624 results

  • SideLine and the advent of software-induced hardware attacks

    • March 19, 2021

    • Mines Saint-Etienne – Thales - Web-Conférence

    Speaker : Joseph Gravellier

    In this talk, we will discuss software-induced hardware attacks and their impact for IoT, cloud and mobile security. More specifically, I will introduce SideLine, a new power side-channel attack vector that can be triggered remotely to infer cryptographic secrets. SideLine is based on the intentional misuse of delay-lines components embedded in SoCs that use external memory. I will explain how we[…]

  • Does Facebook use sensitive data for advertising?

    • March 12, 2021

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : José González Cabañas (Universidad Carlos III de Madrid, Spain)

    Large online platforms use personal data, for example, your interests, to allow advertisers to reach you based on the things you like. But did you know some of these interests they use are associated with sensitive information directly linked to your social profile? In this talk, I will talk about the definition of sensitive data in terms of the General Data Protection Regulation in Europe (GDPR).[…]

  • A formal study of injection-based attacks and some tools it will enable

    • February 19, 2021

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Pierre-François Gimenez (Inria Rennes, CentraleSupélec)

    Many systems work by receiving instructions and processing them: e.g., a browser receives and then displays an HTML page and executes Javascript scripts, a database receives a query and then applies it to its data, an embedded system controlled through a protocol receives and then processes a message. When such instructions depend on user input, one generally constructs them with concatenation or[…]

  • Canadian and Québec approaches to contact tracing

    • December 11, 2020

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Sébastien Gambs (Université du Québec à Montréal, Canada)

    Contact tracing applications have been deployed in many countries as a complementary measure to fight Covid-19 by enabling to automatically notify individuals who have been in contact with infected persons. However, the choice of the design of a particular application is not innocent as it has a direct impact on its security as well as on the privacy of its user. In this talk, I will review the[…]

  • The PINED-RQ Family: Differentially Private Indexes for Range Query Processing in Clouds

    • November 13, 2020

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Tristan Allard (IRISA, Université de Rennes 1)

    Performing non- aggregate range queries on cloud stored data, while achieving both privacy and efficiency is a challenging problem. With the PINED-RQ family of techniques, we propose constructing a differentially private index to an outsourced encrypted dataset. Efficiency is enabled by using a cleartext index structure to perform range queries. Security relies on both differential privacy (of the[…]

  • An evaluation of Symbolic Execution Systems and the benefits of compilation with SymCC

    • September 25, 2020

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Aurélien Francillon (Eurecom)

    In this talk I will discuss our recent work, together with Sebastian Poeplau, on Symbolic execution. Symbolic execution has become a popular technique for software testing and vulnerability detection, in particular, because it allows to generate test cases for difficult to reach program paths. However, a major impediment to practical symbolic execution is speed, especially when compared to near[…]
Page top