Filtrer par type de contenu
Sélectionnez un ou plusieurs filtres. Ce choix permettra de recharger la page pour afficher les résultats filtrés.
667 résultats
-
-
Séminaire
-
SoSysec
How to decrypt without keys with GlobalPlatform SCP02 protocol
Orateur : par Loic Ferreira (Orange Labs, IRISA)
The GlobalPlatform SCP02 protocol is a security protocol implemented in smart cards, and used by transport companies, in the banking world and by mobile network operators (UICC/SIM cards). We describe how to perform a padding oracle attack against SCP02. The attack allows an adversary to efficiently retrieve plaintext bytes from an encrypted data field. We provide results of our experiments done[…] -
-
-
Séminaire
-
SoSysec
Breaking and fixing HB+DB: A Short Tale of Provable vs Experimental Security and Lightweight Designs
Orateur : Ioana Boureanu (University of Surrey)
HB+ is a well-know authentication scheme purposely designed to be lightweight. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. To this end, at WiSec2015, the HB+DB protocol added a distance-bounding dimension to HB+, which was experimentally shown to counteract the GRS attack.In this talk, we will exhibit however a number of security flaws in the HB+DB[…] -
-
-
Séminaire
-
SoSysec
Voting : You Can’t Have Privacy without Individual Verifiability
Orateur : Joseph Lallemand (Loria)
Electronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability […] -
-
-
Séminaire
-
SoSysec
Binary Edwards Curves for intrinsically secure ECC implementations for the IoT
Orateur : Antoine Loiseau (CEA)
Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era, at present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this talk, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up[…] -
-
-
Séminaire
-
SoSysec
When Good Components Go Bad: Formally Secure CompilationDespite Dynamic Compromise
Orateur : Catalin Hritcu (Inria Paris)
We propose a new formal criterion for secure compilation, providing strong end-to-end security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others until it becomes[…] -
-
-
Séminaire
-
SoSysec
A Formal Analysis of 5G Authentication
Orateur : Sasa Radomirovic (University of Dundee)
Mobile communication networks connect much of the world’s population. The security of users’ calls, text messages, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose.In this talk, I will report on our formalization of the 5G standard’s AKA[…] -