Abstract: Thanks to the widespread deployment of TLS, users can accessprivate data over channels with end-to-end confidentiality andintegrity. What they cannot do, however, is prove to third parties theprovenance of such data, i.e., that it genuinely came from aparticular website. Existing approaches either introduce undesirabletrust assumptions or require server-side modifications.As a result, the value of
Abstract: Since early 2018, with Spectre and Meltdown, a novel attack surface concerning speculative execution was discovered and successfully exploited. These new attacks are able to break privilege boundaries and leak sensitive data. New attacks and variants were presented ever since, but I believe much of the attack surface is still unexplored due to the
Abstract: Modern messaging protocols are highly complex as they are composed of multiple different cryptographic primitives. In order to understand the underlying security requirements, security guarantees, and mechanisms, this talk disassembles messaging into its components. The main focus will be ratcheting as a modern building block that provides security even if secrets from the communicating
Abstract: The past five years have seen thousands of academic papers devoted to the study of adversarial examples in machine learning. Yet, despite countless proposed defenses, robustness remains evasive even for the simplest toy threat models. I’ll discuss recent work that shows how defenses degrade when extended to multiple perturbation types, and how models can
Abstract: Firewalls are a fundamental tool for managing and protecting computer networks.They not only permit specifying which packets are allowed to enter a network, but also how these packets are modified by translating IP addresses and performing port redirection.Configuring a firewall is notoriously hard.Equally difficult are policy maintenance and refactoring, as well as porting a
Abstract: The first part of this talk introduces PROTECT, a Platform for Robust Threshold Cryptography. The design of Threshold and Proactive cryptographic systems has received attention in recently due to the rise of cloud services, blockchain and crypto-currency technologies. However the bulk of literature in the threshold cryptography area assumes synchronous networks. The goal in
Abstract: Intel SGX enables protected enclaves on untrusted computing platforms. An important part of SGX is its remote attestation mechanism that allows a remote verifier to check that an enclave was correctly constructed before provisioning secrets to it. However, SGX attestation is vulnerable to relay attacks where the attacker, such as malicious OS, redirects the
Abstract: Hardening data protection using multiple methods rather than solely encryption is of paramount importance when considering continuous and powerful attacks to spy private and confidential information. Our research focuses on reinforcing data protection using a combination of data fragmentation, encryption, and dispersion. Each operation participates in the increasing of the protection level. We aim
Abstract: In this talk we will share experiences in building user-facing privacy tools at Google. We will walk you through the process and challenges of redesigning the Incognito mode in Chrome that many of you will be familiar with. We will debunk a few myths on how users allow and deny Android permissions. Finally, we
Abstract: Blockchains have received considerable attention both in academia and industry. Much of this work has focused on how to improve blockchains themselves either in terms of performance, features, or theoretical underpinnings. This talk will focus on a different question: what can blockchains do for computer security and cryptography? It will cover blockchains as a