Cyber Security & Privacy
Cyber Security & Privacy
Cyber security and privacy is essential for our connected daily lives. Members of the theme work on different research challenges in this space, including software and hardware security, AI security, access control, and human factors. We aim to precisely understand the guarantees of different security technologies to inform and develop effective and efficient countermeasures against attacks.
Research Highlights
Confidential Computing
David Oswald
Confidential computing is a promising technology to secure workloads running in public clouds. Supported by all major CPU vendors, confidential computing is being adopted to secure major AI deployments, for example Meta’s AI features behind WhatsApp (https://ai.meta.com/static-resource/private-processing-technical-whitepaper). Current technologies, such as Intel SGX/TDX and AMD SEV-SNP, place trust in the system’s RAM memory to behave correctly. If RAM is maliciously manipulated by an adversary, the security guarantees are undermined. Our projects “BadRAM” (https://badram.eu/) and “Battering RAM” (https://batteringram.eu/), published at top-tier security venues, showcase the practical threat of such attacks and led to security advisories/patches by AMD and Intel.