Abstract: We have been working to discover IoT devices with security risks and to deliver security notifications to their owners. Our activities include discovering remote management devices used in critical infrastructure and notifying their operators; investigating IoT devices deployed within university networks and issuing notifications to administrators; and offering a security diagnostic service for consumer
Abstract: On August 1, 2025, new cybersecurity requirements under the EU’s Radio Equipment Directive (RED) came into force. While the RED marks the first binding security obligations for a broad range of products, it is best understood as a stepping stone toward the EU’s more ambitious Cyber Resilience Act (CRA). Together, these initiatives signal a
Abstract: Awareness is growing that the statistical analysis of personal data, such as individuals’ mobility, financial, and health data, could be of significant benefit to society. However, liberal societies have refrained from such analytics, arguably due to the lack of trusted analytics platforms that scale to billions of records while reliably preventing the leakage and
Abstract: We propose efficient, post-quantum threshold ring signatures constructed from one-wayness of AES encryption and the VOLE-in-the-Head zero-knowledge proof system. Our scheme scales efficiently to large rings and extends the ring signatures paradigm. We define and construct key-binding deterministic tags for signature linkability, that also enable succinct aggregation with approximate lower bound arguments of knowledge;
Abstract: The talk covers the security and privacy of FIDO2, a standard and pervasive authentication technology. We focus on CTAP, an application layer protocol used during second-factor or single-factor authentication by a FIDO2 Authenticator and a FIDO2 Client, like a Yubikey USB/NFC dongle and a laptop. We uncover two new attack classes on CTAP called
Abstract: Olvid is a French messaging app with over 200,000 users, including high-risk users such as members of the French government. Despite bold claims positioning Olvid as the most secure messenger in the world and its important user base, limited independent analysis has been conducted on its security. Here we present our work, which takes
Abstract: Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on synchronization primitives such as mutexes, spinlocks, etc. In this paper, we present GhostRace, the first security analysis of these primitives on speculatively executed
Abstract: You’ve probably already heard the story: we got contracted to analyze a bunch of trains breaking down after being serviced by third-party workshops. We reverse engineered them and found code which simulated failures when they detected servicing attempts. We presented our findings at 37C3 and then an update of the story at 38C3. This
Abstract: TEE implementations on RISC-V offer an enclave abstraction by introducing a trusted component called the security monitor (SM). The SM performs critical tasks such as isolating enclaves from each other as well as from the OS by using privileged ISA instructions that enforce the physical memory protection. However, the SM executes at the highest
Abstract: The security landscape of satellite systems has undergone a significant transformation in recent decades. With thousands of satellites launched annually, space-based infrastructure has become increasingly critical for communication, observation, and scientific measurement. However, this growth has also been accompanied by a decrease in the barrier to entry for attacks, driven by the widespread availability