Seminar & Events

Upcoming events

Additionally check the list of SRM/APSIA/LACS seminars here  

Past events

CryptoLux/LACS PhD Days - April 18

Power Analysis of Threefish and Countermeasures - Jean-Francois Gallais

Threefish is a tweakable block cipher derived from the Skein hash function, which was submitted to NIST's SHA-3 competition and reached the last round of the selection. It solely relies on ARX instructions for fast and constant-time execution of the routine. The aim of this work is threefold: (1) to devise and experiment specific power analysis methods for the modular addition; (2) to study and compare the side-channel resistance of the cipher through power analysis of the modular addition; (3) to circumvent the weaknesses observed by putting forward a first-order DPA resistant implementation.

TorScan: Tracing Long-lived Connections and Differential Scanning Attacks - Ivan Pustogarov

Tor is a widely used anonymity network providing low-latency communication capabilities. Around 400,000 users per day use Tor to route TCP traffic through a sequence of relays; three hops are selected from a pool of currently almost 3000 volunteer-operated Tor relays to comprise a route through the network for a limited time. In comparison to single- hop proxies, forwarding TCP streams through multiple relays increases the anonymity of the users significantly: each hop along the route only knows its successor and predecessor.

The anonymity provided by Tor heavily relies on the hardness of linking a user's entry and exit nodes. If an attacker gains access to the topological information about the Tor network instead of having to consider the network as a fully connected graph, this anonymity may be reduced. In fact, we have found ways to probe the connectivity of a Tor relay. We demonstrate how the resulting leakage of the Tor network topology can be used and present attacks to trace back a user from an exit relay to a small set of potential entry nodes. 

A Practical Leakage-Resilient Signature Scheme in the Generic Group Model - Srinivas Vivek

We propose a leakage-resilient signature scheme in the Only Computation Leaks Information model that is based on a well-known identity-based encryption scheme by Boneh and Boyen (Eurocrypt 2004). The proposed signature scheme is the most efficient among the existing leakage-resilient proposals in the continual leakage model. Its efficiency matches that of most non leakage-resilient pairing-based signature schemes. It tolerates leakage of almost half of the bits of the secret key at every new signature invocation. We prove the security of the new scheme in the generic bilinear group model.

CryptoLux/LACS PhD Days March 28

On the Public Indifferentiability and Correlation Intractability of the 6-Round Feistel Construction - Avradip Mandal

We show that the Feistel construction with six rounds and random round functions is publicly indifferentiable from a random invertible permutation (a result that is not known to hold for full indifferentiability). Public indifferentiability pub-indifferentiability for short) is a variant of indifferentiability introduced by Yoneyama et al. and Dodis et al. where the simulator knows all queries made by the distinguisher to the primitive it tries to simulate, and is useful to argue the security of cryptosystems where all the queries to the ideal primitive are public (as e.g. in many digital signature schemes). To prove the result, we introduce a new and simpler variant of indifferentiability, that we call sequential indifferentiability seq-indifferentiability for short) and show that this notion is in fact equivalent to pub-indifferentiability for stateless ideal primitives. We then prove that the 6-round Feistel construction is seq-indifferentiable from a random invertible permutation. We also observe that sequential indifferentiability implies correlation intractability, so that the Feistel construction with six rounds and random round functions yields a correlation intractable invertible permutation, a notion we define analogously to correlation intractable functions introduced by Canetti et al.

Conversion of Security Proofs from One Model to Another: A New Issue - Praveen Kumar Vadnala

To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as possible. Nowadays, security proofs for masking schemes in the literature are usually conducted for models where only the manipulated data are assumed to leak. However in practice, the leakage is better modeled encompassing the memory transitions as e.g. the Hamming distance model. From this observation, a natural question is to decide at which extent a countermeasure proved to be secure in the first model stays secure in the second. In this paper, we look at this issue and we show that it must definitely be taken into account. Indeed, we show that a countermeasure proved to be secure against second-order side-channel attacks in the first model becomes vulnerable against a first-order side-channel attack in the second model. Our result emphasize the issue of porting an implementation from devices leaking only on the manipulated data to devices leaking on the memory transitions. Joint work with: Jean-Sebastien Coron, Christophe Giraud, Emmanuel Prouff, Soline Renner, Matthieu Rivain

Censorship and Tor network     

2:15pm Friday February 10 2012, Campus Kirchberg, Main building room B02, LACS/SnT seminar held by Jacob Applebaum, University of Washington Security and Privacy lab 

Are you interested in how governments and corporations attempt to censor access to the Tor network? Wonder what protocol fingerprints are actually used as protocol distinguishers? This talk will cover some real world examples that the Tor network faces and it will discuss deployed solutions; hopefully we'll have lots of room for discussion for future development.

Jacob Appelbaum (  http://en.wikipedia.org/wiki/Jacob_Appelbaum ) is a renowned independent internet security professional, accomplished photographer, software hacker and world traveller. A developer for The Tor Project, Appelbaum trains interested parties globally on how to effectively use and contribute to the Tor network. Since its initial release, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity. Its network has proved pivotal in dissident movements in both Iran and more recently Egypt.

A driving force in the team behind the creation of the Cold Boot Attacks, Appelbaum won both the Pwnie for Most Innovative Research award and the Usenix Security best student paper award in 2008. Additionally, he was part of the MD5 Collisions Inc. team that created a rogue CA certificate by using a cluster of 200 PlayStations funded by the Swiss taxpayers. The "MD5 considered harmful today" research was awarded the best paper award at CRYPTO 2009.

He is also a staff research scientist at the University of Washington Security and Privacy lab. Appelbaum is also a founding member of the hacklab Noisebridge in San Francisco where he indulges his interests in magnetics, cryptography and consensus based governance.