 Are you seeing us here? Okay, we're good. All right, guys, we have Ellie Burstyn here to talk to us today about Hacker's Guide to Side Channels. And with that, I'd like to turn it over to you to have any sort of first question or first answers and we'll start taking questions on the Discord channel. So thank you for joining us and any sort of open remarks or anything? Thank you for watching the talk. Would I have loved to do it in person? Kind of miss the Discord ambience but I hope we try to have a good chat asking if you want to try to do my best once again. And again, thank you so much for watching the talk. Yeah, great. So I guess I'll start off. We, so I think you, you did a good job in the talk talking about the sort of why of machine learning and why the model predicted what, or why the machine learning decided the way it decided, if that makes sense, and why the model predicted what it predicted in order to understand how a defender would react to that. I don't know if you want to elaborate on that talk. I've never sort of thought of machine learning. You think of usually machine learning, judging it on the, what the outcome of it is, not what led to that outcome and what defense to build from it. So I don't know if you want to comment on that thought or if it even makes sense when I just asked. No, he does, he does, he does. I think we have a lot of secret tools for debugging. I think if you want to debug a C++ program, we have debugger. We have Python debugger, C++ debugger. Most of the things we can debug because we have a way to introspect where the bug is triggered by the system, the entire stack is developed around error and handling. The problem with how the crypto is, you run a crypto algorithm on the hardware and you have no idea why information is taken. You have a leak, you know that the machine learning observationally is finding the correct key or the correct attack point and you're like, okay, I developed this kind of implementation and we do have to go have a cryptographic chip, so that's the thing we're very concerned about and everyone who's doing crypto chip is interested in that question of, okay, you have a leak, but then what? And prior to machine learning, we didn't have a technique or we just had a tool where you can ask why? Why do you predict what you do, right? Try to, this is kind of like a crazy thing about the machine learning thing. We do things which we can't do otherwise. It's not ideal because, you know, we also were machine learning in the live box, that's completely true, but the only thing we have, which is like, okay, can you please tell me why? The why is that it's a bit easy, but it's like why? And then we thought, okay, since we moved from sectional attack using, you know, statistical estimate, machine learning, and we talked about last year at DEFCON, it's what we were. Can we go once a person tries to also ask them whether they want it? And then you can do that. And as I said, it's very, very brutal. You have to be super, super precise, and we make it work for one implementation. And you know, it's a tool, so obviously we're going to choose the best case. Truth of the matter is, you know, you have to really be super precise, which is CPU instruction precise. So it's not super robust just yet, but you can do that. And I think that the only tool in the world we can do that. That's why KELD is one of its kind. It's the first generation of it. You know, five years from now we'll be laughing at it, right? Okay, that's the worst way for the way to do it. I'm pretty sure. But it was a two crazy years of brainstorming and trying eight years until we come up with an idea of doing it. It come out of necessity. It come out from our project team inside Google. I was like, okay guys, you make better attacks, which was not the goal, but the goal of our project is to make a better world, like the most secure world, creepiest and current for all of us. I don't have to be so quiet. And then we really want to have like a tool for it in the guarantee of life and around the world of like, okay, the tool you can use is the tool that gives the bugger of hardware crypto in such that it exists so that the person is gone. So that's where it comes from. And without measuring, it doesn't work. But without deputations, it doesn't work. And without the community, it doesn't work. We use a lot of the first technology behind the scene, like Uniquart. And we have pretty much talked today about Uniquart as well. A lot of people are using Uniquart, which is a CPU emulator, which is based with the community. So we are sending us to their giant, which is bringing some of the very interesting to a time that's really there, that's what it is. Great. So actually just jumping off what you said, are people actually using this to help identify side channels yet, or have you been approached by women? Yeah, so that's exactly the absolute thing to be clear. We had a lot of debate actually internally because it truly is super out of the press. I would say the initial success, like complete success was probably one or two weeks old. We knew it was