritz. So let me walk\Nyou through. The first thing you should
Dialogue: 0,0:20:32.10,0:20:36.33,Default,,0000,0000,0000,,know about SGX-Step: it's completely open\Nsource and we build it on top of stock
Dialogue: 0,0:20:36.33,0:20:37.73,Default,,0000,0000,0000,,Linux environments.\NM: Nice
Dialogue: 0,0:20:37.73,0:20:43.24,Default,,0000,0000,0000,,J: So what you should start with always\Nis to load a malicious kernel driver. And
Dialogue: 0,0:20:43.24,0:20:48.47,Default,,0000,0000,0000,,this is called the /dev/sgx-step driver.\NAnd from that moment on we kind of export
Dialogue: 0,0:20:48.47,0:20:54.54,Default,,0000,0000,0000,,all of the powers of the Linux kernel into\Nthe userspace. And the second component of
Dialogue: 0,0:20:54.54,0:20:58.83,Default,,0000,0000,0000,,SGX-step that's important is this small\Nlibrary operating system that we wrote.
Dialogue: 0,0:20:58.83,0:21:04.31,Default,,0000,0000,0000,,It's called libsgxstep and it sits just\Nalongside of the library alongside in the
Dialogue: 0,0:21:04.31,0:21:09.38,Default,,0000,0000,0000,,userspace application. And libsgxstep\Nallows you to do a number of cool things.
Dialogue: 0,0:21:09.38,0:21:14.49,Default,,0000,0000,0000,,I think the most important thing being\Nthat you have direct access to the APIC
Dialogue: 0,0:21:14.49,0:21:19.66,Default,,0000,0000,0000,,x86 high resolution timing device. So that\Nsounds interesting for you, right Moriz?.
Dialogue: 0,0:21:19.66,0:21:21.94,Default,,0000,0000,0000,,M: Yeah, but what do you\Ndo with the timer?
Dialogue: 0,0:21:21.94,0:21:26.35,Default,,0000,0000,0000,,J: Well, what you can do with the timer\Nis essentially you can arm it just before
Dialogue: 0,0:21:26.35,0:21:30.17,Default,,0000,0000,0000,,you enter the enclave. And what would\Nhappen then is, let's have a look. You arm
Dialogue: 0,0:21:30.17,0:21:34.26,Default,,0000,0000,0000,,the timer, you start executing the\Nenclave, then after a while and interrupt
Dialogue: 0,0:21:34.26,0:21:39.80,Default,,0000,0000,0000,,fires and you exit the enclave again.\NM: Hmm, so it's like a debugger like
Dialogue: 0,0:21:39.80,0:21:44.80,Default,,0000,0000,0000,,GDB, but for enclaves?\NJ: Yes, it's a... it's exactly that
Dialogue: 0,0:21:44.80,0:21:49.00,Default,,0000,0000,0000,,Moritz. It's like an attacker controlled\Ndebugger without using any of the debug
Dialogue: 0,0:21:49.00,0:21:54.35,Default,,0000,0000,0000,,features, just using the raw x86\Nprimitives and operating system files. And
Dialogue: 0,0:21:54.35,0:21:59.04,Default,,0000,0000,0000,,just as in a debugger, it allows you to do\Nsingle stepping. So every instruction will
Dialogue: 0,0:21:59.04,0:22:03.42,Default,,0000,0000,0000,,be executed one at a time. At most one at\Na time I should say.
Dialogue: 0,0:22:03.42,0:22:09.44,Default,,0000,0000,0000,,M: But what happens if I, like,\Nconfigure the timer a bit lower? Does it
Dialogue: 0,0:22:09.44,0:22:13.37,Default,,0000,0000,0000,,then like start executing an instruction?\NJ: That's a very good question. And
Dialogue: 0,0:22:13.37,0:22:18.25,Default,,0000,0000,0000,,configuring the timer is the tricky thing\Nabout SGX-step. So it will indeed happen
Dialogue: 0,0:22:18.25,0:22:23.78,Default,,0000,0000,0000,,sometimes what we call a zero step event.\NSo you will fire the timer before the
Dialogue: 0,0:22:23.78,0:22:28.29,Default,,0000,0000,0000,,enclave even had time to execute an\Ninstruction. And those are a kind of event
Dialogue: 0,0:22:28.29,0:22:32.92,Default,,0000,0000,0000,,that you can also detect with SGX-step.\NThere is a trick to detect whether you had
Dialogue: 0,0:22:32.92,0:22:36.56,Default,,0000,0000,0000,,a single step or a zero step.\NM: Jo, this is perfect. This is
Dialogue: 0,0:22:36.56,0:22:40.06,Default,,0000,0000,0000,,exactly what we are looking for. Thank you\Nso much for explaining that.
Dialogue: 0,0:22:40.06,0:22:43.25,Default,,0000,0000,0000,,J: I'm very happy to hear that.\NM: I'm looking forward to try it out
Dialogue: 0,0:22:43.25,0:22:44.85,Default,,0000,0000,0000,,now.\NJ: Go.
Dialogue: 0,0:22:44.85,0:22:47.47,Default,,0000,0000,0000,,M: See you hopefully soon.\NJ: Bye bye.
Dialogue: 0,0:22:47.47,0:22:48.85,Default,,0000,0000,0000,,M: Bye!
Dialogue: 0,0:22:49.46,0:22:54.95,Default,,0000,0000,0000,,M: So SGX-step to sum it up,\Nit's an open source Linux kernel
Dialogue: 0,0:22:54.95,0:22:59.99,Default,,0000,0000,0000,,framework, and it allows us to configure\Nthe APIC timer interrupts so that we can
Dialogue: 0,0:22:59.99,0:23:06.40,Default,,0000,0000,0000,,interrupt the enclave execution to single\Nand zero step it. And this is perfect
Dialogue: 0,0:23:06.40,0:23:11.76,Default,,0000,0000,0000,,because now we can combine it with the\Npower measurements of Intel RAPL, and this
Dialogue: 0,0:23:11.76,0:23:17.08,Default,,0000,0000,0000,,gives us the possibility to measure the\Nenergy consumption of single instructions.
Dialogue: 0,0:23:17.08,0:23:21.71,Default,,0000,0000,0000,,Can you try it out Andi?\NA: OK, let me dig deeper into that.
Dialogue: 0,0:23:21.71,0:23:25.70,Default,,0000,0000,0000,,We have this really slow RAPL interface\Nhere and if you want to visualize it, we
Dialogue: 0,0:23:25.70,0:23:30.36,Default,,0000,0000,0000,,could imagine that it's like we have slots\Nwhere we can fill the slots with
Dialogue: 0,0:23:30.36,0:23:35.39,Default,,0000,0000,0000,,instructions and the RAPL interface gives\Nus the average power consumption over the
Dialogue: 0,0:23:35.39,0:23:40.05,Default,,0000,0000,0000,,slots. So in the default case, when we\Nexecute our target instruction, we have
Dialogue: 0,0:23:40.05,0:23:44.10,Default,,0000,0000,0000,,basically one slot filled with the target\Ninstruction and the remaining slots filled
Dialogue: 0,0:23:44.10,0:23:50.13,Default,,0000,0000,0000,,with other instructions we don't know. So\Nbasically noise. The best case for us
Dialogue: 0,0:23:50.13,0:23:54.21,Default,,0000,0000,0000,,would be if we repeat the target\Ninstruction indefinitely and fill every
Dialogue: 0,0:23:54.21,0:23:58.03,Default,,0000,0000,0000,,slot with the target instruction.\NM: This is exactly what I did
Dialogue: 0,0:23:58.03,0:24:02.06,Default,,0000,0000,0000,,in the experiments in the beginning.\NA: Yeah, exactly. That's the reason
Dialogue: 0,0:24:02.06,0:24:07.76,Default,,0000,0000,0000,,why we got so good measurements there.\NAnother trick would be if we only used the
Dialogue: 0,0:24:07.76,0:24:11.89,Default,,0000,0000,0000,,target instruction in one slot and fill\Nthe remaining slots with instructions
Dialogue: 0,0:24:11.89,0:24:15.92,Default,,0000,0000,0000,,where we know the energy consumption of or\Nwe know the instruction of. Then it could
Dialogue: 0,0:24:15.92,0:24:20.84,Default,,0000,0000,0000,,do tricks to calculate the energy\Nconsumption of the target instruction.
