LIAM: An Architectural Framework for Decentralized IoT Networks

Abstract: Today’s IoT deployments commonly resemble walled gardens: they are closed ecosystems in which manufacturers maintain significant control over devices after they have been deployed. This is typically the result of a centralized design approach where devices heavily rely on a monolithic, vendoroperated cloud service. We propose a distributed architecture that liberates these devices—and their

DECO: Liberating Web Data Using Decentralized Oracles for TLS

Abstract: Thanks to the widespread deployment of TLS, users can accessprivate data over channels with end-to-end confidentiality andintegrity. What they cannot do, however, is prove to third parties theprovenance of such data, i.e., that it genuinely came from aparticular website. Existing approaches either introduce undesirabletrust assumptions or require server-side modifications.As a result, the value of

Taming Complexity of Messaging to understand its Security

Abstract: Modern messaging protocols are highly complex as they are composed of multiple different cryptographic primitives. In order to understand the underlying security requirements, security guarantees, and mechanisms, this talk disassembles messaging into its components. The main focus will be ratcheting as a modern building block that provides security even if secrets from the communicating

On asynchronous proactive threshold cryptosystems and BFT consensus scalability.

Abstract: The first part of this talk introduces PROTECT, a Platform for Robust Threshold Cryptography. The design of Threshold and Proactive cryptographic systems has received attention in recently due to the rise of cloud services, blockchain and crypto-currency technologies. However the bulk of literature in the threshold cryptography area assumes synchronous networks. The goal in

ProximiTEE: Hardened SGX Attestation Using an Embedded Device and Proximity Verification

Abstract: Intel SGX enables protected enclaves on untrusted computing platforms. An important part of SGX is its remote attestation mechanism that allows a remote verifier to check that an enclave was correctly constructed before provisioning secrets to it. However, SGX attestation is vulnerable to relay attacks where the attacker, such as malicious OS, redirects the

Protecting encrypted data against key exposure

Abstract: Hardening data protection using multiple methods rather than solely encryption is of paramount importance when considering continuous and powerful attacks to spy private and confidential information. Our research focuses on reinforcing data protection using a combination of data fragmentation, encryption, and dispersion. Each operation participates in the increasing of the protection level. We aim