Filtrer par type de contenu
Sélectionnez un ou plusieurs filtres. Ce choix permettra de recharger la page pour afficher les résultats filtrés.
634 résultats
-
-
Séminaire
-
SoSysec
Automated verification of privacy-type properties for security protocols
Orateur : Ivan Gazeau (LORIA, Inria Nancy)
The applied pi-calculus is a powerful framework to model protocols and to define security properties. In this symbolic model, it is possible to verify automatically complex security properties such as strong secrecy, anonymity and unlinkability properties which are based on equivalence of processes.In this talk, we will see an overview of a verification method used by a tool, Akiss. The tool is[…] -
-
-
Séminaire
-
SoSysec
A Compositional and Complete approach to Verifying Privacy Properties using the Applied Pi-calculus
Orateur : Ross Horne (University of Luxembourg)
The pi-calculus was introduced for verifying cryptographic protocols by Abadi and Fournet in 2001. They proposed an equivalence technique, called bisimilarity, useful for verify privacy properties. It is widely acknowledged (cf. Paige and Tarjan 1987), that bisimilarity is more efficient to check than trace equivalence; however, surprisingly, tools based on the applied pi-calculus typically still[…] -
-
-
Séminaire
-
SoSysec
How to decrypt without keys with GlobalPlatform SCP02 protocol
Orateur : par Loic Ferreira (Orange Labs, IRISA)
The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…] -
-
-
Séminaire
-
SoSysec
Where ML Security Is Broken and How to Fix It
Orateur : Maura Pintor (PRA Lab, University of Cagliari)
To understand the sensitivity under attacks and to develop defense mechanisms, machine-learning model designers craft worst-case adversarial perturbations with gradient-descent optimization algorithms against the model under evaluation. However, many of the proposed defenses have been shown to provide a false sense of robustness due to failures of the attacks, rather than actual improvements in[…] -
-
-
Séminaire
-
SoSysec
Browser fingerprinting: past, present and possible future
Orateur : Pierre Laperdrix (CRIStAL)
Browser fingerprinting has grown a lot since its debut in 2010. By collecting specific information in the browser, one can learn a lot about a device and its configuration. It has been shown in previous studies that it can even be used to track users online, bypassing current tracking methods like cookies. In this presentation, we will look at how this technique works and present an overview of[…] -
-
-
Séminaire
-
SoSysec
Intrusion Detection Systems over an Encrypted Traffic: Problem and Solutions
Orateur : Sébastien Canard (Orange)
Privacy and data confidentiality are today at the heart of many discussions. But such data protection should not be done at the detriment of other security aspects. In the context of network traffic, intrusion detection system becomes in particular totally blind when the traffic is encrypted, making clients again vulnerable to known threats and attacks. Reconciling security and privacy is then one[…] -