Dialogue: 0,0:24:20.84,0:24:26.83,Default,,0000,0000,0000,,With SGX-step now we can use a hybrid\Nsolution here, where we use SGX-step the
Dialogue: 0,0:24:26.83,0:24:32.38,Default,,0000,0000,0000,,zero stepping mechanism to reissue this\Ninstruction and we can fill multiple slots
Dialogue: 0,0:24:32.38,0:24:37.26,Default,,0000,0000,0000,,with the same target instruction. Only\Ndrawback here is that we have a noise
Dialogue: 0,0:24:37.26,0:24:43.13,Default,,0000,0000,0000,,overhead of SGX-step itself, but this is\Nprobably the best solution we can go with.
Dialogue: 0,0:24:43.86,0:24:48.10,Default,,0000,0000,0000,,M: This sounds pretty good, so we\Nshould actually try that out. So we
Dialogue: 0,0:24:48.10,0:24:53.18,Default,,0000,0000,0000,,implement a toy cipher, which imitates\Nsquare and multiply basically. So we can
Dialogue: 0,0:24:53.18,0:24:58.11,Default,,0000,0000,0000,,leave out all the rest, the overhead of a\Nlibrary that would be used otherwise. And
Dialogue: 0,0:24:58.11,0:25:02.70,Default,,0000,0000,0000,,we then just single step every instruction\Nand measure its energy consumption and
Dialogue: 0,0:25:02.70,0:25:08.20,Default,,0000,0000,0000,,then we could plot this. Can you do that?\NA: I got already some results here
Dialogue: 0,0:25:08.20,0:25:13.16,Default,,0000,0000,0000,,for us. Basically here we use, as you\Nexplained, a toy example for square and
Dialogue: 0,0:25:13.16,0:25:18.58,Default,,0000,0000,0000,,multiply. And in both cases the square and\Nthe multiply, they execute exactly six
Dialogue: 0,0:25:18.58,0:25:23.86,Default,,0000,0000,0000,,instructions. And so basically we have a\Nperiod of six here. And if you look at the
Dialogue: 0,0:25:23.86,0:25:29.55,Default,,0000,0000,0000,,results of the measurement here, we can\Nsee that we have patterns that repeat with
Dialogue: 0,0:25:29.55,0:25:34.46,Default,,0000,0000,0000,,a period of six and we can see that these\Ndifferent patterns correspond to either a
Dialogue: 0,0:25:34.46,0:25:40.40,Default,,0000,0000,0000,,square or a multiply instruction here.\NM: Nice, perfect, but this is just a
Dialogue: 0,0:25:40.40,0:25:42.40,Default,,0000,0000,0000,,toy cipher, right? {\i1}laughter{\i0}\NA: Yeah.
Dialogue: 0,0:25:42.40,0:25:44.37,Default,,0000,0000,0000,,M: Can we do like real crypto?\N{\i1}laughter{\i0}
Dialogue: 0,0:25:44.37,0:25:49.53,Default,,0000,0000,0000,,A: We can try. So the plan now is\Nthat we want to attack a real RSA
Dialogue: 0,0:25:49.53,0:25:54.31,Default,,0000,0000,0000,,implementation and the real implementation\Nis not like a toy square and multiply
Dialogue: 0,0:25:54.31,0:25:59.32,Default,,0000,0000,0000,,algorithm. The real implementation needs\Nto handle these huge numbers. So basically
Dialogue: 0,0:25:59.32,0:26:03.49,Default,,0000,0000,0000,,there's much more code involved and it's\Nnot feasible to single step every
Dialogue: 0,0:26:03.49,0:26:10.34,Default,,0000,0000,0000,,instruction there. So we must do a more\Nclever approach here. If we observe the
Dialogue: 0,0:26:10.34,0:26:17.48,Default,,0000,0000,0000,,square multiply part here, we see that the\Nsquare and the multiply function uses the
Dialogue: 0,0:26:17.48,0:26:25.42,Default,,0000,0000,0000,,AVX optimized memset function. So the\Nenergy consumption should also be more if
Dialogue: 0,0:26:25.42,0:26:30.91,Default,,0000,0000,0000,,we execute an AVX instruction because AVX\Ninstructions use much larger registers. So
Dialogue: 0,0:26:30.91,0:26:33.03,Default,,0000,0000,0000,,basically we should be able to observe\Nthat.
Dialogue: 0,0:26:33.03,0:26:36.04,Default,,0000,0000,0000,,M: Interesting.\NA: The only drawback here is that we
Dialogue: 0,0:26:36.04,0:26:43.47,Default,,0000,0000,0000,,cannot use the same approach as with the\Ntoy cipher because the square has a
Dialogue: 0,0:26:43.47,0:26:48.66,Default,,0000,0000,0000,,different number of instructions as the\Nsquare and multiply function. So we need
Dialogue: 0,0:26:48.66,0:26:54.95,Default,,0000,0000,0000,,to do a trick here. So to understand what\Nwe did here, our target is that we
Dialogue: 0,0:26:54.95,0:27:00.28,Default,,0000,0000,0000,,reconstruct a key bit. And if the key bit\Nis one we execute a square and multiply.
Dialogue: 0,0:27:00.28,0:27:09.26,Default,,0000,0000,0000,,If the key bit is zero, we execute a\Nsquare. So to visualize how we execute
Dialogue: 0,0:27:09.26,0:27:14.47,Default,,0000,0000,0000,,zero and single stepping, we have to dig\Ninto the assembler a bit. So to test for
Dialogue: 0,0:27:14.47,0:27:18.69,Default,,0000,0000,0000,,the key bit, we execute like a test\Ninstruction and then we execute a
Dialogue: 0,0:27:18.69,0:27:24.73,Default,,0000,0000,0000,,conditional jump. And if we execute the\Nsquare and multiply we have for instance,
Dialogue: 0,0:27:24.73,0:27:29.44,Default,,0000,0000,0000,,K instructions. And if we execute the\Nsquare we have for instance L
Dialogue: 0,0:27:29.44,0:27:34.26,Default,,0000,0000,0000,,instructions. So we can see that these two\Nnumbers do not add up. They are different.
Dialogue: 0,0:27:34.26,0:27:40.05,Default,,0000,0000,0000,,So we cannot simply measure each Kth\Ninstruction and get the key out. So we
Dialogue: 0,0:27:40.05,0:27:45.03,Default,,0000,0000,0000,,need to do something different here. We\Ncan number the instructions after the jump
Dialogue: 0,0:27:45.03,0:27:52.98,Default,,0000,0000,0000,,instruction and then using single stepping\Nto single step to the Nth instruction
Dialogue: 0,0:27:52.98,0:27:59.27,Default,,0000,0000,0000,,after the jump instruction. And on the\Nleft side, if you observe one, we hit then
Dialogue: 0,0:27:59.27,0:28:05.41,Default,,0000,0000,0000,,exactly the AVX instruction there, used in\Nthe AVX memset. And if you then use our
Dialogue: 0,0:28:05.41,0:28:10.04,Default,,0000,0000,0000,,measurement framework to measure exactly\Nthe nth instruction after the jump, we
Dialogue: 0,0:28:10.04,0:28:14.69,Default,,0000,0000,0000,,observe on the one hand a high energy\Nconsumption and on the other hand, we
Dialogue: 0,0:28:14.69,0:28:20.14,Default,,0000,0000,0000,,observe low energy consumption if the\Nbranch was not taken or a zero.
