Digital Confidence Seminar

(French version)

The aim of this seminar is to identify all academic and industrial actors working on digital confidence. It holds once per month one thrusday afternoon at Amphi B, IUT Campus des Cézeaux (map). All seminars are recorder and avaible on the WebTV of the Université d'Auvergne. On the WebTV it is possible to have acces to the seminar in Live It is alos possible to podcast all videos on the following site.

The organisation is managed by the following scientific commitee:
  • Pascal Lafourcade (LIMOS)
  • Michel Misson (LIMOS)
  • Alain Quilliot (LIMOS)
  • Frédèric BUY (FUDA)
  • Benoit Schoeffler (Almerys)
  • Philippe Saby (Caisse d'épargne)
Digital Trust

If you want to receive the emails concerning this seminar please send an email to Pascal Lafourcade ( 4th and 5th December 2014, 1st Symposium on Digital Trust in Auvergne

LIMOS UDA Clermont-Universite FUDA almerys cepal

Thursday 1st June 2017, 14h00, Amphi B IUT

Manik Lal Das, DA-IICT, Ganghinagar, India, Key Escrow free Identity-based Cryptosystem.

Slides Video
Manik Lal Das
Over the years, several identity-based cryptosystems using bilinear pairings have been proposed. Many schemes, based on bilinear pairings, suffer from key escrow problems and require a secure channel for private key issuance. In this talk, we will discuss on a binding-blinding technique, which can be used for solving the problem of key escrow in identity-based cryptosystem and can help in eliminating the requirement of secure channel for the private key issuance. DAICCT

Thursday 6th April 2017, 14h00, Amphi B IUT

Catalin Hritcu, Equipe INRIA PROSECCO, Efficient Formally Secure Compilers to a Tagged Architecture.

Catalin Hritcu
Severe low-level vulnerabilities abound in today's computer systems, allowing cyber-attackers to remotely gain full control. This happens in big part because our programming languages, compilers, and architectures were designed in an era of scarce hardware resources and too often trade off security for efficiency. The semantics of mainstream low-level languages like C is inherently insecure, and even for safer languages, establishing security with respect to a high-level semantics does not guarantee the absence of low-level attacks. Secure compilation using the coarse-grained protection mechanisms provided by mainstream hardware architectures would be too inefficient for most practical scenarios.
This talk will present a new 5 year project aimed at leveraging emerging hardware capabilities for fine-grained protection to build the first, efficient secure compilers for realistic low-level programming languages (the C language, and Low* a safe subset of C embedded in F* for verification). These compilers will provide a secure semantics for all programs and will ensure that high-level abstractions cannot be violated even when interacting with untrusted low-level code. To achieve this level of security without sacrificing efficiency, our secure compilers target a tagged architecture, which associates a metadata tag to each word and efficiently propagates and checks tags according to software-defined rules. We hope to experimentally evaluate and carefully optimize the efficiency of our secure compilers on realistic workloads and standard benchmark suites. We are also using use property-based testing and formal verification to provide high confidence that our compilers are indeed secure. Formally, we are constructing machine-checked proofs of fully abstract compilation and of a new property we call robust compilation, which implies the preservation of safety properties even against an adversarial context. These strong properties complement compiler correctness and ensure that no machine-code attacker can do more harm to securely compiled components than a component already could with respect to a secure source-level semantics.

Thursday 2nd February 2017, 14h00, Amphi B IUT

Vincent Cheval, LORIA, Equipe INRIA PESTO, Complexity of automatic verification of cryptographic protocols.

Slides Video
Vincent Cheval
Many security properties are naturally expressed in terms of indistinguishability. In symbolic protocol models the notion of indistinguishability can be expressed as trace equivalence in a cryptographic process calculus. Current automated verification tools are however limited even for a bounded number of sessions: they are either restricted to support only a particular set of cryptographic primitives, do not allow for protocols with else branches, or can only approximate trace equivalence, allowing for false attacks. Moreover, the complexity of these algorithms has never been studied. In this work, we study the complexity of deciding equivalence properties, for several classes of protocols and several equivalences. Loria

Thursday 1st December 2016, 14h00, Amphi B IUT

Ioana Boureanu Carlson, University of Surrey, Surrey Centre for Cyber Security (SCCS), UK, How (not) to use TLS between 3 parties

Slides Video
Ioana Boureanu
In this talk, we will explore the case of TLS between a client and a server, being mediated in particular way by a middle-man embodied by a CDN, i.e., a content delivery network. We specifically discuss the case of the so-called “Keyless SSL”, where the server retains its private key and the mediating CDN uses the server as proxy during the TLS handshake. We disclose vulnerabilities on this design and discuss different repairs. Throughout, we emphasise on what we believe to be the (old and reinforced, as well as the new) security requirements and model needed when lifting TLS from the classical 2-party setting to the 3-party one. Surrey SCCS Surrey University

