Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
633 results
-
-
Seminar
-
SoSysec
Breaking and fixing HB+DB: A Short Tale of Provable vs Experimental Security and Lightweight Designs
Speaker : Ioana Boureanu (University of Surrey)
HB+ is a well-know authentication scheme purposely designed to be lightweight. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. To this end, at WiSec2015, the HB+DB protocol added a distance-bounding dimension to HB+, which was experimentally shown to counteract the GRS attack.In this talk, we will exhibit however a number of security flaws in the HB+DB[…] -
-
-
Seminar
-
SoSysec
Voting : You Can’t Have Privacy without Individual Verifiability
Speaker : Joseph Lallemand (Loria)
Electronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability […] -
-
-
Seminar
-
SoSysec
Binary Edwards Curves for intrinsically secure ECC implementations for the IoT
Speaker : Antoine Loiseau (CEA)
Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era, at present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this talk, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up[…] -
-
-
Seminar
-
SoSysec
DroidGuard: A Deep Dive into SafetyNet
Speaker : Romain Thomas (Quarkslab)
SafetyNet is the Android component developed by Google to verify the devices’ integrity. These checks are used by the developers to prevent running applications on devices that would not meet security requirements but it is also used by Google to prevent bots, fraud and abuse.In 2017, Collin Mulliner & John Kozyrakis made one of the first public presentations about SafetyNet and a glimpse into[…] -
-
-
Seminar
-
SoSysec
Browser fingerprinting: past, present and possible future
Speaker : Pierre Laperdrix (CRIStAL)
Browser fingerprinting has grown a lot since its debut in 2010. By collecting specific information in the browser, one can learn a lot about a device and its configuration. It has been shown in previous studies that it can even be used to track users online, bypassing current tracking methods like cookies. In this presentation, we will look at how this technique works and present an overview of[…] -
-
-
Seminar
-
SoSysec
Intrusion Detection Systems over an Encrypted Traffic: Problem and Solutions
Speaker : Sébastien Canard (Orange)
Privacy and data confidentiality are today at the heart of many discussions. But such data protection should not be done at the detriment of other security aspects. In the context of network traffic, intrusion detection system becomes in particular totally blind when the traffic is encrypted, making clients again vulnerable to known threats and attacks. Reconciling security and privacy is then one[…] -