Dialogue: 0,0:28:20.14,0:28:22.91,Default,,0000,0000,0000,,M: It's very clever.\NA: So if you measured both
Dialogue: 0,0:28:22.91,0:28:28.49,Default,,0000,0000,0000,,instructions here, we can then combine\Nthis energy measurements and then use a
Dialogue: 0,0:28:28.49,0:28:35.49,Default,,0000,0000,0000,,simple threshold to reconstruct the key\Nbit in the beginning. And then we do this
Dialogue: 0,0:28:35.49,0:28:39.27,Default,,0000,0000,0000,,iteratively for each key bit.\NM: This sounds pretty promising, but
Dialogue: 0,0:28:39.27,0:28:40.76,Default,,0000,0000,0000,,did you try it out?\N{\i1}laughter{\i0}
Dialogue: 0,0:28:40.76,0:28:45.15,Default,,0000,0000,0000,,A: Sure. Here, the results of that.\NAnd we can clearly see that we have
Dialogue: 0,0:28:45.15,0:28:48.74,Default,,0000,0000,0000,,different energy consumption or in this\Ncase voltage
Dialogue: 0,0:28:48.74,0:28:51.09,Default,,0000,0000,0000,,{\i1}applause{\i0}\Nbased on if the
Dialogue: 0,0:28:51.09,0:28:56.16,Default,,0000,0000,0000,,AVX instruction is executed or if the\Ninstruction at the same offset in the
Dialogue: 0,0:28:56.16,0:28:59.41,Default,,0000,0000,0000,,other branch is executed.\NM: How fast does this work, does this
Dialogue: 0,0:28:59.41,0:29:03.02,Default,,0000,0000,0000,,take like 5 days?\NA: Not quite that long. We have one
Dialogue: 0,0:29:03.02,0:29:08.44,Default,,0000,0000,0000,,problem here that the time per key bit\Nincreases the further or later the key bit
Dialogue: 0,0:29:08.44,0:29:14.04,Default,,0000,0000,0000,,is in the key. So basically the first key\Nbit we can reconstruct very fast, but for
Dialogue: 0,0:29:14.04,0:29:18.23,Default,,0000,0000,0000,,the last key bit, we need a single step\Nmuch further in the code to actually reach
Dialogue: 0,0:29:18.23,0:29:23.46,Default,,0000,0000,0000,,it. And this adds up. So basically the\Ntime increases linearly between the key
Dialogue: 0,0:29:23.46,0:29:29.09,Default,,0000,0000,0000,,bits. But for our key here, our test key\Nwith 512 bits that takes us about 3.5
Dialogue: 0,0:29:29.09,0:29:35.28,Default,,0000,0000,0000,,hours to reconstruct a complete key. Note\Nhere that we spent like 52 minutes
Dialogue: 0,0:29:35.28,0:29:39.79,Default,,0000,0000,0000,,only to find the target instruction. So\Nbasically, if we could optimize that, the
Dialogue: 0,0:29:39.79,0:29:45.69,Default,,0000,0000,0000,,attack would be much faster. In addition,\Nwe had to record like 3 samples per key
Dialogue: 0,0:29:45.69,0:29:50.20,Default,,0000,0000,0000,,bit. But with the implementation, it\Nshould be possible to actually do that
Dialogue: 0,0:29:50.20,0:29:54.60,Default,,0000,0000,0000,,with 1 sample. And since we then only need\None sample per key bit, we actually can do
Dialogue: 0,0:29:54.60,0:29:58.57,Default,,0000,0000,0000,,it with a single trace attack. But we did\Nnot try that out, unfortunately.
Dialogue: 0,0:29:58.57,0:30:03.38,Default,,0000,0000,0000,,Moritz: quite fast.\NMichael: So while all this sounded quite
Dialogue: 0,0:30:03.38,0:30:08.18,Default,,0000,0000,0000,,easy and straightforward in hindsight,\Nthis was actually a really long process.
Dialogue: 0,0:30:08.18,0:30:14.10,Default,,0000,0000,0000,,Starting at the beginning of 2017 when we\Ndiscovered this interface, the RAPL
Dialogue: 0,0:30:14.10,0:30:18.71,Default,,0000,0000,0000,,interface. Then we had to come up with a\Ntitle for this talk, of course, {\i1}laughter{\i0}
Dialogue: 0,0:30:18.71,0:30:25.68,Default,,0000,0000,0000,,and some lyrics for a song. We had the\Nfirst toy attack on RSA at the end of
Dialogue: 0,0:30:25.68,0:30:34.46,Default,,0000,0000,0000,,2017. It took us until 2018 to finally get\Na KASLR break that was working and only in
Dialogue: 0,0:30:34.46,0:30:41.28,Default,,0000,0000,0000,,2019, by the end of 2019. After Andreas\Ndid his master's thesis on that, we were
Dialogue: 0,0:30:41.28,0:30:48.03,Default,,0000,0000,0000,,able to produce a full attack on RSA. And\Nthis is also the time when we submitted
Dialogue: 0,0:30:48.03,0:30:53.91,Default,,0000,0000,0000,,that as a paper to a conference and\Ndisclosed that to the CPU vendors so that
Dialogue: 0,0:30:53.91,0:30:59.55,Default,,0000,0000,0000,,they can fix that. And this is also the\Nstart of the embargo. This embargo for
Dialogue: 0,0:30:59.55,0:31:10.64,Default,,0000,0000,0000,,this vulnerability lasted almost one year.\NSo from November 2019 to November 2020. It
Dialogue: 0,0:31:10.64,0:31:15.79,Default,,0000,0000,0000,,was just a few weeks ago that this embargo\Nended here.
Dialogue: 0,0:31:15.79,0:31:21.04,Default,,0000,0000,0000,,Moritz: But there's one thing missing. We\Nreally wanted to do crypto attacks, but
Dialogue: 0,0:31:21.04,0:31:28.07,Default,,0000,0000,0000,,not only with SGX-step as a compromised\Noperating system, but also from userspace.
Dialogue: 0,0:31:28.07,0:31:33.65,Default,,0000,0000,0000,,But as we've seen, it's so difficult to\Nmeasure parts of the code without having
Dialogue: 0,0:31:33.65,0:31:39.65,Default,,0000,0000,0000,,SGX-step. But what we can do is we can\Nmeasure the power consumption of the
Dialogue: 0,0:31:39.65,0:31:46.28,Default,,0000,0000,0000,,overall execution of an algorithm and\Nthere correlation power analysis comes in
Dialogue: 0,0:31:46.28,0:31:53.12,Default,,0000,0000,0000,,handy. And there what we do is we build a\Npower consumption model of our device. As
Dialogue: 0,0:31:53.12,0:31:58.54,Default,,0000,0000,0000,,we've heard earlier, the Hamming Weight is\Nthe number of bits that is set in an
Dialogue: 0,0:31:58.54,0:32:05.58,Default,,0000,0000,0000,,operand or in the data. And we assume that\Nif a bit is set, the computer takes more
Dialogue: 0,0:32:05.58,0:32:10.85,Default,,0000,0000,0000,,power to process it. In addition, what you\Ncan use as a different model is the
Dialogue: 0,0:32:10.85,0:32:17.77,Default,,0000,0000,0000,,Hamming distance. So from one operation to\Nthe other, how many bits change? And then
Dialogue: 0,0:32:17.77,0:32:24.69,Default,,0000,0000,0000,,we assume the more bits change, the more\Npower is consumed. And we really want to
Dialogue: 0,0:32:24.69,0:32:30.70,Default,,0000,0000,0000,,try that out. So what we are targeting now\Nis AES-NI, a side channel resistant
Dialogue: 0,0:32:30.70,0:32:37.32,Default,,0000,0000,0000,,instruction set of Intel. And we target it\Nin a scenario where we can trigger the
Dialogue: 0,0:32:37.32,0:32:43.73,Default,,0000,0000,0000,,encryption and decryption of many, many\Nblocks over long time so that the
Dialogue: 0,0:32:43.73,0:32:50.77,Default,,0000,0000,0000,,execution time is longer than the RAPL\Nupdate rate, so that we can really see the
Dialogue: 0,0:32:50.77,0:32:55.64,Default,,0000,0000,0000,,power consumption in our measurement. And\Nthis is used, for instance, in disk
Dialogue: 0,0:32:55.64,0:33:05.34,Default,,0000,0000,0000,,encryption or decryption or if you seal or\Nunseal the SGX enclave state. And we can
Dialogue: 0,0:33:05.34,0:33:10.84,Default,,0000,0000,0000,,now do that and record power measurements\Nin different scenarios, right?
