Abstract: A central element of designing IT security infrastructures is the logical segmentation of information assets into network zones sharing the same security requirements and policies. As more business ecosystems are migrated to the cloud, additional demands for cybersecurity emerge and make the network-zone operation and management for large corporate networks challenging. In this talk,
Abstract: For many cryptographic proofs and arguments, the burden of proof is on the prover. Computing proofs for large statements is a bottleneck, despite the fact that we know how to produce amazingly succinct proofs with incredibly fast verification times. Very few works can claim prover algorithms which are truly asymptotically optimal, so that the
Abstract: This talk presents our research into the security of programmable smartcards, which are widely used devices that implement a wide range of cryptosystems, yet are mostly black-box with hardly any public information about their workings. By the end of the talk, you will learn – How we find vulnerabilities in smartcards using our open-source tools, even though
Abstract: After a plethora of high-profile Rowhammer attacks, CPU and DRAM vendors scrambled to deliver what was meant to be the definitive hardware solution against the Rowhammer problem: Target Row Refresh (TRR). A common belief among practitioners is that, for the latest generation of DDR4 systems that are protected by TRR, Rowhammer is no longer an issue in practice. During
Abstract: The security and architecture communities will remember 2018 as the year of side channels. Starting from Spectre and Meltdown, time and again we have seen how basic performance-improving features can be exploited to violate fundamental hardware security guarantees. In this talk, I will survey a line of work on speculative execution attacks, showing how
Abstract: Software systems are ever-growing in size and complexity while being rife with vulnerabilities. Patches and defenses are continuously deployed, but the software attack surface is extremely large and attackers invariably find ways to gain a persistent foothold. An effective way to end the arms race between vulnerabilities and defense tools is by isolating the
Abstract: Security and safety-critical remote applications such as e-voting, online banking, industrial control systems and medical devices rely upon user interaction that is typically performed through web applications. Trusted path to such remote systems is critical in the presence of an attacker that controls the user’s computer. Such an attacker can observe and modify any
Abstract: Permissionless blockchains offer many advantagesbut also have significant limitations including high latency. Thisprevents their use in important scenarios such as retail payments,where merchants should approve payments fast. Prior works haveattempted to mitigate this problem by moving transactions off thechain. However, such Layer-2 solutions have their own problems:payment channels require a separate deposit towards eachmerchant
Abstract: We present the first protocols for private information retrieval that allow fast (sublinear-time) database lookups without increasing the server-side storage requirements. To achieve these efficiency goals, our protocols work in an offline/online model. In an offline phase, which takes place before the client has decided which database bit it wants to read, the client
Abstract: Many mobile and wearable devices interact with their environment, with other devices, and with human users – and yet most of their communications occur invisibly via wireless networks. How can users express their intent about which devices should communicate – especially in situations when those devices have never encountered each other before? These devices