About Me

I am an PhD student at in the Secure Systems group at the Institute of Applied Information Processing and Communications at Graz University of Technology. I am the founder of pwmt.org, an open-source community creating functional and simplistic applications and libraries. I am interested in microarchitectural side-channel attacks and apiculture.

If you have any questions or just want to get in touch, feel free to contact me!


Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard

13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea

Generalizing the Use-After-Free Problem and Applying it to Email Services

Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp

13th ACM ASIA Conference on Information, Computer and Communications Security (AsiaCCS'18), Songdo, Incheon, Korea

Another Flip in the Wall of Rowhammer Defenses

Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, Yuval Yarom

39th IEEE Symposium on Security and Privacy (IEEE S&P'18), San Fransisco, USA

JavaScript Zero
Real JavaScript and Zero Side-Channel Attacks

Michael Schwarz, Moritz Lipp, Daniel Gruss

Network and Distributed System Security Symposium (NDSS'18), San Diego, USA

Eliminating Software-Based Keystroke Timing Side-Channel Attacks

Michael Schwarz, Moritz Lipp, Daniel Gruss, Samuel Weiser, Clémentine Maurice, Raphael Spreitzer, Stefan Mangard

Network and Distributed System Security Symposium (NDSS'18), San Diego, USA


Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg

Spectre Attacks
Exploiting Speculative Execution

Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom

Practical Keystroke Timing Attacks in Sandboxed JavaScript

Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, Stefan Mangard

22nd European Symposium on Research in Computer Security (ESORICS'17), Oslo, Norway

KASLR is Dead: Long Live KASLR

Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, Stefan Mangard

International Symposium on Engineering Secure Software and Systems (ESSoS'17), Bonn, Germany

Cache Attacks And Rowhammer on ARM
Master thesis

Moritz Lipp

Graz University of Technology

Prefetch Side-Channel Attacks
Bypassing SMAP and Kernel ASLR

Daniel Gruss, Anders Fogh, Clémentine Maurice, Moritz Lipp, Stefan Mangard

23rd ACM Conference on Computer and Communications Security (CCS'16), Vienna, Austria

Cache Attacks on Mobile Devices

Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard

25th USENIX Security Symposium (USENIX'16), Austin, Texas, USA


When Good Turns Evil
Using Intel SGX to Stealthily Steal Bitcoins

Michael Schwarz, Moritz Lipp

Black Hat Asia, Marina Bay Sands, Singapore, March 20, 2018

Breaking through walls
How performance optimisations shatter security boundaries

Moritz Lipp

QCon London, London, United Kingdom, March 05, 2018

From the Basics to Sophisticated New Variants

Moritz Lipp, Michael Schwarz

Qualcomm, San Diego, CA, USA, February 21, 2018

Spectre and Meltdown on x86 and ARM

Michael Schwarz, Moritz Lipp, Stefan Mangard

NXP, Gratkorn, Austria, February 15, 2018

Spectre and Meltdown in a nutshell

Moritz Lipp

Vienna Cyber Security Week 2018, Vienna, Austria, February 01, 2018

Microarchitectural Attacks and Defenses in JavaScript

Michael Schwarz, Daniel Gruss, Moritz Lipp

Guest Talk @ Google, Munich, Germany, January 25, 2018

Beyond Belief
Spectre and Meltdown

Daniel Gruss, Moritz Lipp, Michael Schwarz

Microsoft BlueHat IL 2018, Tel Aviv, Israel, January 24, 2018

How processor performance is tied to side-channel leakage
With great speed comes great leakage

Daniel Gruss, Moritz Lipp

Qualcomm Mobile Security Summit 2017, San Diego, CA, USA, May 18, 2017

What could possibly go wrong with <insert x86 instruction here>?

Clémentine Maurice, Moritz Lipp

33rd Chaos Communication Congress (33C3), Hamburg, Germany, December 06, 2016

How Your Smartphone CPU Breaks Software-Level Security and Privacy

Moritz Lipp, Clémentine Maurice

Black Hat Europe 2016, London, UK, November 06, 2016


Pwnie Award
Best Song

Manuel Weber, Daniel Gruss, Michael Schwarz, Moritz Lipp, Rebekka Aigner

Black Hat USA, Las Vegas, USA

IAIK Student Research Excellence Award

Moritz Lipp

IAIK Graz University of Technology, Graz, Austria

WKO Steiermark Stipend

Moritz Lipp

Wirtschaftskammer Steiermark, Graz, Austria