Thursday 3rd November 2016, 14h00, Amphi B IUT

Jannik Dreier, Université de Lorraine, LORIA, Equipe PESTO, preuves automatiques pour l'équivalence observationnelle

Jannik Dreier
Les protocoles de sécurité sont la base des communications sécurisées sur internet. Il est bien connu que leur développement est difficile et sensible aux erreurs, et que les méthodes formelles peuvent améliorer leur qualité. Jusqu'à présent, leur outils étaient principalement concentrés sur les propriétés de trace, comme le secret faible et l'authentification. Récemment les propriétés d'équivalence observationnelle ont reçu de plus en plus d'attention car elles permettent d'exprimer des notions plus fortes du secret, l'anonymat, mais aussi des notions basées sur des jeux cryptographiques comme l'indistingabilité du chiffrement. En même temps, les outils existants pour la vérification de l'équivalence observationnelle sont limités: ils ne sont pas capable de gérer des protocoles avec état interne et un nombre de session non borné. Je présenterai une extension de Tamarin, basé sur la réécriture des multi-ensembles, capable de prouver l'équivalence observationnelle pour des protocoles avec état, un nombre non borné de sessions, et des théories équationnelles complexes comme l'exponentiation Diffie-Hellman. J’illustrerai son efficacité sur plusieurs études de cas. Loria Universite Lorraine

Thursday 6th Ocotber 2016, 14h00, Amphi B IUT

Benjamin Nguyen, INSA Centre Val de Loire, LIFO, Equipe Security and Distributed Systems, SQL/AA : Private and Scalable Execution of SQL Aggregates on a Secure Decentralized Architecture (to appear in ACM TODS'16)

Slides.ppt Video
Benjamin Nguyen
Current applications, from complex sensor systems (e.g. quantified self) to online e-markets acquire vast quantities of personal information which usually end-up on central servers where they are exposed to prying eyes. Conversely, decentralized architectures helping individuals keep full control of their data, complexify global treatments and queries, impeding the development of innovative services. In this presentation, we will show how to reconcile individual's privacy on one side and global benefits for the community and business perspectives on the other side. We promote the idea of pushing the security to secure hardware devices controlling the data at the place of their acquisition. Thanks to these tangible physical elements of trust, secure distributed querying protocols can reestablish the capacity to perform global computations, such as SQL aggregates, without revealing any sensitive information to central servers. In this presentation, we will show how to secure the execution of such queries in the presence of honest-but-curious and malicious attackers. We will also discuss how the resulting querying protocols can be integrated in a concrete decentralized architecture. Cost models and experiments on SQL/AA, our distributed prototype running on real tamper- resistant hardware, demonstrate that this approach can scale to nationwide applications. LIFO INSA Val de Loire

Jeudi 2 Juin 2016, 14h00, Amphi B IUT

Philippe Elbaz-Vincent, Université Grenoble Alpes, Institut Fourier, Problématique de l'évaluation des générateurs d'aléa pour la cryptographie.

Philippe Elbaz-Vincent
Les mécanismes cryptographiques font un usage intensif des nombres etdes bits aléatoires. Les défauts dans la qualité de cet aléa, pouvant être du a des erreurs d'implantations, sont souvent à l'origine de failles de sécurité dans les applications industrielles. Nous présenterons des travaux récents sur la conception et l'analyse des générateurs d'aléa, en particulier ceux basés sur des composants physiques. Nous discuterons l'évolution des standards en cours et l'impact des travaux actuels sur les futurs standards. UGA Institut Fourier

Thursday 2nd June 2016, 14h00, Amphi B IUT

Pascal Thoniel, NTX Research, Coding Tables: an alternative (breakthru) innovation to algorithmic cryptography

Pascal Thoniel
Whether symmetric or asymmetric, today's cryptography is algorithmic based. Cryptographic functions used to ensure confidentiality (encryption), authentication and digital signature are based upon algorithms (mathematical functions). Algorithmic cryptography is not only necessary but is also very powerfull. Therefore it will remain for a long time a key element to cybersecurity. However, algorithmic cryptography has some limitations in its usage. In these specific usecases, another way in cryptographic is possible: coding tables (codebooks) based on random generation of character sets. We will talk about codebooks history (during World War II) and its recent transformation (1996) for digital exchanges. We will study :
  • Creation of coding tables/codebooks
  • Their use to ensure strong user authentication (with challenge-response protocol)
  • Their use to make probabilistic encryption of session keys
  • leur utilisation pour assurer un chiffrement probabiliste des clés de session
  • Their deployment methods
Last, we will highlight the benefits brought by this new cryptographic way to cyber security, that could efficiently complement the algorithmic cryptography that we all know.
NTX Research

