Abstract Security architectures such as Intel SGX need protection against rollback attacks, where the adversary violates the integrity of a protected application state by replaying old persistently stored data or by starting multiple instances of the same application. Successful rollback attacks would have serious consequences on applications such as financial services. In this paper, we
Abstract The Trusted Platform Module (TPM) is an international standard for a security chip that can be used for instance of the management of cryptographic keys and for remote attestation. The specification of the most recent TPM 2.0 interfaces for direct anonymous attestation unfortunately has a number of severe shortcomings. First of all, they do
Abstract: In recent years, encrypted databases have emerged as a promising direction that provides data confidentiality without sacrificing functionality: queries are executed on encrypted data. However, existing practical proposals rely on a set of weak encryption schemes that have been shown to leak sensitive data. In this talk, I will present a new system Arx,
Abstract: Micropayments are payments that are worth a few pennies. A challenge in achieving them is that payment networks charge fees that are high compared to “micro” sums of money. Wheeler (1996) and Rivest (1997) proposed probabilistic payments as a technique to achieve micropayments: a merchant receives a macro-value payment with a given probability so
Abstract Telephones remain a trusted platform for bootstrapping and conducting some of our most sensitive exchanges. From banking to taxes, wide swathes of industry and government rely on telephony as a secure fall-back when attempting to confirm the veracity of a transaction. In spite of this, authentication is poorly managed between disparate telephony systems, and
Abstract In an ideal Internet, every packet would be attributable to its sender, while host identities and transmitted content would remain private. Designing such a network is challenging be- cause source accountability and communication privacy are typically viewed as conflicting properties. In this paper, we propose an architecture that guarantees source accountability and privacy-preserving communication
Abstract In this talk, I will present a stepwise refinement framework for developing security protocols that are secure-by-construction. It is based on our previously proposed refinement strategy, which transforms abstract security goals into protocols that are secure when operating over an insecure channel controlled by a Dolev-Yao-style adversary. As intermediate levels of abstraction, we employ
Abstract Consensus algorithms are fundamental building blocks for fault-tolerant distributed systems and their correctness is critical. However, there are currently no fully-automated methods for their verification. The main difficulty is that the algorithms are parameterized: they should work for any given number of processes. We provide an expressive language for consensus algorithms and give cutoff
Abstract We show that the new hover (floating touch) technology, available in a number of today’s smartphone models, can be abused by any Android application running with a common SYSTEM_ALERT_WINDOW permission to record all touchscreen input into other applications. Leveraging this attack, a malicious application running on the system is therefore able to profile user’s
Abstract Eye tracking devices are becoming increasingly popular as an interface between people and consumer-grade electronic devices. Due to the fact that human eye movements are fast, responsive, and carry information unique to an individual, analyzing a person’s gaze is particularly attractive for effortless biometric authentication. We demonstrate that the distinguishing power of eye movement biometrics can be used to