somewhat working, but we didn't get it to work as clearly as it should talk like until maybe 24 hours before I recorded the talk to be clear. And this is literally, but we saw that there's quite a bit of, we really want to contribute, we really want to be part of the community. Usually we're not really good at, I don't think things ahead of what we do, but this year we saw that we wanted to really show you the cutting edge of what we were working on as a way to participate and to be part of the community. So no, it's not there yet. The research is not there yet. I'm sure the question is going to come so I want to answer. Yes, it's going to be public next week. I'm shaking up the guitar to tell you how new it is, but we went for here's something new exciting that we work on. You guys might get a kick out of looking at it and be inspired and that's what we go for. So the talk sometime I'm a bit of it. Sorry about that too. I tried to record the door closed in California, in fact, 28 degrees in the room when I tried to record. So I was trying a little bit. I project also from my English, but yes, we really tried to do it. This is the tape mode tool, which is like we do show you pretty good. Like it's a true, you know, very old death counts period. But like this is new, we're here to change them. So that's what it was. No, it's not good. Absolutely not. But anyway, I'm copy of the word. That's great. So the example we're using, we're mostly around power, if I understood the presentation right. And you mentioned other side channels, heat emissions, timing, et cetera. I mean, you see these techniques would apply to all those or was there wasn't anything unique to the instrumentation you used, right? No, I don't see there's anything special to it. I never use, I said I don't know if they want to use heat. I would be super curious if someone knows about a heat attack, timing attack, it would be super, super interesting. I've never seen one like in crypto. They might exist, I don't know, but we thought about, yeah, I think it's one of the big deal. We wanted to do this here to be clear and extend all what we do from power to EM as well. The truth of the matter is we cannot go to the office especially doing remote work in our team as many of us are doing in the community and we don't have access to our equipment, right? So honestly, we can really do with power because that's what is plugged in into our lab. And the only thing we can access remotely to do is for EM, you have to literally have an EM table and you have to be on top of the chip and there is no doable in the future. So we love to do EM, it's just not good to happen today. I think the next big target is that you would do maybe timing, timing might work too. Probably, I think there is a few people coming out this year from other group on machine learning and timing attacks for erasic ability. Erasic ability, so I think it will work, they show that you can use machine learning for that. So as I said, machine learning is easier way going to take over such an attack for hardware in the next two, three years and when it's going to do it, we just happen to be the first few groups who are doing it. I also think it's nice to see the German group as well who's doing some of it. Some vendors are taking some of the research and bringing it to products. I think that's where it's going to go. But I think most of the people are on the power train for now. Maybe it'll be the timing attack that is coming this year. I guess the EM is the next. E-type of money. Yeah, I was wondering that too, it's kind of as you're saying you built your model I guess using mostly an emulator. How is that scaled into hardware, right? Other hardware, like it's kind of the research you've done, it's that one sample. Or do you think that you need to build your machine learning models for different types of processors or setups, right? Does that make sense? Yeah, so for the attack side, we know it works. I mean, I hope it's not a unique one paper, but since last year we've been working. So as three years, we have collected a massive set of data set that we really hope to publish. We're not going to give it data at that point. Let's see, I said very soon, and it didn't happen this year. Well, the next year we have, but yes, we have that for multiple data sets and for hardware that works. For the emulation side, the other side, which is not the machine learning side, the dynamic analysis is where we need to be cyclopsized. We don't even have a normal one. And the thing is Intel is trying to put out the question because they have a predictive pipeline. So we don't even know, like, depending on how the interpretive pipeline will work or the flush pipeline will work, the number of instructions is completely on the deterministic, or at least to the point where in our probe right, we're not able to do it just yet. So if your CPU is too complicated, let me see if we can. We use certain instructions should work, I guess, but as I said, we don't even have the device now because it's like, oh, it's between, I don't know what the range is, it's two to 12 cycles. So