 |
||||||||||
|
Software Security, Protection, and Reverse Engineering Workshop
Hilton Los Angeles/Universal City, Los Angeles, CA
December 5-6, 2016
Collocated with
ACSAC
2016
Training Sessions
This year SSPREW is extending to a two-day workshop and we will be offering the following training sessions on the first day of the workshop.
Concolic Analysis
Presenter: Vivek Notani, University of VeronaConcolic analysis is a hybrid software verification technique that performs symbolic execution, a classical technique that treats program variables as symbolic variables, along a concrete execution (testing on particular inputs) path. Symbolic execution is used in conjunction with an automated theorem prover or constraint solver based on constraint logic programming to generate new concrete inputs (test cases) with the aim of maximizing code coverage. Symbolic and concolic execution find important applications in a number of security-related program analyses, including analysis of malicious code.
Side Channel Attacks and Fault Injection
Presenter: Jasper van Woudenberg, RiscureMeasuring power consumption and electromagnetic emanations to identify key leakage has become commonplace in security evaluations. Performing side channel analysis introduces new challenges for developers and evaluators every time. Knowing the kind of analysis you need to perform, post-processing steps to take and alignment options to choose is essential. In this training you get introduced to these concepts and the following topics are covered:
- Side channels and their leakage characteristics
- The workflow for performing side channel analysis testing
- Inspection of a target using Simple Power Analysis (SPA)
- Performing Differential- and Correlation Power Analysis on DES and AES (DPA/CPA)
- Advanced attacks on countermeasures in RSA, DES, AES