656 results

  • Generic Attack on Duplex-Bases AEAD Modes using Random Function Statistics

    • September 22, 2023

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Rachelle Heim Boissier - Inria

    Duplex-based authenticated encryption modes with a sufficiently large key length are proven to be secure up to the birthday bound 2^(c/2), where c is the capacity. However this bound is not known to be tight and the complexity of the best known generic attack, which is based on multicollisions, is much larger: it reaches 2^c/α where α represents a small security loss factor. There is thus an[…]

  • Modélisation statistique et sécurité des générateurs d'aléa pour la cryptographie

    • April 08, 2023 (11:00 - 12:00)

    • À l'IRISA, campus de Beaulieu, Rennes

    Speaker : David Lubicz - DGA, IRMAR

    Dans cet exposé on essaie d'expliquer ce que l'on entend pas méthodes statistiques et on donne des exemples concrets d'application dans la cybersécurité.

    • Cryptography

  • Analyse statistique des extrêmes pour la modélisation d'évènements rares ou atypiques

    • April 08, 2023 (10:00 - 11:00)

    • À l'IRISA, campus de Beaulieu, Rennes

    Speaker : Gilles Stupfler - ENSAI

  • Where ML Security Is Broken and How to Fix It

    • February 03, 2023

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Maura Pintor (PRA Lab, University of Cagliari)

    To understand the sensitivity under attacks and to develop defense mechanisms, machine-learning model designers craft worst-case adversarial perturbations with gradient-descent optimization algorithms against the model under evaluation. However, many of the proposed defenses have been shown to provide a false sense of robustness due to failures of the attacks, rather than actual improvements in[…]

  • DroidGuard: A Deep Dive into SafetyNet

    • January 06, 2023

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Romain Thomas (Quarkslab)

    SafetyNet is the Android component developed by Google to verify the devices’ integrity. These checks are used by the developers to prevent running applications on devices that would not meet security requirements but it is also used by Google to prevent bots, fraud and abuse.In 2017, Collin Mulliner & John Kozyrakis made one of the first public presentations about SafetyNet and a glimpse into the[…]

  • Not so AdHoc testing: formal methods in the standardization of the EDHOC protocol

    • December 16, 2022

    • Inria Center of the University of Rennes - - Room TBD

    Speaker : Charlie Jacomme (Inria Paris)

    We believe that formal methods in security should be leveraged in all the standardisation’s of security protocols in order to strengthen their guarantees. To be effective, such analyses should be:* maintainable: the security analysis should be performed on every step of the way, i.e. each iteration of the draft;* pessimistic: all possible threat models, notably all sort of compromise should be[…]
Page top