An international research team whose members include ETH Zurich Assistant Professor Shweta Shinde has revealed a vulnerability in the security architecture of Intel processors. A few years ago, Intel, the world’s leading supplier of PC microprocessors, introduced an improvement that promised greater data security: Software Guard Extensions (SGX). These are hardware-based control mechanisms that ensure
Prof. David Basin, Dr. Ralf Sasse and Dr. Jorge Toro-Pozo received the Best Practical Paper Award at the 2021 edition of the IEEE Symposium on Security and Privacy for their work on novel attacks against the EMV standard. Their paper “The EMV Standard: Break, Fix, Verify” discusses vulnerabilities on payment protocols used widely by some
EMV is the global standard for payment with credit cards and used in over 9 billion payment cards worldwide. Most EMV transactions require online authorization by the card issuer. Namely, the merchant’s payment terminal sends an authorization request from its acquirer bank to the card issuer over a payment network, typically operated by the company
The growing cyber threats are shaking the foundations of Internet-based services that have become essential in today’s society, culture, economy, and politics. In particular, in the field of financial services, which is witnessing a rapid migration from offline to online, secure and reliable communication is a key consideration. The Network Security Group (Prof. Adrian Perrig),
Researchers from the Applied Cryptography Group at ETH Zürich are part of a team who recently published a research paper investigating the security of Telegram, a popular “messaging app with a focus on security and speed”, claiming to offer “heavily encrypted” messaging (citing https://telegram.org, visited on 02.08.2021). Contrary to other messaging apps such as Signal
With today’s widespread Internet usage, the total electricity consumption of its infrastructure (networks and data centres, but not consumer devices) is significant, namely around 500 TWh per year or 2.5% of worldwide electricity consumption. Moreover, as Internet traffic volume is steadily growing, this energy consumption could experience an eight-fold increase by 2030. Since electricity production
Network zoning has long been recognized as the cornerstone of secure network operation and management, which logically partitions network and information assets into disjoint segments depending on their security requirements and policies. Today, most enterprise networks have built a multi-layered hierarchy realized with thousands of network zones to minimize the attack surface and protect assets
The formal verification of entire software systems is one of the grand challenges of computer science. Recently, researchers from Prof. David Basin’s and Prof. Peter Müller’s groups have made significant progress on this challenge. In a paper at this year’s Object-Oriented Programming, Systems, Languages & Applications conference (OOPSLA’20), they propose a new approach, dubbed Igloo,
We are very happy to welcome Shweta Shinde in the Department of Computer Science at ETH Zurich in October 2020 as Tenure Track Assistant Professor of Computer Science. Get to know her in this short interview. Professor Shinde, welcome to ETH Zurich! What are your current research interests? I work broadly in computer security and
Prof. Ueli Maurer and his PhD student Fabio Banfi , both part of Information Security and Cryptography research group at the ETH Institute of Theoretical Computer Science published a very interesting paper that was presented at this year’s Conference on Security and Cryptography for Networks (SCN 2020). It deals with the anonymity of probabilistic encryption (pE) and probabilistic authenticated encryption