Lukas Gerlach

Lukas Gerlach

PhD Student

Hello, there. Im a PhD at the RootSec lab doing research on a wide range of topics related to microarchitecture.

Publications

2025
Confusing Value with Enumeration: Studying the Use of CVEs in Academia

Moritz Schloegel, Daniel Klischies, Simon Koch, David Klein, Lukas Gerlach, Malte Wessels, Leon Trampert, Martin Johns, Mathy Vanhoef, Michael Schwarz, Thorsten Holz, Jo Van Bulck

USENIX Security

Seattle,

Washington,

USA,

August 13-15

2025

PDFCITE
Taming the Linux Memory Allocator for Rapid Prototyping

Ruiyi Zhang, Tristan Hornetz, Lukas Gerlach, Michael Schwarz

DIMVA '25

Graz

University

of

Technology,

Austria,

July 9-11

2025

PDFCITECODE
Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage

Mikka Rainer, Lorenz Hetterich, Fabian Thomas, Tristan Hornetz, Leon Trampert, Lukas Gerlach, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 12-15

2025

PDFCITECODE
Lixom: Protecting Encryption Keys with Execute-Only Memory

Tristan Hornetz, Lukas Gerlach, Michael Schwarz

FC

Miyakojima,

Japan,

April 14-18

2025

PDFCITECODE
Do Compilers Break Constant-time Guarantees?

Lukas Gerlach, Robert Pietsch, Michael Schwarz

FC

Miyakojima,

Japan,

April 14-18

2025

PDFCITE
ShadowLoad: Injecting State into Hardware Prefetchers

Lorenz Hetterich, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Nils Bernsdorf, Eduard Ebert, Michael Schwarz

ASPLOS

Rotterdam,

Netherlands,

March 30-April1 3

2025

PDFCITECODE
Peripheral Instinct: How External Devices Breach Browser Sandboxes

Leon Trampert, Lorenz Hetterich, Lukas Gerlach, Mona Schappert, Christian Rossow, Michael Schwarz

WWW

Sydney,

Australia,

8 April-2 May

2025

PDFCITECODE
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting

Leon Trampert, Daniel Weber, Lukas Gerlach, Christian Rossow, Michael Schwarz

NDSS

San

Diego,

California,

USA,

February 23-28

2025

PDFCITECODE
2024
No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks

Daniel Weber, Leonard Niemann, Lukas Gerlach, Jan Reineke, Michael Schwarz

ACSAC

Waikiki,

Hawaii,

USA,

December 9-13

2024

PDFCITECODE
CacheWarp: Software-based Fault Injection using Selective State Reset

Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich, Youheng Lü, Andreas Kogler, Michael Schwarz

USENIX Security

Philadelphia,

PA,

USA,

August 14-16

2024

PDFCITECODEINFO
Efficient and Generic Microarchitectural Hash-Function Recovery

Lukas Gerlach, Simon Schwarz, Nicolas Faroß, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 20-23

2024

PDFCITECODE
2023
Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks

Daniel Weber, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITECODE
Reviving Meltdown 3a

Daniel Weber, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITECODE
A Rowhammer Reproduction Study Using the Blacksmith Fuzzer

Lukas Gerlach, Fabian Thomas, Robert Pietsch, Michael Schwarz

ESORICS

The

Hague,

The

Netherlands,

September 25-29

2023

PDFCITE
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels

Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard

USENIX Security

Anaheim,

California,

USA,

August 9-11

2023

PDFCITECODEINFO
Hammulator: Simulate Now - Exploit Later

Fabian Thomas, Lukas Gerlach, Michael Schwarz

DRAMSec

Virtual,

June 17

2023

PDFCITECODE
A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs

Lukas Gerlach, Daniel Weber, Ruiyi Zhang, Michael Schwarz

S&P

San

Francisco,

California,

USA,

May 22-25

2023

PDFCITECODE

Talks

2024
From Rowhammer to GhostWrite: Advanced Exploitation and Discovery of Hardware Bugs

Fabian Thomas, Lukas Gerlach

hardwear.io

The

Hague,

The

Netherlands,

October 25

2024

CITEINFO
2023
A Security RISC? The State of Microarchitectural Attacks on RISC-V

Lukas Gerlach, Daniel Weber, Michael Schwarz

BlackHat Europe

London,

United

Kingdom,

December 7

2023

CITE
Rowhammer Revisited: From Exploration to Exploitation and Mitigation

Lukas Gerlach, Daniel Weber

m0leCon

Torino,

Italy,

December 2

2023

CITE