we have to together make an estimated guess. So it works for our mostly embedded stuff, smaller parts, more power would work too. But yes, the emulation side of it is hard because if you're off, if you're not investing in this core right, if you're finding the attack, then if you're off for the cycle for the emulation, you end up, I don't know, like six to 15, 100 cycles left or right, and then you're on the wrong line of code, right? The line of code, as I said, is true for instruction. So you might have, you know, you might get lucky if you're a little bit lucky, but that this margin will become terrifying and hard. And similarly, there is that point charge, the end of the, you can just let that end of the implementation, not the first round, but the end, and then again, then at that point, every error is compounded, right? So the further you're on the trace, on the right side, the more you're going to, to have a chance of messing it up. So yes, we choose easy case, which is like very well defined, which is a very small set of instruction well-defined, well-documented on an EEC, not vectorized, because that's the easy case. Harder case would be like more features of ensuring, I think, if you bring the committee on, so I said to help us improve the analyzer or add more target is probably to a board, which is going to be trustee, reverse engineering, this is how it's written. That's for people who like hardware. It's fun to do, it's just, that's going to be quite worth it, to be clear. Yeah, so, I mean, the attacks themselves are pretty hard. So it goes to show that the, the defensive analysis would be just as hard, right? Yeah, I mean, we know that time, we know that hardware, I mean, we know that fashion and attack are inevitable, right, almost inevitable. There are defenses which might exist, like doubling the bus for power supply or attack, that's not going to be permitted in hardware, it's too expensive or too costly or too big. So everything is your number two, such an attack to an extent. So the question is, how hard can we make it by the arm? Really cool set of work done mostly by French, the French, on the mass KS, which is kind of like the way you make it harder. You also make it smaller, slower. So the question is how slow can be hardware encryption, right? The question is, how many milliseconds can you tolerate? So the reason why I mentioned that is, if you use security keys, right, we call it security keys, they use NFC, and the problem with NFC and NFC is super fast and super low power. So now in those settings, making a super resilient implementation is going to be challenging. As I've been said, be careful, this is a very careful, this is not AF as we show, but even for that, you can actually tell if you want to aid, aid to care, also if you never have a session like that, and then you just decide, well, I don't have a lot of time, I don't have a lot of time, and then more competition to harden my thing, that's become kind of impossible. So there will always be a trade-off, right? And as long as there is a trade-off, there is a vulnerability, so, you know, tie-less channel attack is probably the most powerful attack you can do against people these days because this is the one where we know it would be so interesting. I don't see it as a console goal, but, yeah. It's awesome. Yeah, and I'll say, I really appreciate your talk to how you went through the different steps. Like it was very informative and instructive, like even just mentioning explainers, like you did a very good job of explaining everything and really showing the world examples. You say though, like you say side-channel attacks are really important for encryption. Like I guess, how did you get into the side-channel attack space? Like what drew you to that? Was it the encryption aspect to try to defeat that, or was it like, how did your research end up on side-channel attacks? Oh, wow. That's a hard question. I think it's a question. I think what happened is, before, I always did cryptocurrencies and then, people might or might not remember it, but a few years back, we had not the first creation on show one. And we did the talk at that time. It took us a while. It took us a while to do it. Breaking show one in collaboration with Mark Steven, the CDB UI, took three years. Most people don't realize at some time when we do talk, it's like, oh, that's what's nice, it took three years of effort for us and I think it matters in almost 10 years. So if you get out of breaking show one, I mean, putting in practice is what broke up by one, but like, providing the first collision and then, as I said, in 2015, we do the first collision. We showed these two to us, which are like the set show on the world, the breakage show on which was our goal. Interestingly enough, the backstory is a reason why we decided to do it is not to do a talk, but because we really want to help people realize they need to go away from it. At the time, Microsoft X-Guard did not forget it, and Firefox was kind of like lagging and it had immediate effect that both of them did not forget it. So it was like, what would you ever go into this crazy amount of money and amount of energy to literally compute all this? The answer was, because at that time, we wanted to show it to the world, it was the world, it was not theoretical and we should treat it seriously again, but it was important to get this is always in the context of our research in Google, it's really, we try to use it up next door where people come out to do some project and try to figure out if you can have the world. And then we finish up and we're like, okay, what else? And then, so you're also searching, it's almost a hangover, because for today, we can focus on one thing and then we go to the next piece of crypto and then we're like, okay, what to do with it. And then we start to talk with the product team and at that time something called the Titan chip publicly is developed by Google, Google-owned crypto chip. And the crypto chip, we talked to the hardware engineer and we told us, well, no. So it is crazy idea, we come up with one paper from the French agency, which is the French control agency specialized in crypto. They have this very good trust work on machine learning and crypto, you should check it out. And I was told enough is the idea. The internal team was very interested into having more results with such good expertise. And then we realized that they thought it was very interesting is to play well into what Google do, which is machine learning has a time that's here. It plays well into core and some other research that we should do, it plays well with, it's what we said to Google. Honestly, we got from our project team the right to do it was completely serendipitous and I've been seeing research more like talking to people or that's like something like that kind of really cool. You want to talk, you get inspired by other people, you build on other people, you work for ideas and we all keep it to push each other. So I think that's what it was. I think that was this idea of come from other people, and take credit like that. We made a lot of wonderful people from ledger, from Chief Wistar, you know, Cody and I know Chief Wistar is always a staff member of the committee, he's just from the committee, he also have a lot of time to help us keep his pointer early days and so that's for you. So we're glad that now we can contribute that. Great, so we have a question from the audience. Apart from approving the emulation, what do you see as the next step in this field of side channel detection? Detection, that's a great question. I think there are, I think it goes hand to hand with better attack. Again, we can only explain what we can attack. I think we have a few working streams on public key and a few working stream on other algorithm. I think that would be interesting to do. We're always looking for people who are willing to work with us because it's a very, very big, it's very, very, I wouldn't say difficult, but it's a lot of crime to create the data and to do the machine learning and that sort of things. And so if people are interested, they could have the right way. We're always up for it because it's a little bit like, figure out what to do is hard. Last year, when I come, I go, it's so hard to do an AF model this year after a year of refining the machine learning model and our process, we can basically do it in 10 minutes. So we went for five hours to 15 minutes by getting, we'll just mechanically better at it. I think it's going to be the same for the other algorithm. So I really feel that. I think we're also going to feel, I hope people didn't create it for it. I don't know, I would imagine you can do that. I get like some people mention cache line as an idea. I found that quite interesting. There is a holy grail of Intel HGX, right? I mean, Enclave is also using Hutter. It is crazy hard to attach because it's literally back into the intensive year, right? However, no one knows if machine learning can do it. Some people we talk to say, yes, it's probably doable. I don't know. I never do it. We don't have necessarily the time to do it by ourselves. We're happy to contribute, but that's something which is interesting in life of research. I think Enclave is a big deal. Other algorithms are a big deal, but also we can see the crazy thing. Everything which is timing sounds a little bad. I would not be surprised if someone even covered a crazy idea on how to do it or become worried transactions or even what would be another stress. SQL injection. You know, we have a lot of blank SQL injection. Maybe we can get more out of the timing. We can make more out of the timing that we think we can. It's unclear. I mean, most of them should have been fixed, but yeah. That's love, room, love, creativity. Depend on people's taste. I'm sure. So you mentioned the papers coming out. Do you have an estimate on when you're gonna be done with that? I'm not going to jinx it, but I'm not going to do that. Last year I said it's going to be soon. The draft is still on my desk and for the schedule paper, I'm going to be completely honest. I told you we rushed to do it for DevCon. We really wanted to show you building Edge. Literally, the paper is not written. The next step for us is really to show, to put everything on GitHub. I'll post it on Twitter, hopefully next week. Nothing on the wood. And then we're going to want people to play with it. We're rather providing complete stuff to people to play because last year we did the reverse, which showed we're going to hold, hold, hold and give everything at once and then work out. So this year, switching strategy. I'm going to easily, imperfectly early and then the paper will come later. Completely what? But yes, the AS, data sets, we promised last year are still there, we just haven't get the chance to release them. And then the schedule paper, you'll be able to play with the code, run the code I showed you, get the line I showed you and then that will be incomplete because you'll be like, oh, where are the other tech points? Not there yet. Where are the other ones are? Not there yet. They're going to get there where they can. And then make no promises because I don't know what I can keep on out. So try to be a little bit more, we have a stick, this here, the match here. We want to be to the point people. I was going to ask the same thing. So it's definitely on folks minds. We do have a question from the chat. So, you know, are you aware of any side channel attacks that are found in the wild, right? Where attackers are using them? Or is this more of where we're thinking about how to defend against these attacks before we see them active? Oh, side channel everywhere. Side channel everywhere. They're like the most prevalent form of attack for hardware. Let me try to figure out which one I can tell you which one is pretty interesting. So again, it's not to single out, to put one company like this company is bad because I'm pretty sure there's put all of them. So I start with one of my favorite company which I really like, Ledger. Three years ago, they had a way to much of a timing attack on the entity curve. That's what the example I gave at the beginning of the talk. And they were able to recover out of the ledger, treasure, the bitcoin property, right? So that's pretty big deal. So there was timing attack on many game console. I see we're streaming on Twitter and we're going to give too much detail, but so many, many security, many, many game console are protected by crypto. Then there was timing attack to recover some of those secret keys. That was earlier generation, I got not talking about 5 or 4 or Xbox one, taking per generation, but there was timing attack who were used to recover crypto keys. There was many of them. There was an AS-1 a very long time ago used by, I believe it was Dampenstein on remote AS. There was one on catch line attacks on CPUs. There are so many of them everywhere. Session attack are so powerful. The most powerful form of S-Qualjection is blind-sphere injection, where you, sorry, Session attack, blind-sphere injection is when you have a S-Qualjection, but you consider the output then you trigger. You do it one character at a time and you just look at the server which one or not. That's the form of Session attack. There are everywhere. It's not, it's a super, super practical attack and usually people are really annoyed and say it's not a real attack because it's a non-technique. It's not a non-technique. It's a non-technique. It just happens that it works super, super efficient on many, many things. Yep, that is, and you have it on off-off-sphere, so like physical stuff like electronic locks and things like that. Oh, I forgot. One night I said I need to have something more. I thought that was the most important one. I'm sorry. I'm so sorry. Spectre and Meldon. Right, Spectre and Meldon. There you go. The thing which completely destroys your CPU. There are a form of Session attack. So here you go. As I said, some of the most powerful attack, concrete attack we saw in the last few years, our Session attack because they are so hard to do, but I said so hard to pull off, to defend the game. That's, yeah. Yeah, I think I read something about those. They were kind of big, right? Yeah, I think it's a chassis. I think it's a chassis. I suppose there's a wire that's you can like outline that. It would be good to just read up if you get that interesting. I think it's a Chouette. Gotta go. Thank you. Yep. Yeah, so we got a couple of minutes left. If we have any more questions, let's get them in here. Otherwise, we're gonna thank Ellie and let you guys get back to the con. So. Yeah, one last one for me. So folks, oh wait, we actually do have one more. Yeah, so someone who's mainly folks in Infosec, you know, what kind of background do you think people, you know, kind of lend themselves to going towards looking at side channel attacks and thinking about what kind of the research you're doing with all of the, you know, being able to detect that in different ways? What's in the background? It's nice, it's very nice. We have some people who come from radio, you know, like the first initial, for those who don't know the first initial size and attack was actually in the 1940s or something like that where they had that writer and the guy was having an oscilloscope and then he still bliped on the oscilloscope and realized that there was something and then the Russian put a user to spy on two people by looking at vibration. So that's super old stuff. So that's the radio guys. The radio guys know a lot about those electromagnetic things and spy crowds there. So those spy crowds come from that. We have people who do size channel attacks who come from hardware, hardware people, you know, who like to do CPU and look into Meldon specters, catch lines. So those guys also do such an attack in a different way. And we have cryptographers, you know, people who are more like a former crypto background like me who are more into that. So it's really depend on your user. And you have people who do web security with like, yeah, so then timing attack and such an attack means more expert injection. So I think everyone kind of like touch it by the band. It's fairly easy to get into it. I think there is this kind of like apprehension. Sometimes I, one of the first time I read a paper about it, I couldn't get the best paper to read as an intro. It felt like it's very bizarre to me. And I didn't really understand what it was going for. And I was like a little bit like, it's like, I don't know, like three to four months you can kind of like get used to it. Well, how is my side of it? I think it's a very powerful mindset. I think it's a very fun experience to do. If you're interested in such an attack, specifically on hardware, and you want to start without machine learning, you know, like more simple stuff like that, this is called cheap whisper, which is a thing that is like very affordable and even if you don't need the whole thing, you can just run out of, it gets interesting, has super cool tutorial. I think coding from cheap whisper has put a tremendous amount of Jupiter, Python code. You can get to it, you can play with it, understand how it works, and you're going to break, recover an ASP. And then you'll be super happy. You know, you have this super intense satisfaction that you go to work, not necessarily understand everything, but it's going to start to make sense of. As I said, it's for everyone who is interested in kind of like testing one way or another and all have fun. And you know, like you want to break into a lock. Maybe there's a timing attack. There wasn't super petitions that some of the, you know, like super high security locks, you know, the caban, one where you have rotation and things might have timing attack. There are super, there's maybe there, there are, I said, almost all aspects. So yeah, for me it's for everyone. I said. I just, I love that you went to radio first and then like math and crypt came later. So that's good, right? It's not a deep mathematical background, right? To be clear, it's like, it's literally observing a signal and say, if I do A signal look like this, if I do B signal look like this, and if I can see differences, then I can construct something. And of course you can do more and more complicated stuff to do more high processors. And then that becomes complicated at some point. But the basic stuff is really like, I look at something, it's a very experimental, very hacking thing. It's thought to work. That's really what I was saying. It's thought to work. For people who like to tinker with stuff. So basically if you hear, you're on the chat, you are the right person. That's the best way. If you are a different person, you are the right audience for the solution attack because it's all about doing. And then math is here to help you and maybe to push it further, but that's not the core of it. The core of it is matter, things. Like the world is made of stuff which do not be as the way people want. And have it as a secret hidden property you like to uncover. That's what session attack is. I hope I said it and I get you excited to try it. I hope so. No, great. Well, so we're at the top of the hour and we appreciate the generosity with your time and answering these questions. And pretty excited to look at the follow-on work coming out of this. And thank you for everything you've done. And we'll see you next year, right? Yeah, yeah, so next year. I hope actually next year is this year talk. So I'm not going to tell you what is the surprise, but as I said, I post on Twitter when the GitHub is up. So I'm at Eli, on Twitter, and then if you want to put it up, just write that on mine as well, as I said in the talk. I post it on the chat if I can't post it in Christ. I'm going to get back. No, no, you can and I just did. So good. Okay, perfect. There's our and then I promise I put the code as early as I can so you get kind of it. And thank you so much for watching the talk. Hopefully next year we all in person. And as usual, I'm always happy to answer any questions, just if you're with the DM or on this call, whatever you guys want. And I try to my best to answer the question. Thank you so much, guys. I hope you have a nice death call. And there's a lot of other cool talk to watch. I'm super excited personally to watch a few more. So thank you so much.