Dialogue: 0,0:33:10.84,0:33:17.39,Default,,0000,0000,0000,,Andreas: Sure, we can try that. So in our\Nexperiment, we recorded two million traces
Dialogue: 0,0:33:17.39,0:33:25.86,Default,,0000,0000,0000,,over 26 hours for SGX environment. But we\Nalso tried to reconstruct it without SGX
Dialogue: 0,0:33:25.86,0:33:29.70,Default,,0000,0000,0000,,where we used the encryption inside a\Nkernel module. And there we recorded
Dialogue: 0,0:33:29.70,0:33:36.95,Default,,0000,0000,0000,,4 million traces in 50 hours. And to\Nunderstand the attack here, we have to
Dialogue: 0,0:33:36.95,0:33:42.03,Default,,0000,0000,0000,,look at this animation. So basically we\Nhave our computer where secret key is
Dialogue: 0,0:33:42.03,0:33:49.50,Default,,0000,0000,0000,,stored somewhere intern. Then we have this\Nkey to encrypt some messages and we also
Dialogue: 0,0:33:49.50,0:33:54.24,Default,,0000,0000,0000,,have the power consumption here. And what\Nwe now did is we recorded the encrypted
Dialogue: 0,0:33:54.24,0:34:00.85,Default,,0000,0000,0000,,message and the power consumption it took\Nto encrypt this message for many messages.
Dialogue: 0,0:34:00.85,0:34:07.54,Default,,0000,0000,0000,,And then we use a model of the CPU here to\Npredict the energy consumption, to
Dialogue: 0,0:34:07.54,0:34:12.94,Default,,0000,0000,0000,,reconstruct the key. The key is usually\Nsplit up into parts, where each of the
Dialogue: 0,0:34:12.94,0:34:20.89,Default,,0000,0000,0000,,parts can have a value between 0 and 255.\NSo to reconstruct the key here, we simply
Dialogue: 0,0:34:20.89,0:34:28.82,Default,,0000,0000,0000,,use our measurements in the model and we\Ntry out one of the key parts and estimate
Dialogue: 0,0:34:28.82,0:34:35.81,Default,,0000,0000,0000,,the energy consumption for the key part.\NAnd then we store the correlation between
Dialogue: 0,0:34:35.81,0:34:42.62,Default,,0000,0000,0000,,the recorded messages and the prediction.\NAnd we do this for every of the possible
Dialogue: 0,0:34:42.62,0:34:50.38,Default,,0000,0000,0000,,key values. And once we found the key\Nvalue of the highest correlation, we know
Dialogue: 0,0:34:50.38,0:34:56.91,Default,,0000,0000,0000,,that this key value corresponds to the key\Npart of the key. And we then simply repeat
Dialogue: 0,0:34:56.91,0:35:02.28,Default,,0000,0000,0000,,the process for each of the parts of the\Nkey until we get the final key.
Dialogue: 0,0:35:02.28,0:35:07.45,Default,,0000,0000,0000,,M: And we actually tried that out. So\Nhere in our demo video, you see on the
Dialogue: 0,0:35:07.45,0:35:13.39,Default,,0000,0000,0000,,left where we test all the combinations\Nand see what is the most likely key
Dialogue: 0,0:35:13.39,0:35:18.35,Default,,0000,0000,0000,,candidate at the moment, while for a\Nsingle key byte on the right, you see
Dialogue: 0,0:35:18.35,0:35:23.73,Default,,0000,0000,0000,,every possible value and the correlation.\NSo in the beginning, with not that many
Dialogue: 0,0:35:23.73,0:35:29.75,Default,,0000,0000,0000,,traces processed, it's not very clear\Nwhich key candidate is the right one,
Dialogue: 0,0:35:29.75,0:35:34.85,Default,,0000,0000,0000,,because there's so much measurement noise\Nintroduced by measuring over the overall
Dialogue: 0,0:35:34.85,0:35:41.29,Default,,0000,0000,0000,,execution time. But over time, this signal\Ngets more stable and we see on the right
Dialogue: 0,0:35:41.29,0:35:45.89,Default,,0000,0000,0000,,with the peak getting more and more\Ndistance from the other candidates that
Dialogue: 0,0:35:45.89,0:35:52.38,Default,,0000,0000,0000,,this is our correct key byte. And we do\Nthis, as Andreas said, for every possible
Dialogue: 0,0:35:52.38,0:35:57.23,Default,,0000,0000,0000,,key byte with every possible value. So in\Nthe end, we end up with the correct key.
Dialogue: 0,0:35:57.23,0:36:00.73,Default,,0000,0000,0000,,{\i1}applause{\i0}\NA: OK, but this seems like it's only
Dialogue: 0,0:36:00.73,0:36:05.93,Default,,0000,0000,0000,,Intel CPUs. Does this also affect others?\NM: Yes. So actually, we also tried
Dialogue: 0,0:36:05.93,0:36:10.86,Default,,0000,0000,0000,,out how to CPU vendors if they have\Nsimilar interfaces. And for instance, AMD
Dialogue: 0,0:36:10.86,0:36:17.53,Default,,0000,0000,0000,,is affected as well. But we never really\Nheard back from them after our disclosure.
Dialogue: 0,0:36:17.53,0:36:23.51,Default,,0000,0000,0000,,And the patch how to try to solve the\Nproblem with the driver is similar to the
Dialogue: 0,0:36:23.51,0:36:27.40,Default,,0000,0000,0000,,one that Intel has.\NA: Your right Moritz, it actually
Dialogue: 0,0:36:27.40,0:36:31.84,Default,,0000,0000,0000,,works. So I tried the same code on AMD.\NThe one you showed before was
Dialogue: 0,0:36:31.84,0:36:37.08,Default,,0000,0000,0000,,distinguishing operands, at that also\Nworks on AMD. That's pretty nice. It's not
Dialogue: 0,0:36:37.08,0:36:41.44,Default,,0000,0000,0000,,an Intel only issue. It also affects at\Nleast AMD as well.
Dialogue: 0,0:36:41.44,0:36:45.23,Default,,0000,0000,0000,,M: Yes, but actually there are many\Nother vendors as well that provide
Dialogue: 0,0:36:45.23,0:36:50.41,Default,,0000,0000,0000,,interfaces, even some of them unprivileged\Nto user space where you could probably
Dialogue: 0,0:36:50.41,0:36:55.66,Default,,0000,0000,0000,,mount similar attacks. For instance,\NNvidia, IBM, or Marvell and Ampere.
Dialogue: 0,0:36:55.66,0:37:00.91,Default,,0000,0000,0000,,A: So this is really an industry\Nwide problem here. And we've also seen
Dialogue: 0,0:37:00.91,0:37:08.43,Default,,0000,0000,0000,,that from the media coverage. So not only\NGerman news brought about that like Heise
Dialogue: 0,0:37:08.43,0:37:13.79,Default,,0000,0000,0000,,or Golem, but it also went more\Ninternational with ZDNET, Ars Technica,
Dialogue: 0,0:37:13.79,0:37:20.97,Default,,0000,0000,0000,,CSO, Tech Radar, Computer Weekly and many,\Nmany others that wrote about this new type
Dialogue: 0,0:37:20.97,0:37:28.60,Default,,0000,0000,0000,,of vulnerability that affects many\Ncomputers out there. And I guess if it
Dialogue: 0,0:37:28.60,0:37:31.48,Default,,0000,0000,0000,,affects many computers, we should do\Nsomething against that.
