Filtrer par type de contenu
Sélectionnez un ou plusieurs filtres. Ce choix permettra de recharger la page pour afficher les résultats filtrés.
687 résultats
-
-
Séminaire
-
SoSysec
Breaking and fixing HB+DB: A Short Tale of Provable vs Experimental Security and Lightweight Designs
Orateur : Ioana Boureanu (University of Surrey)
HB+ is a well-know authentication scheme purposely designed to be lightweight. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. To this end, at WiSec2015, the HB+DB protocol added a distance-bounding dimension to HB+, which was experimentally shown to counteract the GRS attack.In this talk, we will exhibit however a number of security flaws in the HB+DB[…] -
-
-
Séminaire
-
SoSysec
Voting : You Can’t Have Privacy without Individual Verifiability
Orateur : Joseph Lallemand (Loria)
Electronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability […] -
-
-
Séminaire
-
SoSysec
Port Contention Goes Portable: Port Contention Side Channels in Web Browsers
Orateur : Thomas Rokicki (Univ Rennes, CNRS, IRISA)
Microarchitectural side-channel attacks can derive secrets from the execution of vulnerable programs. Their implementation in web browsers represents a considerable extension of their attack surface, as a user simply browsing a malicious website, or even a malicious third-party advertisement in a benign cross-origin isolated website, can be a victim.In this talk, we present the first CPU port[…] -
-
-
Séminaire
-
SoSysec
The PINED-RQ Family: Differentially Private Indexes for Range Query Processing in Clouds
Orateur : Tristan Allard (IRISA, Université de Rennes 1)
Performing non- aggregate range queries on cloud stored data, while achieving both privacy and efficiency is a challenging problem. With the PINED-RQ family of techniques, we propose constructing a differentially private index to an outsourced encrypted dataset. Efficiency is enabled by using a cleartext index structure to perform range queries. Security relies on both differential privacy (of the[…] -
-
-
Séminaire
-
SoSysec
Differentially Private Linear Sketches: Efficient Implementations and Applications
Orateur : Fuheng Zhao (University of California Santa Barbara)
Linear sketches have been widely adopted to process fast data streams, and they can be used to accurately answer frequency estimation, approximate top K items, and summarize data distributions. When data are sensitive, it is desirable to provide privacy guarantees for linear sketches to preserve private information while delivering useful results with theoretical bounds. To address these[…] -
-
-
Séminaire
-
SoSysec
Security and privacy in personal data management systems
Orateur : Nicolas Anciaux (INRIA)
Personal Data Management Systems (called PDMS) provide individuals with a hardware and/or software solution to manage their data under control. From a data management and security/privacy perspective, the issues involved are complex and differ significantly from the traditional database setting. The emergence of trusted execution environments (such as Intel SGX) could be a game changer. This[…] -