Two of our research projects have attracted media attention recently.
The Daily Mail reports on our CacheBleed attack. CacheBleed monitors minute changes in the time it takes a computer to execute a sequence of operations and use it to steal information on the internal working of cryptographic algorithms. While the possibility of such an attack has long been speculated, it has been widely considered impractical and popular cryptographic packages are vulnerable. This work is a collaboration between CDIT, Tel Aviv University and the University of Pennsylvania.
Arstechnica reports on our work on mobile devices security. In this work we demonstrate how an attacker equipped with a $2 probe and a sound card can steal the contents of Bitcoin wallets without opening the phone or installing software on it. This work is a collaboration the Laboratory for Experimental Information Security at Tel Aviv University. Similar reports were published in the Hacker News and on Bitcoin.com.