Dialogue: 0,0:37:31.48,0:37:35.78,Default,,0000,0000,0000,,M: Yes, you're right. We cannot only\Nhave an attack and no mitigation against
Dialogue: 0,0:37:35.78,0:37:41.47,Default,,0000,0000,0000,,it. This would not be right. And indeed,\Nit's quite easy to fix that because we
Dialogue: 0,0:37:41.47,0:37:46.04,Default,,0000,0000,0000,,said in the beginning, you have\Nunprivileged access to those registers. So
Dialogue: 0,0:37:46.04,0:37:51.93,Default,,0000,0000,0000,,we just restrict the access. And we are\Ndone, and this is exactly a one line patch
Dialogue: 0,0:37:51.93,0:37:59.48,Default,,0000,0000,0000,,for the Linux kernel. But as we've seen\Nwith the threat model of Intel SGX, which
Dialogue: 0,0:37:59.48,0:38:05.05,Default,,0000,0000,0000,,allows a compromised operating system. So\Nthis one line patch does not help there
Dialogue: 0,0:38:05.05,0:38:11.34,Default,,0000,0000,0000,,because I'm the operating system, I can do\Nwhatever I want to. We need more and more
Dialogue: 0,0:38:11.34,0:38:18.44,Default,,0000,0000,0000,,complex mitigations. And in this case,\Nmicrocode updates are necessary. And what
Dialogue: 0,0:38:18.44,0:38:23.99,Default,,0000,0000,0000,,Intel does is to fall back to the model of\Nthe energy consumption. So they have an
Dialogue: 0,0:38:23.99,0:38:28.93,Default,,0000,0000,0000,,internal model. How much energy is\Nconsumed by an executed instruction and
Dialogue: 0,0:38:28.93,0:38:33.97,Default,,0000,0000,0000,,use that instead of the real measurement.\NAnd this does not allow to distinguish
Dialogue: 0,0:38:33.97,0:38:40.90,Default,,0000,0000,0000,,data and operands from each other again.\NSo if your implementation is implemented
Dialogue: 0,0:38:40.90,0:38:47.22,Default,,0000,0000,0000,,correctly, if you use constant time, then\Nyou are mitigated and protected against
Dialogue: 0,0:38:47.22,0:38:53.44,Default,,0000,0000,0000,,these attacks. And as we see here in the\Nplot, we tried to mitigation out. So on
Dialogue: 0,0:38:53.44,0:38:58.02,Default,,0000,0000,0000,,the left, we were able to see differences\Ndepending on the Hamming weight of the
Dialogue: 0,0:38:58.02,0:39:03.70,Default,,0000,0000,0000,,operands. And on the right with the\Nmitigation in place, it just does not work
Dialogue: 0,0:39:03.70,0:39:07.31,Default,,0000,0000,0000,,anymore and you cannot see any\Ndifferences. {\i1}applause{\i0}
Dialogue: 0,0:39:07.31,0:39:11.14,Default,,0000,0000,0000,,Andreas: Nice. So you really\Ncan't read her power trace any more.
Dialogue: 0,0:39:11.14,0:39:35.55,Default,,0000,0000,0000,,{\i1}Music: Pokerface by Lady Gaga{\i0}
Dialogue: 0,0:39:35.55,0:39:39.64,Default,,0000,0000,0000,,{\i1}sings{\i0}\NI wonna probe 'em like in 1943
Dialogue: 0,0:39:39.64,0:39:43.12,Default,,0000,0000,0000,,touch 'em, measure wattage\Ncorrelate and get the key
Dialogue: 0,0:39:43.12,0:39:44.00,Default,,0000,0000,0000,,I probe it
Dialogue: 0,0:39:44.00,0:39:47.37,Default,,0000,0000,0000,,Oscilloscopes are not the same\Nwithout a probe
Dialogue: 0,0:39:47.37,0:39:52.22,Default,,0000,0000,0000,,And babe, if it's remote if it's not code,\Nit cannot run
Dialogue: 0,0:39:56.24,0:39:59.73,Default,,0000,0000,0000,,I'll let him plot, let's see what he's got
Dialogue: 0,0:40:04.25,0:40:08.14,Default,,0000,0000,0000,,I'll let him plot, let's see what he's got
Dialogue: 0,0:40:08.14,0:40:10.39,Default,,0000,0000,0000,,Can't read my, can't read my
Dialogue: 0,0:40:10.39,0:40:14.09,Default,,0000,0000,0000,,No he can't read my power trace
Dialogue: 0,0:40:14.09,0:40:16.37,Default,,0000,0000,0000,,She's got the countermeasure
Dialogue: 0,0:40:16.37,0:40:18.28,Default,,0000,0000,0000,,Can't read my, can't read my
Dialogue: 0,0:40:18.28,0:40:21.91,Default,,0000,0000,0000,,No he can't read my power trace
Dialogue: 0,0:40:21.91,0:40:24.57,Default,,0000,0000,0000,,She's got the countermeasure
Dialogue: 0,0:40:24.57,0:40:27.65,Default,,0000,0000,0000,,P-p-p-power trace, p-p-power trace
Dialogue: 0,0:40:28.53,0:40:31.69,Default,,0000,0000,0000,,P-p-p-power trace, p-p-power trace
Dialogue: 0,0:40:32.53,0:40:35.66,Default,,0000,0000,0000,,P-p-p-power trace, p-p-power trace
Dialogue: 0,0:40:36.69,0:40:39.56,Default,,0000,0000,0000,,P-p-p-power trace, p-p-power trace
Dialogue: 0,0:40:41.40,0:40:43.73,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:40:43.73,0:40:45.91,Default,,0000,0000,0000,,Moritz: With all those nasty songs, we
Dialogue: 0,0:40:45.91,0:40:50.91,Default,,0000,0000,0000,,wrote them down in a scientific paper and\Nthe PLATYPUS paper has been accepted
Dialogue: 0,0:40:50.91,0:40:57.24,Default,,0000,0000,0000,,recently at a conference. And we also want\Nto thank you, all the other coauthors who
Dialogue: 0,0:40:57.24,0:41:04.52,Default,,0000,0000,0000,,are not in this talk, like David Oswald,\NCatherine Easton and Claudio Canela. To
Dialogue: 0,0:41:04.52,0:41:09.90,Default,,0000,0000,0000,,sum it up, what we have seen is that with\Npower sidechannel attacks, you can even
Dialogue: 0,0:41:09.90,0:41:16.63,Default,,0000,0000,0000,,exploit them from software. So there is no\Nneed to attach an oscilloscope on modern
Dialogue: 0,0:41:16.63,0:41:19.51,Default,,0000,0000,0000,,Intel CPUs.
Dialogue: 0,0:41:19.51,0:41:23.24,Default,,0000,0000,0000,,Michael: And what we've also seen is\Nthat since the SGX threat model allows for
Dialogue: 0,0:41:23.24,0:41:27.81,Default,,0000,0000,0000,,much more capable attackers, mitigating\Npower sidechannel attacks on the SGX
Dialogue: 0,0:41:27.81,0:41:32.37,Default,,0000,0000,0000,,enclaves is much more work than simple\Nsoftware patches.
Dialogue: 0,0:41:32.37,0:41:34.60,Default,,0000,0000,0000,,Andreas: Yes, and that concludes
Dialogue: 0,0:41:34.60,0:41:39.70,Default,,0000,0000,0000,,our talk on PLATYPUS. Thank you all for\Nlistening.
Dialogue: 0,0:41:39.70,0:41:56.86,Default,,0000,0000,0000,,{\i1}Applause and Music{\i0}
Dialogue: 0,0:41:59.08,0:42:05.58,Default,,0000,0000,0000,,Herald: Thank you very much for your\Nexcuse me, nerdy talk and thank Moritz,
Dialogue: 0,0:42:05.58,0:42:13.14,Default,,0000,0000,0000,,Michael, Daniel and Andreas. We head over\Nto our Q&A session and the first question
Dialogue: 0,0:42:13.14,0:42:21.06,Default,,0000,0000,0000,,would be, how does it come that you have\Nso, let's say through the back door
Dialogue: 0,0:42:21.06,0:42:26.68,Default,,0000,0000,0000,,against CPU attack against the CPU idea,\Nyou mentioned you attack the through a
Dialogue: 0,0:42:26.68,0:42:31.91,Default,,0000,0000,0000,,power driver RSA. Could you tell me a\Nlittle bit more about that?
Dialogue: 0,0:42:31.91,0:42:36.64,Default,,0000,0000,0000,,Moritz: Yes. So the basic idea of\Nattacking cryptographic algorithms with
Dialogue: 0,0:42:36.64,0:42:41.34,Default,,0000,0000,0000,,power side channel attacks is not very new\NThis was like one of the first things
Dialogue: 0,0:42:41.34,0:42:46.40,Default,,0000,0000,0000,,researchers have shown, but most of the\Ntime for like smaller devices, like smart
Dialogue: 0,0:42:46.40,0:42:52.74,Default,,0000,0000,0000,,cards, like your bank card, for instance.\NAnd for those attacks, you usually had
Dialogue: 0,0:42:52.74,0:42:57.47,Default,,0000,0000,0000,,like an oscilloscope that you needed to\Nattach to the device to do the attack. But
Dialogue: 0,0:42:57.47,0:43:02.01,Default,,0000,0000,0000,,with modern processors, they have\Nbasically an oscilloscope built into the
Dialogue: 0,0:43:02.01,0:43:07.31,Default,,0000,0000,0000,,processor, which you can read out as the\Noperating system. And in our case, there
Dialogue: 0,0:43:07.31,0:43:12.45,Default,,0000,0000,0000,,are like drivers that expose this\Ninterface, also to userspace. So from
Dialogue: 0,0:43:12.45,0:43:18.05,Default,,0000,0000,0000,,there as an unprivileged attacker, you can\Nthen try to exploit that. And yeah
Dialogue: 0,0:43:18.05,0:43:23.45,Default,,0000,0000,0000,,basically the best thing that we wanted to\Nachieve with those attacks is to attack
Dialogue: 0,0:43:23.45,0:43:29.43,Default,,0000,0000,0000,,cryptographic algorithms and not to\Ntransmit some data between two processes.
