53 results
-
Privacy in The 5G-AKA Authentication Protocol
Speaker : Adrien Koutsos (LSV)
The 5G mobile communications standards are being finalized, and drafts are now available. This standard describes the 5G-AKA authentication and key exchange protocol. The previous version of AKA (3G and 4G) are well-known for their lack of privacy against an active adversary (e.g. a user can be massively tracked using IMSI-catcher). This new version of AKA tries to offer more privacy, notably[…] -
Splitting the Linux Kernel for Fun and Profit
Speaker : Chris Dalton (HP, Bristol, UK)
This talk looks at a pragmatic attempt at strengthening the security properties of Linux by introducing a degree of intra-kernel protection into the Linux kernel (supported by CPU Virtualization silicon features). Consider it, if you like, an attempt at retrofitting a ‘micro-kernel’ interface into traditionally monolithic Linux whilst maintaining a single linux code base (yes it’s still Linux), no[…] -
Machine Learning for Computer Security Detection Systems: Practical Feedback and Solutions
Speaker : Anaël Beaugnon (ANSSI)
Machine learning based detection models can strengthen detection, but there remain some significant barriers to the widespread deployment of such techniques in operational detection systems. In this presentation, we identify the main challenges to overcome and we provide both methodological guidance and practical solutions to address them. The solutions we present are completely generic to be[…] -
Binary Edwards Curves for intrinsically secure ECC implementations for the IoT
Speaker : Antoine Loiseau (CEA)
Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era, at present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this talk, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up[…] -
How to decrypt without keys with GlobalPlatform SCP02 protocol
Speaker : par Loic Ferreira (Orange Labs, IRISA)
The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…] -
A theory of assertions for Dolev-Yao models
Speaker : Vaishnavi Sundararajan (Chennai Mathematical Institute, India)
We undertake an abstract study of certification in security protocols, concentrating on the logical properties and derivability of certificates. Specifically, we extend the Dolev-Yao model with a new class of objects called ‘assertions’, along with an associated algebra for deriving new assertions from old ones. We obtain complexity results for the derivability problem and active intruder problem[…]