David Kohlbrenner

I am an Assistant Professor in the Paul G. Allen School of Computer Science and Engineering at the University of Washington.
Previously I was a post-doc with Dawn Song and the ADEPT lab at UC Berkeley, and did my PhD with Hovav Shacham at UC San Diego.

Google Scholar profile

Contact: dkohlbre [at] cs.washington.edu
If you are a UW student, please send from your academic email address
(david.kohlbrenner [at] gmail.com for non-academic)

Office: CSE2 310

Research

My research interests span software security, systems, and hardware architecture.
I put special focus on the impact of hardware design on high-level software security.

Active projects include:
Next generation microarchitectural side-channels and formal defenses.
FPGA analog side-channels.
The Keystone TEE framework for RISC-V.

Teaching

CSE484 Computer Security and Privacy (Sp23, Au21, Wi21)
CSE564 (Graduate) Computer Security and Privacy (Au20)
CSEP564 (Graduate, PMP) Computer Security and Privacy (Au22)
CSE599 Hardware Security (Sp22)

Previously:
Advanced topics on secure hardware (UC Berkeley)
CSE80 Linux and the Command Line aka T4CS (UC San Diego)

Students

PhD

Michael Flanders Fall 2021 -> present
Alexandra Michael Fall 2022 -> present (coadvised with Dan Grossman)
Gregor Haas Fall 2022 -> present

Undergrad and Masters

Micheal Chung (Undergrad, Fall 2021 - present)

Conference Publications

J. Yu, A. Dutta, T. Jaeger, D. Kohlbrenner, C. Fletcher, "Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions" USENIX Security, 2023.

Y. Wang, R. Paccagnella, A. Wandke, Z. Gang, G. Garrett-Grossman, C. Fletcher, D. Kohlbrenner, H. Shacham "DVFS frequently leaks secrets: Hertzbleed attacks beyond SIKE, cryptography, and CPU-only data" IEEE Security and Privacy (Oakland), 2023.

See more at hertzbleed.com

Y. Wang, R. Paccagnella, ET. He, H. Shacham, C. Fletcher, D. Kohlbrenner "Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86" USENIX Security, 2022.
IEEE Micro Top Picks 2022
Winner Pwnie Award 2022 -- Best Cryptographic Attack

See more at hertzbleed.com

J. Vicarte, M. Flanders, R. Paccagnella, G. Garret-Grossman, A. Morrison, C. Fletcher, D. Kohlbrenner "Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest" IEEE Security and Privacy (Oakland), 2022.
2nd at CSAW 2022 Applied Research Competition

See more at prefetchers.info

J. Vicarte, P. Shome, N. Nayak, C. Trippel, A. Morrison, D. Kohlbrenner, C. Fletcher "Opening Pandora's Box: A Systematic Study of New Ways Microarchitecture Can Leak Private Data" ISCA, 2021.
Honorable Mention for Intel Hardware Security Academic Award 2022

D. Lee, D. Kohlbrenner, S. Shinde, D. Song, K. Asanovic "Keystone: An Open Framework for Architecting TEEs" EuroSys 2020.
Top Picks in HES 2022

I. Lebedev, K. Hogan, J. Drean, D. Kohlbrenner, D. Lee, K. Asanovic, D. Song, S. Devadas "Sanctorum: A lightweight security monitor for secure enclaves" Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 2019.

D. Kohlbrenner and H. Shacham "On the effectiveness of mitigations against floating-point timing channels." USENIX Security. August 2017 (Updated Nov 2022, original USENIX Security. August 2017

Tools and attack details

C. Disselkoen, D. Kohlbrenner, L. Porter, D. Tullsen "Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX" USENIX Security. August 2017

D. Kohlbrenner and H. Shacham "Trusted Browsers for Uncertain Times." USENIX Security. August 2016
2nd at CSAW 2016 Applied Research Competition

M. Andrysco, D. Kohlbrenner, K. Mowery, R. Jhala, S. Lerner, and H. Shacham "On Subnormal Floating Point and Abnormal Timing." IEEE Security and Privacy (Oakland), May 2015 (Updated June 2017, original)

K. Mowery, M. Wei, D. Kohlbrenner, H. Shacham, and S. Swanson "Welcome to the Entropics: Boot-Time Entropy in Embedded Devices." IEEE Security and Privacy (Oakland), May 2013

Other Publications

G. Andrade, D. Lee, D. Kohlbrenner, K. Asanovic, D. Song "Software-Based Off-Chip Memory Protection for RISC-V Trusted Execution Environments" Workshop on Computer Architecture Research with RISC-V (CARRV), May 2020

K. Cheang, C. Rasmussen, D. Lee, D. Kohlbrenner, K. Asanovic, S. Seshia "Verifying RISC-V Physical Memory Protection" Workshop on Secure RISC-V Architecture Design (SECRISC-V 2020), Aug 2020

D. Kohlbrenner, S. Shinde, D. Lee, K. Asanovic, D. Song "Building Open Trusted Execution Environments" IEEE Security & Privacy Magazine ( Volume: 18 , Issue: 5 , Sept.-Oct. 2020 )

Non-papers

Skystriker by Skullduggery Systems
Security impact of noexcept (D. Kohlbrenner, D. Svoboda, A. Wesie)

Other bits

How I manage paper writing
Setting up client cert eduroam
Setting up nice Zoom talks