Boru Chen

Boru Chen

CS Ph.D. Student at Berkeley

Publications

You can also find my articles on Google Scholar.

@inproceedings{gofetch, title = {GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers}, author = {Boru Chen and Yingchen Wang and Pradyumna Shome and Christopher W. Fletcher and David Kohlbrenner and Riccardo Paccagnella and Daniel Genkin}, booktitle = {USENIX Security}, year = {2024}, }
@inproceedings{peekawalk, author = { Wang, Alan and Chen, Boru and Wang, Yingchen and Fletcher, Christopher and Genkin, Daniel and Kohlbrenner, David and Paccagnella, Riccardo }, booktitle = { IEEE S\&P }, title = , year = {2025} }

Peek-a-Walk: Leaking Secrets via Page Walk Side Channels

Alan Wang, Boru Chen, Yingchen Wang, Christopher W. Fletcher, Daniel Genkin, David Kohlbrenner, Riccardo Paccagnella

Published in IEEE S&P (Oakland), 2025 (Full Paper | bibtex)

Peek-a-Walk is a microarchitectural side-channel attack that leaks secrets from the page walk process. This amplifies an attacker’s bit leakage capabilities (up to 42 of the 64 secret bits) in scenarios where secrets are dereferenced microarchitecturally.

GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

Boru Chen, Yingchen Wang, Pradyumna Shome, Christopher W. Fletcher, David Kohlbrenner, Riccardo Paccagnella, Daniel Genkin

Published in USENIX Security, 2024 (Full Paper | bibtex)

Pwnie Award -- Best Cryptographic Attack

GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs). We show that DMPs are present in many Apple CPUs and pose a real threat to multiple cryptographic implementations, allowing us to extract keys from OpenSSL Diffie-Hellman, Go RSA, as well as CRYSTALS Kyber and Dilithium.