Dialogue: 0,0:43:29.43,0:43:35.70,Default,,0000,0000,0000,,Herald: Cool, thank you. Our next\Nquestion, you mentioned a little bit about
Dialogue: 0,0:43:35.70,0:43:44.26,Default,,0000,0000,0000,,ARM sorry, AMD, how about ARM? So not x86\Narchitecture?
Dialogue: 0,0:43:44.26,0:43:49.35,Default,,0000,0000,0000,,Moritz: So there are many other vendors\Nthat have similar interfaces, some of them
Dialogue: 0,0:43:49.35,0:43:55.52,Default,,0000,0000,0000,,also provide drivers that expose them\Ndirectly to userspace, but we hardly had
Dialogue: 0,0:43:55.52,0:44:01.39,Default,,0000,0000,0000,,any access to those devices, so we could\Nnot really fully evaluate if these attacks
Dialogue: 0,0:44:01.39,0:44:06.07,Default,,0000,0000,0000,,are also possible on them. But in the\Npaper, we have an appendix where we
Dialogue: 0,0:44:06.07,0:44:10.44,Default,,0000,0000,0000,,describe them in a bit more detail so you\Ncan try it out on your own and let us know
Dialogue: 0,0:44:10.44,0:44:15.12,Default,,0000,0000,0000,,if it works.\NHerald: Cool. Thank you. So please, fellow
Dialogue: 0,0:44:15.12,0:44:20.47,Default,,0000,0000,0000,,hackers, try it out at your system, at\Nhome. Now, our next question is related to
Dialogue: 0,0:44:20.47,0:44:26.37,Default,,0000,0000,0000,,that. Is there a survey which hardware has\Nthe RAPL or similar weaknesses? Intel,
Dialogue: 0,0:44:26.37,0:44:33.04,Default,,0000,0000,0000,,AMD, ARM even.\NMoritz: I don't know if anyone else wants
Dialogue: 0,0:44:33.04,0:44:38.94,Default,,0000,0000,0000,,to answer that, I can also take the\Nquestion. So the RAPL interface itself
Dialogue: 0,0:44:38.94,0:44:44.13,Default,,0000,0000,0000,,comes from Intel, but a similar interface\Nis also implemented for AMD, and they also
Dialogue: 0,0:44:44.13,0:44:49.71,Default,,0000,0000,0000,,use basically the same name. They have\Na... For now, it's implemented in two ways
Dialogue: 0,0:44:49.71,0:44:54.42,Default,,0000,0000,0000,,for the Linux kernel, also in the RAPL\Ndriver, but also in a separate called AMD
Dialogue: 0,0:44:54.42,0:44:59.61,Default,,0000,0000,0000,,Energy Driver, which is included since a\Nfew months in the Linux kernel, in the
Dialogue: 0,0:44:59.61,0:45:05.07,Default,,0000,0000,0000,,upstream Kernel. And for other vendors it\Nworks a bit differently. So some of them
Dialogue: 0,0:45:05.07,0:45:12.09,Default,,0000,0000,0000,,just give you similar measurements, but\Nnot in a tightly related way to the RAPL
Dialogue: 0,0:45:12.09,0:45:16.22,Default,,0000,0000,0000,,Interface with a measure over a period of\Ntime and give you the average.
Dialogue: 0,0:45:16.61,0:45:21.56,Default,,0000,0000,0000,,Herald: OK, and..\NMichael: Maybe to add one point here: On
Dialogue: 0,0:45:21.56,0:45:26.53,Default,,0000,0000,0000,,Intel, basically the high resolution\Nsensors are included since the Skylake
Dialogue: 0,0:45:26.53,0:45:31.31,Default,,0000,0000,0000,,micro architecture. So something around\N2015.
Dialogue: 0,0:45:33.38,0:45:40.18,Default,,0000,0000,0000,,Herald: I see. We have another related\Nquestion to AMD. So did AMD issue any
Dialogue: 0,0:45:40.18,0:45:45.16,Default,,0000,0000,0000,,Microcode update for the secure encrypted\Nvirtual machines case apart from
Dialogue: 0,0:45:45.16,0:45:53.47,Default,,0000,0000,0000,,restricting access to MSR?\NMoritz: Not as far as we know. But from
Dialogue: 0,0:45:53.47,0:45:58.27,Default,,0000,0000,0000,,our knowledge to attack AMD CPU's, we need\Nto wait for a new generation so that we
Dialogue: 0,0:45:58.27,0:46:02.93,Default,,0000,0000,0000,,can do similar attacks from a similar\Nthreat model than we can do on an Intel.
Dialogue: 0,0:46:03.45,0:46:09.39,Default,,0000,0000,0000,,Herald: Cool, thank you. So another I\Nthink this is also related to it, you
Dialogue: 0,0:46:09.39,0:46:14.39,Default,,0000,0000,0000,,mentioned your Xen example where you\Nattack through a hypervisor. Does it work
Dialogue: 0,0:46:14.39,0:46:18.44,Default,,0000,0000,0000,,on other hypervisors like KVM or hyperV as\Nwell?
Dialogue: 0,0:46:18.44,0:46:24.47,Default,,0000,0000,0000,,Moritz: So for KVM, I don't think so. For\NWindows I also don't know I don't think
Dialogue: 0,0:46:24.47,0:46:29.51,Default,,0000,0000,0000,,they exposed those MSR directly to the\Nvirtual machines. So the issue is really
Dialogue: 0,0:46:29.51,0:46:34.27,Default,,0000,0000,0000,,here that we can have access to those MSRs\Nat the virtual machine where we should not
Dialogue: 0,0:46:34.27,0:46:40.86,Default,,0000,0000,0000,,have access to.\NHerald: OK, we have another question from,
Dialogue: 0,0:46:40.86,0:46:47.30,Default,,0000,0000,0000,,I think, the hardware section of our\Nremote Congress. Someone wonders if the
Dialogue: 0,0:46:47.30,0:46:51.83,Default,,0000,0000,0000,,same could be achieved with external power\Nmeasurement.
Dialogue: 0,0:46:52.99,0:46:57.64,Default,,0000,0000,0000,,Moritz: You mean if you could attach\Nactually an oscilloscope or a different
Dialogue: 0,0:46:57.64,0:47:03.51,Default,,0000,0000,0000,,probe to the CPU? Yes, you can do that.\NAnd it has already been demonstrated in
Dialogue: 0,0:47:03.51,0:47:07.28,Default,,0000,0000,0000,,the past.\NMichael: But it turned out with external
Dialogue: 0,0:47:07.28,0:47:12.51,Default,,0000,0000,0000,,tools, it takes even longer than with\Nsoftware. You have more issues finding the
Dialogue: 0,0:47:12.51,0:47:20.63,Default,,0000,0000,0000,,right spot in measuring. And there is one\Npaper, it took 14 days of collecting
Dialogue: 0,0:47:20.63,0:47:26.91,Default,,0000,0000,0000,,traces which are harder to probe, which is\Nmuch longer than in software. But it can
Dialogue: 0,0:47:26.91,0:47:30.98,Default,,0000,0000,0000,,be done.\NHerald: And there's another follow up
Dialogue: 0,0:47:30.98,0:47:38.68,Default,,0000,0000,0000,,question, how external is external? Where\Ndo you measure power consumptions of an
Dialogue: 0,0:47:38.68,0:47:46.65,Default,,0000,0000,0000,,x86 server?\NMoritz: OK, you would need to get physical
Dialogue: 0,0:47:46.65,0:47:51.40,Default,,0000,0000,0000,,access to the data center, I guess. And if\Nthis is in your threat model, you probably
Dialogue: 0,0:47:51.40,0:47:57.74,Default,,0000,0000,0000,,have different things to worry about.\NMichael: Yeah, you still need to find the
Dialogue: 0,0:47:57.74,0:48:04.61,Default,,0000,0000,0000,,right spot on your mainboard.\NHerald: OK, so are there, let's say
Dialogue: 0,0:48:04.61,0:48:08.68,Default,,0000,0000,0000,,documentation's where to get that right\Nspot.
