61 résultats

  • How to decrypt without keys with GlobalPlatform SCP02 protocol

    • 06 juillet 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : par Loic Ferreira (Orange Labs, IRISA)

    The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…]

  • A theory of assertions for Dolev-Yao models

    • 08 juin 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : Vaishnavi Sundararajan (Chennai Mathematical Institute, India)

    We undertake an abstract study of certification in security protocols, concentrating on the logical properties and derivability of certificates. Specifically, we extend the Dolev-Yao model with a new class of objects called ‘assertions’, along with an associated algebra for deriving new assertions from old ones. We obtain complexity results for the derivability problem and active intruder problem[…]

  • Anonymous Server-Aided Verification

    • 30 mars 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : par Elena Pagnin (Chalmers University of Technology, Sweden)

    Server-Aided Verification (SAV) is a method that can be employed to speed up the process of verifying signatures by letting the verifier outsource part of its computation load to a third party. Achieving fast and reliable verification under the presence of an untrusted server is an attractive goal in cloud computing and internet of things scenarios.In this talk I will describe a simple and[…]

  • Automated verification of privacy-type properties for security protocols

    • 16 mars 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : Ivan Gazeau (LORIA, Inria Nancy)

    The applied pi-calculus is a powerful framework to model protocols and to define security properties. In this symbolic model, it is possible to verify automatically complex security properties such as strong secrecy, anonymity and unlinkability properties which are based on equivalence of processes.In this talk, we will see an overview of a verification method used by a tool, Akiss. The tool is[…]

  • The Internet of Backdoors

    • 07 mars 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : par Sam L. Thomas (University of Birmingham, UK)

    Complex embedded devices are becoming ever prevalent in our everyday lives, yet only a tiny amount of people consider the potential security and privacy implications of attaching such devices to our home, business and government networks. As demonstrated through recent publications from academia and blog posts from numerous industry figures, these devices are plagued by poor design choices[…]

  • When Good Components Go Bad: Formally Secure CompilationDespite Dynamic Compromise

    • 05 février 2018

    • Inria Center of the University of Rennes - - Petri/Turing room

    Orateur : Catalin Hritcu (Inria Paris)

    We propose a new formal criterion for secure compilation, providing strong end-to-end security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others until it becomes[…]
Haut de page