Hello, there. Im a PhD at the RootSec lab doing research on a wide range of topics related to microarchitecture.
Publications
2026
Zero-Store Elimination and its Implications on the SIKE Cryptosystem
Lukas Gerlach,
Niklas Flentje, Michael Schwarz
uASC
Leuven, Belgium, February 3, 2026
2025
RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs
Fabian Thomas,
Eric García Arribas, Lorenz Hetterich, Daniel Weber, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz
CCS
Taipei, Taiwan, October 13-17, 2025
Confusing Value with Enumeration: Studying the Use of CVEs in Academia
Moritz Schloegel,
Daniel Klischies,
Simon Koch,
David Klein, Lukas Gerlach,
Malte Wessels, Leon Trampert,
Martin Johns,
Mathy Vanhoef, Michael Schwarz,
Thorsten Holz,
Jo Van Bulck
USENIX Security
Seattle, Washington, USA, August 13-15, 2025
SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution
USENIX Security
Seattle, Washington, USA, August 13-15, 2025
Taming the Linux Memory Allocator for Rapid Prototyping
DIMVA
Graz University of Technology, Austria, July 9-11, 2025
Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage
Mikka Rainer, Lorenz Hetterich, Fabian Thomas, Tristan Hornetz, Leon Trampert, Lukas Gerlach, Michael Schwarz
S&P
San Francisco, California, USA, May 12-15, 2025
Do Compilers Break Constant-time Guarantees?
Lukas Gerlach,
Robert Pietsch, Michael Schwarz
FC
Miyakojima, Japan, April 14-18, 2025
Lixom: Protecting Encryption Keys with Execute-Only Memory
FC
Miyakojima, Japan, April 14-18, 2025
Peripheral Instinct: How External Devices Breach Browser Sandboxes
WWW
Sydney, Australia, April 8 - May 2, 2025
ShadowLoad: Injecting State into Hardware Prefetchers
Lorenz Hetterich, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang,
Nils Bernsdorf, Eduard Ebert, Michael Schwarz
ASPLOS
Rotterdam, Netherlands, March 30 - April 13, 2025
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting
NDSS
San Diego, California, USA, February 23-28, 2025
2024
No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks
ACSAC
Waikiki, Hawaii, USA, December 9-13, 2024
CacheWarp: Software-based Fault Injection using Selective State Reset
Ruiyi Zhang, Lukas Gerlach, Daniel Weber, Lorenz Hetterich,
Youheng Lü,
Andreas Kogler, Michael Schwarz
USENIX Security
Philadelphia, PA, USA, August 14-16, 2024
Efficient and Generic Microarchitectural Hash-Function Recovery
Lukas Gerlach,
Simon Schwarz,
Nicolas Faroß, Michael Schwarz
S&P
San Francisco, California, USA, May 20-23, 2024
2023
A Rowhammer Reproduction Study Using the Blacksmith Fuzzer
ESORICS
The Hague, The Netherlands, September 25-29, 2023
Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks
ESORICS
The Hague, The Netherlands, September 25-29, 2023
Reviving Meltdown 3a
ESORICS
The Hague, The Netherlands, September 25-29, 2023
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
Andreas Kogler,
Jonas Juffinger,
Lukas Giner, Lukas Gerlach,
Martin Schwarzl, Michael Schwarz,
Daniel Gruss,
Stefan Mangard
USENIX Security
Anaheim, California, USA, August 9-11, 2023
Hammulator: Simulate Now - Exploit Later
DRAMSec
Virtual, June 17, 2023
A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs
S&P
San Francisco, California, USA, May 22-25, 2023
BibTeX Citation
@misc{gerlach2026zerostore,
title={Zero-Store Elimination and its Implications on the SIKE Cryptosystem},
howpublished={uASC},
author={Lukas Gerlach and Niklas Flentje and Michael Schwarz},
year={2026}
}BibTeX Citation
@misc{thomas2025riscover,
title={RISCover: Automatic Discovery of User-exploitable Architectural Security Vulnerabilities in Closed-Source RISC-V CPUs},
howpublished={CCS},
author={Fabian Thomas and Eric García Arribas and Lorenz Hetterich and Daniel Weber and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{schloegel2025cve,
title={Confusing Value with Enumeration: Studying the Use of CVEs in Academia},
howpublished={USENIX Security},
author={Moritz Schloegel and Daniel Klischies and Simon Koch and David Klein and Lukas Gerlach and Malte Wessels and Leon Trampert and Martin Johns and Mathy Vanhoef and Michael Schwarz and Thorsten Holz and Jo Van Bulck},
year={2025}
}BibTeX Citation
@misc{weber2025scase,
title={SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution},
howpublished={USENIX Security},
author={Daniel Weber and Lukas Gerlach and Leon Trampert and Youheng Lue and Jo Van Bulck and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{zhang2025mapalloc,
title={Taming the Linux Memory Allocator for Rapid Prototyping},
howpublished={DIMVA},
author={Ruiyi Zhang and Tristan Hornetz and Lukas Gerlach and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{rainer2025rapid,