Dialogue: 0,0:48:09.61,0:48:14.70,Default,,0000,0000,0000,,Moritz: I think one can take a look at\Nother research papers where they attached
Dialogue: 0,0:48:14.70,0:48:19.18,Default,,0000,0000,0000,,a probe, I think there are experts out\Nthere, but I don't know.
Dialogue: 0,0:48:19.18,0:48:26.69,Default,,0000,0000,0000,,Herald: OK, thank you. The next question,\Nwhy is the power information exported in
Dialogue: 0,0:48:26.69,0:48:32.81,Default,,0000,0000,0000,,such detail to the kernel or userspace\Nsoftware? Why isn't it only available to
Dialogue: 0,0:48:32.81,0:48:37.70,Default,,0000,0000,0000,,the firmware or filtered to return an\Naverage, for example, one second power
Dialogue: 0,0:48:37.70,0:48:43.28,Default,,0000,0000,0000,,trace?\NMoritz: Good question. We did not
Dialogue: 0,0:48:43.28,0:48:48.14,Default,,0000,0000,0000,,implement that. I think the reason is...\NAndi?
Dialogue: 0,0:48:48.14,0:48:53.54,Default,,0000,0000,0000,,Andreas: The once second power trace would\Nmake the attack only slower because you
Dialogue: 0,0:48:53.54,0:48:58.34,Default,,0000,0000,0000,,can still do exactly what we did with\Nsingle stepping here, because RAPL is
Dialogue: 0,0:48:58.34,0:49:04.48,Default,,0000,0000,0000,,already very slow and we need a mechanism\Nto replay instructions to get a good
Dialogue: 0,0:49:04.48,0:49:08.78,Default,,0000,0000,0000,,reading of the energy consumption of the\Ninstructions. So if you only increase the
Dialogue: 0,0:49:08.78,0:49:14.17,Default,,0000,0000,0000,,update rate there, the attacks would still\Nbe possible, but only take longer to
Dialogue: 0,0:49:14.17,0:49:22.82,Default,,0000,0000,0000,,record the traces there. So you have to...\NYeah. So you have to find a tradeoff
Dialogue: 0,0:49:22.82,0:49:28.05,Default,,0000,0000,0000,,between your countermeasures there.\NHerald: Okay, so let's say with an
Dialogue: 0,0:49:28.05,0:49:33.18,Default,,0000,0000,0000,,average, your resolution is lower, but\Nstill it just takes more time to record
Dialogue: 0,0:49:33.18,0:49:38.42,Default,,0000,0000,0000,,it. And still it does work, right?\NMoritz: Yes. And the other thing is that
Dialogue: 0,0:49:38.42,0:49:43.45,Default,,0000,0000,0000,,one needs to keep in mind those drivers\Nare not written for security in mind, but
Dialogue: 0,0:49:43.45,0:49:48.78,Default,,0000,0000,0000,,for performance so that this can be used\Nby other tools that like give you the best
Dialogue: 0,0:49:48.78,0:49:55.06,Default,,0000,0000,0000,,performance of your CPU. And in that case,\Nit just has not been masked and you get
Dialogue: 0,0:49:55.06,0:49:58.71,Default,,0000,0000,0000,,the value directly at the operating system\Nsees.
Dialogue: 0,0:49:59.11,0:50:06.38,Default,,0000,0000,0000,,Herald: Crazy. Our second to last\Nquestion, how long is the update interval
Dialogue: 0,0:50:06.38,0:50:13.05,Default,,0000,0000,0000,,for this measurement? I heard something\Nabout...
Dialogue: 0,0:50:13.05,0:50:17.22,Default,,0000,0000,0000,,Andreas: For the fastest register we\Nobserved, it's like 10 microseconds, for
Dialogue: 0,0:50:17.22,0:50:21.08,Default,,0000,0000,0000,,the slowest one... So there are different\Ndomains where you measure only parts of
Dialogue: 0,0:50:21.08,0:50:25.29,Default,,0000,0000,0000,,the CPU and for the whole package, this\Nincludes all the cores and the memory
Dialogue: 0,0:50:25.29,0:50:30.10,Default,,0000,0000,0000,,controller, it takes around one\Nmillisecond there. So this is already very
Dialogue: 0,0:50:30.10,0:50:35.31,Default,,0000,0000,0000,,slow, if you compare it to the frequency\Nwhere CPUs are currently running at.
Dialogue: 0,0:50:36.69,0:50:43.54,Default,,0000,0000,0000,,Herald: Crazy. In this case, are there any\Nother questions from the interwebs, from
Dialogue: 0,0:50:43.54,0:50:50.46,Default,,0000,0000,0000,,Twitter, from our IRC channel? Because\Notherwise we would head over to more,
Dialogue: 0,0:50:50.46,0:50:56.18,Default,,0000,0000,0000,,let's say, personal interview. Let's give\Nthem a try.
Dialogue: 0,0:51:07.73,0:51:09.88,Default,,0000,0000,0000,,In this case, no more
Dialogue: 0,0:51:09.88,0:51:16.85,Default,,0000,0000,0000,,questions, so in this. So, again, thank\Nyou. Moritz, Michael, Daniel and Andreas,
Dialogue: 0,0:51:16.85,0:51:27.23,Default,,0000,0000,0000,,for these for this really interesting talk\Nfor this Q&A session, the Internet tells
Dialogue: 0,0:51:27.23,0:51:35.62,Default,,0000,0000,0000,,me no questions. We head over to our\Npersonal interview. I asked you earlier
Dialogue: 0,0:51:35.62,0:51:43.67,Default,,0000,0000,0000,,before our talk. So with all these, let's\Nsay, research things going on in the
Dialogue: 0,0:51:43.67,0:51:49.42,Default,,0000,0000,0000,,Corona time. So what's your personal\Nexperience? What changed in your work life
Dialogue: 0,0:51:49.42,0:51:56.00,Default,,0000,0000,0000,,balance in the last one year?\NMoritz: I think the biggest change is that
Dialogue: 0,0:51:56.00,0:52:02.10,Default,,0000,0000,0000,,most of the coffee breaks you do alone\Ninstead of with the colleagues.
Dialogue: 0,0:52:04.21,0:52:08.71,Default,,0000,0000,0000,,Herald: So how do you meet in your in\Nyour, let's say, lunch break? Do you have
Dialogue: 0,0:52:08.71,0:52:16.07,Default,,0000,0000,0000,,as well a lunch break break out session in\NJitsi? Yeah, we started with Jitsi, but
Dialogue: 0,0:52:16.07,0:52:20.32,Default,,0000,0000,0000,,used different systems on the long way.\NAnd now it's like a fixed coffee meeting
Dialogue: 0,0:52:20.32,0:52:25.64,Default,,0000,0000,0000,,at 2:00 p.m. every day and try to meet\Neveryone or have individual meetings, of
Dialogue: 0,0:52:25.64,0:52:28.76,Default,,0000,0000,0000,,course.\NHerald: And does this work? But so is
Dialogue: 0,0:52:28.76,0:52:35.32,Default,,0000,0000,0000,,everyone on time. So sharp 12?\NMoritz: No, but I think no one really
Dialogue: 0,0:52:35.32,0:52:40.50,Default,,0000,0000,0000,,cares.\NHerald: So it's just for socializing?
Dialogue: 0,0:52:40.50,0:52:47.17,Default,,0000,0000,0000,,Moritz: Yes. But we also discuss work\Nrelated issues also in separate meetings.
Dialogue: 0,0:52:47.17,0:52:54.85,Default,,0000,0000,0000,,And yeah, I think time is different, but\Nyou get used to it. But let's hope it's
Dialogue: 0,0:52:54.85,0:53:02.11,Default,,0000,0000,0000,,over soon.\NHerald: What about the others, Michael?
