Filter by content type
Select one or more filters. This choice will reload the page to display the filtered results.
644 results
-
-
Seminar
-
SoSysec
How to decrypt without keys with GlobalPlatform SCP02 protocol
Speaker : par Loic Ferreira (Orange Labs, IRISA)
The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…] -
-
-
Seminar
-
SoSysec
Browser fingerprinting: past, present and possible future
Speaker : Pierre Laperdrix (CRIStAL)
Browser fingerprinting has grown a lot since its debut in 2010. By collecting specific information in the browser, one can learn a lot about a device and its configuration. It has been shown in previous studies that it can even be used to track users online, bypassing current tracking methods like cookies. In this presentation, we will look at how this technique works and present an overview of[…] -
-
-
Seminar
-
SoSysec
Intrusion Detection Systems over an Encrypted Traffic: Problem and Solutions
Speaker : Sébastien Canard (Orange)
Privacy and data confidentiality are today at the heart of many discussions. But such data protection should not be done at the detriment of other security aspects. In the context of network traffic, intrusion detection system becomes in particular totally blind when the traffic is encrypted, making clients again vulnerable to known threats and attacks. Reconciling security and privacy is then one[…] -
-
-
Seminar
-
SoSysec
Where ML Security Is Broken and How to Fix It
Speaker : Maura Pintor (PRA Lab, University of Cagliari)
To understand the sensitivity under attacks and to develop defense mechanisms, machine-learning model designers craft worst-case adversarial perturbations with gradient-descent optimization algorithms against the model under evaluation. However, many of the proposed defenses have been shown to provide a false sense of robustness due to failures of the attacks, rather than actual improvements in[…] -
-
-
Seminar
-
SoSysec
Squirrel: a new approach to computer-assisted proofs of protocols in the computational model.
Speaker : David Baelde (ENS Cachan)
Formal methods have brought several approaches for proving that security protocols ensure the expected security and privacy properties. Most of the resulting tools analyze protocols in symbolic models, aka. Dolev-Yao-style models. Security in the symbolic model does not imply security in the cryptographer’s standard model, the computational model, where attackers are arbitrary (PPTIME) Turing[…] -
-
-
Seminar
-
SoSysec
Private Set Intersection and Other Private Information Sharing Protocols
Speaker : Xavier Carpent (University of Nottingham)
In this seminar, we will give an overview of Private Set Intersection (PSI), some of its constructions, use cases, and open research questions. The canonical PSI protocol allows Alice and Bob (both with their own set of elements) to interact in a way that Alice learns the intersection of the sets and nothing else. Numerous variants exist:cardinality of intersection only (how many elements in[…] -