eShard<p>Post-quantum crypto resists quantum computers, not physical attacks.</p><p>On July 10, we're live with PQShield to show how side-channel and fault injection techniques still break schemes like ML-KEM, and how to protect your implementations.</p><p>Register now:<br>🔵 11am CEST: <a href="https://pqshield.zoom.us/webinar/register/WN_GUBZIV41QDGiROlkbuUsPg#/registration" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">pqshield.zoom.us/webinar/regis</span><span class="invisible">ter/WN_GUBZIV41QDGiROlkbuUsPg#/registration</span></a><br>🔵 6pm CEST: <a href="https://pqshield.zoom.us/webinar/register/WN_6WZOefg3T06jQW6ind_bqw#/registration" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">pqshield.zoom.us/webinar/regis</span><span class="invisible">ter/WN_6WZOefg3T06jQW6ind_bqw#/registration</span></a></p><p><a href="https://infosec.exchange/tags/pqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pqc</span></a> <a href="https://infosec.exchange/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postquantumcryptography</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://infosec.exchange/tags/faultinjection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>faultinjection</span></a> <a href="https://infosec.exchange/tags/hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardware</span></a> <a href="https://infosec.exchange/tags/hardwarehacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardwarehacking</span></a> <a href="https://infosec.exchange/tags/hardwaresecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardwaresecurity</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
204active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#sidechannel
0 posts · 0 participants · 0 posts today
Cyberagentur<p>SCA4PQC – die <span class="h-card" translate="no"><a href="https://social.bund.de/@Cyberagentur" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Cyberagentur</span></a></span> startet ein Forschungsprogramm zur Entwicklung seitenkanalresistenter Post-Quanten-Kryptographie. Ziel: Schutz vor Quantenangriffen und physischen Seitenkanalangriffen. Fokus: Cloud/Desktops, IoT und Smartcards. Forschung und Wirtschaft sind eingeladen.<br>Mehr Informationen: <a href="https://t1p.de/b52np" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">t1p.de/b52np</span><span class="invisible"></span></a><br><a href="https://social.bund.de/tags/PostQuantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantum</span></a> <a href="https://social.bund.de/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.bund.de/tags/SCA4PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SCA4PQC</span></a> <a href="https://social.bund.de/tags/PostQuantumCrypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantumCrypto</span></a> <a href="https://social.bund.de/tags/SideChannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SideChannel</span></a> <a href="https://social.bund.de/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITSecurity</span></a> <a href="https://social.bund.de/tags/OpenScience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenScience</span></a></p>
ISEC @ TU Graz<p>“KernelSnitch: Side Channel-Attacks on Kernel Data Structures” by Lukas Maar 📄👇<br><a href="https://www.ndss-symposium.org/wp-content/uploads/2025-223-paper.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ndss-symposium.org/wp-content/</span><span class="invisible">uploads/2025-223-paper.pdf</span></a> </p><p><a href="https://infosec.exchange/tags/NDSSsyposium2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NDSSsyposium2025</span></a> <a href="https://infosec.exchange/tags/SideChannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SideChannel</span></a></p>
ISEC @ TU Graz<p>“Power-Related Side-Channel Attacks using the Android Sensor Framework” by Mathias Oberhuber 📄👇<br><a href="https://www.ndss-symposium.org/wp-content/uploads/2025-92-paper.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ndss-symposium.org/wp-content/</span><span class="invisible">uploads/2025-92-paper.pdf</span></a> </p><p><a href="https://infosec.exchange/tags/NDSSsyposium2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NDSSsyposium2025</span></a> <a href="https://infosec.exchange/tags/SideChannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SideChannel</span></a></p>
ISEC @ TU Graz<p>“A Systematic Evaluation of Novel and Existing Cache Side Channels” by <span class="h-card" translate="no"><a href="https://bird.makeup/users/v4m1n" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>v4m1n</span></a></span> 📄👇<br><a href="https://www.ndss-symposium.org/wp-content/uploads/2025-253-paper.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ndss-symposium.org/wp-content/</span><span class="invisible">uploads/2025-253-paper.pdf</span></a> </p><p><a href="https://infosec.exchange/tags/NDSSsyposium2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NDSSsyposium2025</span></a> <a href="https://infosec.exchange/tags/SideChannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SideChannel</span></a></p>
Bits On Tape<p>Hardware <a href="https://privacysafe.social/tags/SideChannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SideChannel</span></a> attacks like "electromagnetic fault injection" bypass Apple’s chip defenses. The result? Jailbreaks & <a href="https://privacysafe.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> on iDevices. <a href="https://privacysafe.social/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> needs to rethink its shielding fast. 🛡️</p>
netrom<p>Side-channel <a href="https://infosec.exchange/tags/EUCLEAK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EUCLEAK</span></a> attack discovered on devices using the Infineon cryptographic library, like the YubiKey 5 series (firmware <5.7) and Feitian A22 JavaCard.</p><p>But it does require a fair amount of factors to succeed: username, password, physical access, additional equipment, and for the cryptographic operations to involve modular inversions, like ECDSA.</p><p>There are two phases to the attack:</p><p>(1) The online phase requires opening the device to access the microcontroller, then using an electromagnetic probe, an oscilloscope, and a computer to capture the electromagnetic side-channel signals during operation.</p><p>(2) The offline phase (physical access no longer necessary) supposedly takes time varying from one hour to one day for each secret to uncover.</p><p><a href="https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ninjalab.io/wp-content/uploads</span><span class="invisible">/2024/09/20240903_eucleak.pdf</span></a></p><p><a href="https://infosec.exchange/tags/ninjalab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ninjalab</span></a> <a href="https://infosec.exchange/tags/eucleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eucleak</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://infosec.exchange/tags/attack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attack</span></a> <a href="https://infosec.exchange/tags/infineon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infineon</span></a> <a href="https://infosec.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> <a href="https://infosec.exchange/tags/feitian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>feitian</span></a></p>