title={Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage},
howpublished={S\&P},
author={Mikka Rainer and Lorenz Hetterich and Fabian Thomas and Tristan Hornetz and Leon Trampert and Lukas Gerlach and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{gerlach2025compiler,
title={Do Compilers Break Constant-time Guarantees?},
howpublished={FC},
author={Lukas Gerlach and Robert Pietsch and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{hornetz2025lixom,
title={Lixom: Protecting Encryption Keys with Execute-Only Memory},
howpublished={FC},
author={Tristan Hornetz and Lukas Gerlach and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{trampert2025peripheralinstinct,
title={Peripheral Instinct: How External Devices Breach Browser Sandboxes},
howpublished={WWW},
author={Leon Trampert and Lorenz Hetterich and Lukas Gerlach and Mona Schappert and Christian Rossow and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{hetterich2025shadowload,
title={ShadowLoad: Injecting State into Hardware Prefetchers},
howpublished={ASPLOS},
author={Lorenz Hetterich and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Nils Bernsdorf and Eduard Ebert and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{trampert2025cascadingspysheets,
title={Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting},
howpublished={NDSS},
author={Leon Trampert and Daniel Weber and Lukas Gerlach and Christian Rossow and Michael Schwarz},
year={2025}
}BibTeX Citation
@misc{weber2024irqguard,
title={No Leakage Without State Change: Repurposing Configurable CPU Exceptions to Prevent Microarchitectural Attacks},
howpublished={ACSAC},
author={Daniel Weber and Leonard Niemann and Lukas Gerlach and Jan Reineke and Michael Schwarz},
year={2024}
}BibTeX Citation
@misc{zhang2024cachewarp,
title={CacheWarp: Software-based Fault Injection using Selective State Reset},
howpublished={USENIX Security},
author={Ruiyi Zhang and Lukas Gerlach and Daniel Weber and Lorenz Hetterich and Youheng Lü and Andreas Kogler and Michael Schwarz},
year={2024}
}BibTeX Citation
@misc{gerlach2024hash,
title={Efficient and Generic Microarchitectural Hash-Function Recovery},
howpublished={S\&P},
author={Lukas Gerlach and Simon Schwarz and Nicolas Faroß and Michael Schwarz},
year={2024}
}BibTeX Citation
@misc{gerlach2023blacksmithrepro,
title={A Rowhammer Reproduction Study Using the Blacksmith Fuzzer},
howpublished={ESORICS},
author={Lukas Gerlach and Fabian Thomas and Robert Pietsch and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{weber2023masc,
title={Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks},
howpublished={ESORICS},
author={Daniel Weber and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{weber2023meltdown3a,
title={Reviving Meltdown 3a},
howpublished={ESORICS},
author={Daniel Weber and Fabian Thomas and Lukas Gerlach and Ruiyi Zhang and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{kogler2023collidepower,
title={Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels},
howpublished={USENIX Security},
author={Andreas Kogler and Jonas Juffinger and Lukas Giner and Lukas Gerlach and Martin Schwarzl and Michael Schwarz and Daniel Gruss and Stefan Mangard},
year={2023}
}BibTeX Citation
@misc{thomas2023hammulator,
title={Hammulator: Simulate Now - Exploit Later},
howpublished={DRAMSec},
author={Fabian Thomas and Lukas Gerlach and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{gerlach2023riscv,
title={A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs},
howpublished={S\&P},
author={Lukas Gerlach and Daniel Weber and Ruiyi Zhang and Michael Schwarz},
year={2023}
}Talks
2026
How Secure Are Commercial RISC-V CPUs?
FOSDEM
Brussels, Belgium, January 31, 2026
2023
A Security RISC? The State of Microarchitectural Attacks on RISC-V
Black Hat Europe
London, United Kingdom, December 7, 2023
Rowhammer Revisited: From Exploration to Exploitation and Mitigation
m0leCon
Torino, Italy, December 2, 2023
BibTeX Citation
@misc{thomas2026secure,
title={How Secure Are Commercial RISC-V CPUs?},
howpublished={FOSDEM},
author={Lukas Gerlach and Fabian Thomas},
year={2026}
}BibTeX Citation
@misc{gerlach2023security,
title={A Security RISC? The State of Microarchitectural Attacks on RISC-V},
howpublished={Black Hat Europe},
author={Lukas Gerlach and Daniel Weber and Michael Schwarz},
year={2023}
}BibTeX Citation
@misc{gerlach2023rowhammer,
title={Rowhammer Revisited: From Exploration to Exploitation and Mitigation},
howpublished={m0leCon},
author={Lukas Gerlach and Daniel Weber},
year={2023}
}Awards
2025
Distinguished Artifact Award
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting
NDSS
February 23, 2025