Posts by Collection


Frontal Attack: Leaking Control-​Flow in SGX via the CPU Frontend

Published in USENIX Security, 2021

We introduce a timing side-channel attack in the Frontend of Intel CPU processors, which uncovers measurable differences between instructions that only differ in their adjacent instructions and virtual addresses.

Recommended citation: Ivan Puddu, Moritz Schneider, Miro Haller, Srdjan Čapkun. (2021). "Frontal Attack: Leaking Control-​Flow in SGX via the CPU Frontend" USENIX Security 2021.

MEGA: Malleable Encryption Goes Awry

Published in IEEE Symposium on Security and Privacy, 2023

We show that the cryptographic design of the cloud storage system MEGA does not protect its users against a malicious server and present five distinct attacks, which together allow for a full compromise of the confidentiality of user files.

Recommended citation: Matilda Backendal, Miro Haller and Kenneth G. Paterson. (2023). "MEGA: Malleable Encryption Goes Awry" 44th IEEE Symposium on Security and Privacy.


SGX Accurate Time Measurements


In my Bachelor’s thesis presentation, I briefly summarize the time measurement improvements inside SGX enclaves that we contributed. Moreover, I discuss our discovery of the “Poor man’s CMOV” phenomenon, which later led to the Frontal Attack.

Revisiting Microarchitectural Side-Channels


This talks presents the results of applying cache side-channels to contemporary hardware and investigating AES lookup tables, AES key scheduling, and Argon2. The slides give a brief overview of the content described in this blog post

Climbing the Hacking /mnt/ain


In this presentation at the Swiss Cyber Storm conference in 2021, I talk about my experiences as team coach of the Swiss National Hacking Team for the European Cyber Security Challenge 2021. In particular, I discuss the team selection, training, and final competition. Furthermore, a team member gives a quick glance into a challenging heap exploitation challenge that our team solved during preparation.