Paul Kocher: Technical Projects

My technical work in security has included a variety of areas, including:

NEW: Spectre Attacks

    I recently uncovered a class of security vulnerabilities arising from the use of speculative execution in microprocessors, which I named Spectre. (Similar issues were independently discovered and simultaneously announced by Jann Horn at Google Project Zero.) When high-performance microprocessors encounter a delay, such as when waiting for information to arrive from memory, they make guesses about likely future directions and proceed speculatively. Eventually, the processor discovers whether it guessed correctly and keeps the speculatively-performed work if the guess was correct (gaining a performance advantage) or discards the extra work if the guess was wrong. Even though the results of erroneous computations are discarded, these operations can leave measurable effects that expose sensitive information. Worse, adversaries can mistrain the prediction circuitry to trick the CPU into speculatively running operations that would never occur legitimately, compromising information on computer systems.

    Of the security protocols I've helped develop, SSL/TLS is the most widely used. In 1996, Taher ElGamal at Netscape recognized the importance and potential for cryptographic protocols to provide security for the web. He assembled a team consisting of myself and Netscape engineers Alan Freier and Phil Karlton to create, implement, and standardize a new protocol to replace the badly broken protocol Netscape was using at the time. The result was the SSL 3.0 protocol, which was given the name TLS 1.0 in the IETF standardization process.

    At the time, I could see that major changes in cryptographic knowledge and legal restrictions were both likely and unpredictable, so I emphasized making the protocol adaptable. Looking back, even more evolution has been needed than I expected. A few changes to the core protocol were needed, and most of the CipherSuites have been replaced as old algorithms like RC4 and MD5 were broken and new algorithms have been standardized. Nevertheless, SSL/TLS now secures the majority of web traffic and is the world's most widely used cryptographic protocol.

Timing Attacks, Differential Power Analysis (DPA), and other side channel attacks
    My work showed how tiny correlations between properties that adversaries can measure (such as timing, power consumption, and electromagnetic emanations) and computation intermediates can be used to find secret keys.  With the team at Cryptography Research (now Rambus), I developed and patented side channel countermeasures that have been broadly licensed by makers of secure semiconductor chips and used in over 100 billion chips, ranging from smart cards chips to large microprocessors.

Cryptographic Hardware
    I've worked on numerous tamper-resistant hardware architectures and implementations, including logic cores marketed by Rambus under the CryptoFirewall and CryptoManager brands. In most cases, these cores create a self-contained intra-chip security domain so that the security of their operations that does not depend on other hardware or software on the chip. I also led the design of the Deep Crack keysearch machine, which was built to demonstrate the insecurity of the Data Encryption Standard (DES) to brute force attacks and the need for stronger standards.

Renewable/Resiliant Architectures
    I have worked extensively on security designs to help manage risk by reducing the consequences of vulnerable implementations. These typically combine secure analytics (such as forensics) with recovery mechanisms. Systems I have helped architect include software update mechanisms, the renewability solution adopted as BD+ in the Blu-ray disc format, and solutions for cable, satellite, and video streaming services.

Brief bio

Home page