David Kohlbrenner

I am an Assistant Professor in the Paul G. Allen School of Computer Science and Engineering at the University of Washington.
Previously I was a post-doc with Dawn Song and the ADEPT lab at UC Berkeley, and did my PhD with Hovav Shacham at UC San Diego.

Google Scholar profile

Contact: dkohlbre [at] cs.washington.edu
If you are a UW student, please send from your academic email address
(david.kohlbrenner [at] gmail.com for non-academic)

Office: CSE2 310

Research

My research interests span software security, systems, and hardware architecture.
I put special focus on the impact of hardware design on high-level software security.

Active projects include:
Next generation microarchitectural side-channels and defenses.
FPGA analog side-channels.
The Keystone TEE framework for RISC-V.

Teaching

CSE484 Computer Security and Privacy (25sp,24sp, 23sp, 21au, 21wi)
CSE564 (Graduate) Computer Security and Privacy (20au)
CSE123 Introduction to Computer Programming III (23au)
CSEP564 (Graduate, PMP) Computer Security and Privacy (24au,22au)
CSE599 Hardware Security (22sp)

Previously:
Advanced topics on secure hardware (UC Berkeley)
CSE80 Linux and the Command Line aka T4CS (UC San Diego)

Students

PhD

Alexandra Michael Fall 2022 -> present (coadvised with Dan Grossman)
Gregor Haas Fall 2022 -> present
Maddie Burbage Fall 2023 -> present (coadvised with Baris Kasikci)

Undergrad and Masters

Pranav Gopalkrishnan (Undergrad, Fall 2023 - present)

Past Students

Michael Flanders
Micheal Chung (Undergrad) -> Apple

Conference Publications

"Peek-a-Walk: Leaking Secrets via Page Walk Side Channels"
A. Wang, B. Chen, Y. Wang, C. Fletcher, D. Genkin, D. Kohlbrenner, R. Paccagnella
IEEE Security and Privacy (Oakland), 2025.
"GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers"
B. Chen, Y. Wang, P. Shome, C. Fletcher, D. Kohlbrenner, R. Paccagnella, D. Genkin
USENIX Security, 2024.
Pwnie Award 2024 -- Best Cryptographic Attack
See more at gofetch.fail
"Avoiding Instruction-Centric Microarchitectural Timing Channels Via Binary-Code Transformations"
M. Flanders, R. Sharma, A. Michael, D. Grossman, D. Kohlbrenner
ASPLOS, 2024.
cio is available here
"Pentimento: Data Remanence in Cloud FPGAs"
C. Drews, O. Weng, A. Meza, A. Althoff, D. Kohlbrenner, R. Kastner, D. Richmond
ASPLOS, 2024.
"GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression"
Y. Wang, R. Paccagnella, Z. Gang, W. R. Vasquez, D. Kohlbrenner, H. Shacham, C. Fletcher
IEEE Security and Privacy (Oakland), 2024.
See more at hertzbleed.com/gpu.zip
"Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions"
J. Yu, A. Dutta, T. Jaeger, D. Kohlbrenner, C. Fletcher
USENIX Security, 2023.
Talk Recording
"DVFS frequently leaks secrets: Hertzbleed attacks beyond SIKE, cryptography, and CPU-only data"
Y. Wang, R. Paccagnella, A. Wandke, Z. Gang, G. Garrett-Grossman, C. Fletcher, D. Kohlbrenner, H. Shacham
IEEE Security and Privacy (Oakland), 2023.
See more at hertzbleed.com
"Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86"
Y. Wang, R. Paccagnella, ET. He, H. Shacham, C. Fletcher, D. Kohlbrenner
USENIX Security, 2022.
Top Picks in Hardware and Embedded Security 2024
IEEE Micro Top Picks 2022
Pwnie Award 2022 -- Best Cryptographic Attack
See more at hertzbleed.com
"Augury: Using Data Memory-Dependent Prefetchers to Leak Data at Rest"
J. Vicarte, M. Flanders, R. Paccagnella, G. Garret-Grossman, A. Morrison, C. Fletcher, D. Kohlbrenner
IEEE Security and Privacy (Oakland), 2022.
2nd at CSAW 2022 Applied Research Competition
See more at prefetchers.info
"Opening Pandora's Box: A Systematic Study of New Ways Microarchitecture Can Leak Private Data"
J. Vicarte, P. Shome, N. Nayak, C. Trippel, A. Morrison, D. Kohlbrenner, C. Fletcher
ISCA, 2021.
Honorable Mention for Intel Hardware Security Academic Award 2022
"Keystone: An Open Framework for Architecting TEEs"
D. Lee, D. Kohlbrenner, S. Shinde, D. Song, K. Asanovic
EuroSys 2020.
Top Picks in Hardware and Embedded Security 2022
"Sanctorum: A lightweight security monitor for secure enclaves"
I. Lebedev, K. Hogan, J. Drean, D. Kohlbrenner, D. Lee, K. Asanovic, D. Song, S. Devadas
Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 2019.
"On the effectiveness of mitigations against floating-point timing channels."
D. Kohlbrenner and H. Shacham
USENIX Security. August 2017 (Updated Nov 2022, original)
Tools and attack details
"Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX"
C. Disselkoen, D. Kohlbrenner, L. Porter, D. Tullsen
USENIX Security. August 2017
"Trusted Browsers for Uncertain Times."
D. Kohlbrenner and H. Shacham
USENIX Security. August 2016
2nd at CSAW 2016 Applied Research Competition
"On Subnormal Floating Point and Abnormal Timing."
M. Andrysco, D. Kohlbrenner, K. Mowery, R. Jhala, S. Lerner, and H. Shacham
IEEE Security and Privacy (Oakland), May 2015 (Updated June 2017, original)
"Welcome to the Entropics: Boot-Time Entropy in Embedded Devices."
K. Mowery, M. Wei, D. Kohlbrenner, H. Shacham, and S. Swanson
IEEE Security and Privacy (Oakland), May 2013

Other Publications

"Software-Based Off-Chip Memory Protection for RISC-V Trusted Execution Environments"
G. Andrade, D. Lee, D. Kohlbrenner, K. Asanovic, D. Song
Workshop on Computer Architecture Research with RISC-V (CARRV), May 2020
"Verifying RISC-V Physical Memory Protection"
K. Cheang, C. Rasmussen, D. Lee, D. Kohlbrenner, K. Asanovic, S. Seshia
Workshop on Secure RISC-V Architecture Design (SECRISC-V 2020), Aug 2020
"Building Open Trusted Execution Environments"
D. Kohlbrenner, S. Shinde, D. Lee, K. Asanovic, D. Song
IEEE Security & Privacy Magazine ( Volume: 18 , Issue: 5 , Sept.-Oct. 2020 )

Non-papers

Skystriker by Skullduggery Systems
Security impact of noexcept (D. Kohlbrenner, D. Svoboda, A. Wesie)

Other bits

How I manage paper writing
Setting up client cert eduroam
Setting up nice Zoom talks