656 résultats

  • Generic Attack on Duplex-Bases AEAD Modes using Random Function Statistics

    • 22 septembre 2023

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Rachelle Heim Boissier - Inria

    Duplex-based authenticated encryption modes with a sufficiently large key length are proven to be secure up to the birthday bound 2^(c/2), where c is the capacity. However this bound is not known to be tight and the complexity of the best known generic attack, which is based on multicollisions, is much larger: it reaches 2^c/α where α represents a small security loss factor. There is thus an[…]

  • Modélisation statistique et sécurité des générateurs d'aléa pour la cryptographie

    • 08 avril 2023 (11:00 - 12:00)

    • À l'IRISA, campus de Beaulieu, Rennes

    Orateur : David Lubicz - DGA, IRMAR

    Dans cet exposé on essaie d'expliquer ce que l'on entend pas méthodes statistiques et on donne des exemples concrets d'application dans la cybersécurité.

    • Cryptography

  • Analyse statistique des extrêmes pour la modélisation d'évènements rares ou atypiques

    • 08 avril 2023 (10:00 - 11:00)

    • À l'IRISA, campus de Beaulieu, Rennes

    Orateur : Gilles Stupfler - ENSAI

  • Where ML Security Is Broken and How to Fix It

    • 03 février 2023

    • Inria Center of the University of Rennes - - Room TBD

    Orateur : Maura Pintor (PRA Lab, University of Cagliari)

    To understand the sensitivity under attacks and to develop defense mechanisms, machine-learning model designers craft worst-case adversarial perturbations with gradient-descent optimization algorithms against the model under evaluation. However, many of the proposed defenses have been shown to provide a false sense of robustness due to failures of the attacks, rather than actual improvements in[…]

  • DroidGuard: A Deep Dive into SafetyNet

    • 06 janvier 2023

    • Inria Center of the University of Rennes - - Room TBD

    Orateur : Romain Thomas (Quarkslab)

    SafetyNet is the Android component developed by Google to verify the devices’ integrity. These checks are used by the developers to prevent running applications on devices that would not meet security requirements but it is also used by Google to prevent bots, fraud and abuse.In 2017, Collin Mulliner & John Kozyrakis made one of the first public presentations about SafetyNet and a glimpse into the[…]

  • Not so AdHoc testing: formal methods in the standardization of the EDHOC protocol

    • 16 décembre 2022

    • Inria Center of the University of Rennes - - Room TBD

    Orateur : Charlie Jacomme (Inria Paris)

    We believe that formal methods in security should be leveraged in all the standardisation’s of security protocols in order to strengthen their guarantees. To be effective, such analyses should be:* maintainable: the security analysis should be performed on every step of the way, i.e. each iteration of the draft;* pessimistic: all possible threat models, notably all sort of compromise should be[…]
Haut de page