Publications
You can also find my articles on Google Scholar.
Alan Wang, Boru Chen, Yingchen Wang, Christopher W. Fletcher, Daniel Genkin, David Kohlbrenner, Riccardo PaccagnellaPublished in IEEE S&P (Oakland), 2025 (Full Paper | )
Peek-a-Walk is a microarchitectural side-channel attack that leaks secrets from the page walk process. This amplifies an attacker’s bit leakage capabilities (up to 42 of the 64 secret bits) in scenarios where secrets are dereferenced microarchitecturally.
Yongye Zhu, Boru Chen, Zirui Neil Zhao, Christopher W. FletcherPublished in ASPLOS, 2025 (Full Paper | )
Controlled Preemption studies the responsiveness and fairness of OS thread schedulers, which naturally provides a preemption window where the attacker thread can interleave its execution with a victim thread at a temporally fine-grained level (i.e. single step the victim thread).
Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher W. Fletcher, David Kohlbrenner, Riccardo Paccagnella, Daniel GenkinPublished in USENIX Security, 2024 (Full Paper | )
Pwnie Award -- Best Cryptographic Attack
GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs). We show that DMPs are present in many Apple CPUs and pose a real threat to multiple cryptographic implementations, allowing us to extract keys from OpenSSL Diffie-Hellman, Go RSA, as well as CRYSTALS Kyber and Dilithium.