PrivacyDigest<p><a href="https://mas.to/tags/YubiKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKeys</span></a> are <a href="https://mas.to/tags/vulnerable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerable</span></a> to <a href="https://mas.to/tags/cloning" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloning</span></a> attacks thanks to newly discovered side channel <br><a href="https://mas.to/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2fa</span></a> <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> </p><p><a href="https://arstechnica.com/?p=2046777" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=2046777</span><span class="invisible"></span></a></p>
Stefan Gast<p>I had the pleasure to contribute to Lukas Maar's <a href="https://infosec.exchange/tags/USENIX2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USENIX2024</span></a> paper "SLUBStick".<br>SLUBStick elevates limited heap vulnerabilities within the <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> kernel to arbitrary memory read-and-write primitives, leveraging a timing side channel.<br>Thanks to Lukas Maar, Martin Unterguggenberger, Mathias Oberhuber and Stefan Mangard for this great opportunity!<br>Congratulations to Lukas Maar for driving the paper to acceptance at USENIX Security!</p><p>You can read the full paper here: <a href="https://stefangast.eu/papers/slubstick.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stefangast.eu/papers/slubstick</span><span class="invisible">.pdf</span></a></p><p><a href="https://infosec.exchange/tags/SLUBStick" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SLUBStick</span></a> <a href="https://infosec.exchange/tags/Kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernel</span></a> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/KernelSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KernelSecurity</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://infosec.exchange/tags/usenixsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usenixsecurity</span></a> <a href="https://infosec.exchange/tags/usenixsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usenixsec</span></a></p>
Stefan Gast<p>Announcing SnailLoad, the first fully remote website- and video-fingerprinting attack working via arbitrary TCP connections.<br>SnailLoad does not require any attacker code on the victim machine, any TCP connection is enough.</p><p>Great collaboration with Roland Czerny, Jonas Juffinger, Fabian Rauscher, <span class="h-card" translate="no"><a href="https://bird.makeup/users/silent_bits" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>silent_bits</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@lavados" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lavados</span></a></span>.</p><p>See the website for the full paper and a live demo: <a href="https://www.snailload.com" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">snailload.com</span><span class="invisible"></span></a><br>(1/3)</p><p><a href="https://infosec.exchange/tags/SnailLoad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnailLoad</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://infosec.exchange/tags/networksecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networksecurity</span></a></p>
Stefan Gast<p>I had the pleasure to contribute to the <a href="https://infosec.exchange/tags/USENIX2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USENIX2024</span></a> paper "Divide and Surrender", recovering the full secret key from the reference implementation of the HQC Key Encapsulation Mechanism, exploiting a timing side channel arising from non-constant-time modulo operations.<br>Thanks to Robin Leander Schröder and Qian Guo for this opportunity and congratulations to Robin Leander Schröder for getting his first paper accepted at USENIX Security!</p><p>You can read the full paper here: <a href="https://stefangast.eu/papers/divide_and_surrender.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stefangast.eu/papers/divide_an</span><span class="invisible">d_surrender.pdf</span></a></p><p><a href="https://infosec.exchange/tags/divideandsurrender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>divideandsurrender</span></a> <a href="https://infosec.exchange/tags/hqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hqc</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> <a href="https://infosec.exchange/tags/postquantumcrypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postquantumcrypto</span></a> <a href="https://infosec.exchange/tags/usenixsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usenixsecurity</span></a></p>
mazzoo<p>how FPGAs (in the cloud) leave shadows of their former usage:</p><p><a href="https://arxiv.org/pdf/2303.17881.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/pdf/2303.17881.pdf</span><span class="invisible"></span></a></p><p>really a nice <a href="https://fulda.social/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a> attack on <a href="https://fulda.social/tags/FPGA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FPGA</span></a> using TDCs (time to digital converters).</p>
Stefan Gast<p>Congrats to <span class="h-card" translate="no"><a href="https://infosec.exchange/@redrabbyte" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>redrabbyte</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@faulst" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>faulst</span></a></span>, Roland Czerny, Christoph Gruber, Fabian Rauscher, Andreas Kogler and <span class="h-card" translate="no"><a href="https://infosec.exchange/@lavados" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lavados</span></a></span> for getting your paper "Generic and Automated Drive-by GPU Cache Attacks from the Browser" accepted at <a href="https://infosec.exchange/tags/AsiaCCS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AsiaCCS</span></a> </p><p>The paper presents <a href="https://infosec.exchange/tags/GPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPU</span></a> cache attacks from restricted <a href="https://infosec.exchange/tags/WebGPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebGPU</span></a> contexts within web browsers. You can find the paper and a demo here:<br><a href="https://www.ginerlukas.com/gpuattacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ginerlukas.com/gpuattacks/</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/webgpu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webgpu</span></a> <a href="https://infosec.exchange/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browser</span></a> <a href="https://infosec.exchange/tags/nvidia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvidia</span></a> <a href="https://infosec.exchange/tags/amd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>amd</span></a> <a href="https://infosec.exchange/tags/cacheattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cacheattack</span></a> <a href="https://infosec.exchange/tags/sidechannel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sidechannel</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload