|
Software Security, Protection, and Reverse Engineering Workshop Hilton Los Angeles/Universal City, Los Angeles, CA
December 5-6, 2016
Collocated with
ACSAC
2016
This year SSPREW is extending to a two-day workshop and we will be offering the following training sessions on the first day of the workshop.
Concolic Analysis
Presenter: Vivek Notani, University of Verona
Concolic analysis is a hybrid software verification technique that performs symbolic execution,
a classical technique that treats program variables as symbolic variables, along a concrete execution (testing on
particular inputs) path. Symbolic execution is used in conjunction with an automated theorem prover or constraint
solver based on constraint logic programming to generate new concrete inputs (test cases) with the aim of maximizing
code coverage. Symbolic and concolic execution find important applications in a number of security-related program analyses,
including analysis of malicious code.
Side Channel Attacks and Fault Injection
Presenter: Jasper van Woudenberg, Riscure
Measuring power consumption and electromagnetic emanations to identify key leakage has
become commonplace in security evaluations. Performing side channel analysis introduces new challenges for
developers and evaluators every time. Knowing the kind of analysis you need to perform, post-processing
steps to take and alignment options to choose is essential. In this training you get introduced to these concepts
and the following topics are covered:
- Side channels and their leakage characteristics
- The workflow for performing side channel analysis testing
- Inspection of a target using Simple Power Analysis (SPA)
- Performing Differential- and Correlation Power Analysis on DES and AES (DPA/CPA)
- Advanced attacks on countermeasures in RSA, DES, AES
|
|