Dialogue: 0,0:53:02.11,0:53:08.91,Default,,0000,0000,0000,,Michael: Yes, I'm in the same coffee\Nbreaks as Moritz. Sometimes every day,
Dialogue: 0,0:53:08.91,0:53:17.20,Default,,0000,0000,0000,,depends on the workload, so I feel quite\Nlucky that we can still work full time and
Dialogue: 0,0:53:17.20,0:53:21.89,Default,,0000,0000,0000,,get our work done. And I don't have to\Nfear that we lose our jobs in the in the
Dialogue: 0,0:53:21.89,0:53:30.61,Default,,0000,0000,0000,,short term. So I think that takes a lot of\Npressure off. But, yeah, I mean, it's
Dialogue: 0,0:53:30.61,0:53:35.86,Default,,0000,0000,0000,,different. I'm also missing the\Nconferences, so I used to travel around a
Dialogue: 0,0:53:35.86,0:53:43.99,Default,,0000,0000,0000,,lot before Corona times and this year is\Nbasically nothing. So you really miss the
Dialogue: 0,0:53:43.99,0:53:49.91,Default,,0000,0000,0000,,social interactions and conferences,\Nmeeting other researchers, exchanging
Dialogue: 0,0:53:49.91,0:54:00.06,Default,,0000,0000,0000,,ideas, having that online is different and\Njust not the same, but still it works. So
Dialogue: 0,0:54:00.06,0:54:05.29,Default,,0000,0000,0000,,I can still do a lot of research. The\Npositive thing, you have less
Dialogue: 0,0:54:05.29,0:54:12.02,Default,,0000,0000,0000,,interruptions than when you're in the\Noffice. So that's a positive thing. But
Dialogue: 0,0:54:12.02,0:54:17.27,Default,,0000,0000,0000,,yeah, I also hope that it's over soon.\NDaniel: But then again, on the other side,
Dialogue: 0,0:54:17.27,0:54:22.48,Default,,0000,0000,0000,,you have way more conference calls because\Ninstead of writing emails, people ask for
Dialogue: 0,0:54:22.48,0:54:26.81,Default,,0000,0000,0000,,conference calls all the time.\NMichael: Yes, you are in meetings all the
Dialogue: 0,0:54:26.81,0:54:29.98,Default,,0000,0000,0000,,time.\NHerald: Yeah, Daniel you mentioned earlier
Dialogue: 0,0:54:29.98,0:54:37.30,Default,,0000,0000,0000,,you're, let's say, flightplan the last\Nyear. And as far as I understood it, you
Dialogue: 0,0:54:37.30,0:54:43.05,Default,,0000,0000,0000,,like to be in personal contact with your\Ncolleagues, also from others or from
Dialogue: 0,0:54:43.05,0:54:49.11,Default,,0000,0000,0000,,foreign countries. How does this work? So\Nlet's say topic exchange between different
Dialogue: 0,0:54:49.11,0:54:51.89,Default,,0000,0000,0000,,organizations, between different\Ncountries?
Dialogue: 0,0:54:51.89,0:54:59.93,Default,,0000,0000,0000,,Daniel: Yeah, it's more difficult. So in\N2018, I had these 54 talks outside of Graz
Dialogue: 0,0:54:59.93,0:55:11.53,Default,,0000,0000,0000,,in 52 weeks and this year I had a single\Ntalk outside of, outside of Graz where I
Dialogue: 0,0:55:11.53,0:55:17.63,Default,,0000,0000,0000,,was in person of course. Of course more\NOnline. Um yeah. So it's, it's difficult
Dialogue: 0,0:55:17.63,0:55:24.21,Default,,0000,0000,0000,,to engage with people from other places,\Nbut it works of course in teams that you,
Dialogue: 0,0:55:24.21,0:55:29.87,Default,,0000,0000,0000,,that you already have established in the\Npast, for instance. So you can continue in
Dialogue: 0,0:55:29.87,0:55:36.72,Default,,0000,0000,0000,,teams that you've already built there. But\Nalso in some cases it works to start new
Dialogue: 0,0:55:36.72,0:55:40.90,Default,,0000,0000,0000,,collaborations. But it's of course more\Ndifficult than if you can just meet people
Dialogue: 0,0:55:40.90,0:55:46.64,Default,,0000,0000,0000,,in person like we did for this paper\Nactually, David Osvald, one of the
Dialogue: 0,0:55:46.64,0:55:52.61,Default,,0000,0000,0000,,coauthors, we met with him in person and\Ntalked with him about the paper in person.
Dialogue: 0,0:55:56.15,0:56:02.21,Default,,0000,0000,0000,,Herald: Andreas, what's your, let's say,\NCorona year?
Dialogue: 0,0:56:02.21,0:56:06.57,Default,,0000,0000,0000,,Andreas: Yeah, since I'm one of the\Npersons who was interrupting Michael all
Dialogue: 0,0:56:06.57,0:56:14.26,Default,,0000,0000,0000,,the time I am missing the office because\Nit looks like the unscheduled flow,
Dialogue: 0,0:56:14.26,0:56:18.39,Default,,0000,0000,0000,,because it's sitting in an office and\Nsuddenly you have like a question or idea,
Dialogue: 0,0:56:18.39,0:56:24.11,Default,,0000,0000,0000,,you can not or you don't have to write it.\NYou can just ask it on the fly. So I'm a
Dialogue: 0,0:56:24.11,0:56:28.90,Default,,0000,0000,0000,,bit missing that side. On the other side,\NI gained a lot of time since I don't have
Dialogue: 0,0:56:28.90,0:56:36.54,Default,,0000,0000,0000,,to travel to work there. And often I got a\Nbit better in writing stuff I want to
Dialogue: 0,0:56:36.54,0:56:40.29,Default,,0000,0000,0000,,know, asking questions more, much more\Nfaster, like losing the clover and that
Dialogue: 0,0:56:40.29,0:56:48.66,Default,,0000,0000,0000,,stuff. And so I think it's both positive\Nand negative. And I only joined since I
Dialogue: 0,0:56:48.66,0:56:55.54,Default,,0000,0000,0000,,think August, when I finished my master's\Nthesis and in the first half of the year,
Dialogue: 0,0:56:55.54,0:57:00.22,Default,,0000,0000,0000,,I worked at a software company where the\Nfirst lockdown was also handled very well.
Dialogue: 0,0:57:00.22,0:57:05.09,Default,,0000,0000,0000,,So we had like a smooth transition. So I'm\Nkind of used to home office, but I miss
Dialogue: 0,0:57:05.09,0:57:17.47,Default,,0000,0000,0000,,interacting with people.\NHerald: I think that's the main thing 2020
Dialogue: 0,0:57:17.47,0:57:23.79,Default,,0000,0000,0000,,brings us: more remote work. Which is\Nbasically a good thing to work more from
Dialogue: 0,0:57:23.79,0:57:32.46,Default,,0000,0000,0000,,home, but we have some minutes left. And\Nplease excuse me myself. Did your mate
Dialogue: 0,0:57:32.46,0:57:41.03,Default,,0000,0000,0000,,consumption increase or decrease?\NMoritz: I think it's hard to say for
Dialogue: 0,0:57:41.03,0:57:45.95,Default,,0000,0000,0000,,coffee because I used to drink more coffee\Nin the office than at home. Yeah, but but
Dialogue: 0,0:57:45.95,0:57:56.78,Default,,0000,0000,0000,,now I see it when we go grocery shopping.\N{\i1}laughs{\i0} It's hard to say.
Dialogue: 0,0:57:56.78,0:58:02.15,Default,,0000,0000,0000,,Michael: I think it decreased for me\Nbecause now if I'm tired, I can simply
Dialogue: 0,0:58:02.15,0:58:11.18,Default,,0000,0000,0000,,take a nap, thats easier.\NHerald: And just turn your instant
Dialogue: 0,0:58:11.18,0:58:15.89,Default,,0000,0000,0000,,messaging off.\NMichael: Yeah.
Dialogue: 0,0:58:17.21,0:58:23.93,Default,,0000,0000,0000,,Herald: So our time is over. Thank you\Nagain for the brilliant for the amazing
Dialogue: 0,0:58:23.93,0:58:31.64,Default,,0000,0000,0000,,work, for these attack against CPU, for\Nthe great puns you brought, for the nice
Dialogue: 0,0:58:31.64,0:58:36.99,Default,,0000,0000,0000,,interview and have a nice remote Congress\N3.
Dialogue: 0,0:58:36.99,0:58:51.33,Default,,0000,0000,0000,,{\i1}postrol music{\i0}
Dialogue: 0,0:58:51.33,0:59:15.90,Default,,0000,0000,0000,,Subtitles created by c3subtitles.de\Nin the year 2021. Join, and help us!