What I Do

This is an attempt to explain what I do for work in 200 words or fewer. The idea is to be better at explaining my profession to people succinctly, giving them an accurate idea of my job without needing to have had any prior knowledge of the subject. Here goes:

I am a side-channel security researcher. I try to make sure we cannot infer secret information from the way computers behave. For example, if you password protect a file with your secret key "1010", then the computer might behave differently if a digit of your key is a "1" or a "0". By measuring how the computer behaves, I can make it easier to guess your key. We say that the computer "leaks" information about what it is doing if you can learn things by measuring some aspect of the computer. This might mean measuring its power consumption, the time it takes to do something, or even its electromagnetic emissions. Once I know how the computer behaves depending on your (or anyones) key, I can change how the computer works to make it more secure. This means making sure that whatever your key is, it always takes the same amount of time or energy to operate on something with that key. This makes the information "leaks" are smaller, and harder to use. This is important for contactless cards, which "leak" wireless signals. You don't want the the signals to give away what your pin is!

Word Count: 195.

< Back | March 2018