Thursday 12th May 2016, 14h00, Amphi B IUT

Emmanuel Fleury, Labri, Control-Flow Recovery through Binary Code Analysis

Slides Video
Emmanuel Fleury
Binary code analysis is required when you only have access to program's binary code, or when you do not trust the compile chain that you use. In the last two decades, this field has made big progress but, still, it remains confidential and most of the people will just consider it as classical program analysis. In fact, binary analysis induces a lot of practical and theoritical problems which are specific to binary code analysis.
I will present the context of binary analysis and develop the specific problems that are linked to this topic (dynamic jumps, loop unwinding, self-modifying code, ...). Then, I will introduce our intermediate representation (microcode) and explain our main algorithm to rebuild the control flow of a binary program.

David Hely, LCSI, Secure Test and Debug For Lifetime Security of SoCs

Slides Video
David Hely
Lifetime security of modern system on chip can be jeopardized by instruments dedicated to test and debug. On one hand, security objectives require that assets (third party IP, secure boot, DRM key…) remain confidential throughout the SoC life-cycle. On the other hand, the test circuitry and the SoC trace-based debug architecture expose values of internal signals that can leak the assets to third-parties. The inherent capability of test and debug instruments to observe the operating state of the SoC can be leveraged as a backdoor for attacks. In this talk, we show the different kinds of attacks which can be mounted based on these features through the whole SoC life cycle (from production to software application debug). We then present different countermeasures which aims at protecting assets belonging to the different stakeholders (IC designer, SoC integrator, Software developers…). Finally, we show how this circuitry dedicated to test and debug can be leverage on purpose during mission mode to offer security services to the software developers. LCIS

Thursday 7th April 2016, 14h00, Amphi B IUT

Olivier Levillain, ANSSI, Regards critiques sur SSL/TLS

Slides Video
Olivier Levillain
SSL/TLS est une des principales briques de sécurité utilisées sur Internet. Conçu initialement pour protéger les connexions HTTP et permettre les transactions bancaires sur Internet, le protocole est devenu en 20 ans la couche de sécurité universalle pour toute sorte de protocoles (POP, IMAP, SMTP, LDAP, etc.), pour la montée de VPN sécurisé ou pour gérer l'authentification WiFi (EAP TLS).
Depuis 2011, le monde SSL/TLS a été secoué par de nombreuses publications : des failles structurelles ont été découvertes, des attaques cryptographiques réputées inapplicables ont été implémentées, de nombreuses erreurs d'implémentations ont été publiées, et le modèle de confiance WebPKI a montré ses limites.
Dans cette présentation, je donnerai un aperçu de ces problèmes qui affectent SSL/TLS.

Vincent Nicomette, LAAS, L'analyse de vulnérabilités au travers de 2 études: les systèmes embarqués critiques, les équipements grand public connectés à Internet

Slides Video
Vincent Nicomette
La construction d'architectures sécurisées ne peut se faire que si l'on a une bonne connaissance des différentes vulnérabilités que peuvent contenir les systèmes informatiques. Or, ces systèmes ne sont plus aujourd'hui des simples PC de bureau classiques. L'informatique est partout et elle est notamment de plus en plus embarquée, dans les moyens de transport notamment mais aussi dans les objets connectés qui envahissent chaque jour d'avantage notre quotidien. Par ailleurs, l'utilisation massive du réseau Internet a facilité la propagation de logiciels malveillants, qui peuvent aujourd'hui cibler tous ces types d'équipements informatiques. Alors qu'il existe déjà des normes permettant d'évaluer la sécurité d'équipements informatiques "classiques", leur application aux équipements embarqués et aux objets connectés est encore limitée. La présence et la criticité des vulnérabilités qui peuvent affecter ces équipements sont encore mal connues car pas suffisamment étudiées. Cet exposé présente des travaux de recherche qui ont été menés au LAAS depuis plusieurs années sur le thème de l'analyse de vulnérabilités. Deux exemples seront présentés sur différents types d'équipements. La première étude présente une analyse de vulnérabilités d'un système embarqué critique avionique, réalisé dans la cadre d'une collaboration avec Airbus. La seconde étude concerne une analyse de vulnérabilités de deux types d'équipements connectés : les box ADSL et les téléviseurs connectés. Ces analyses ont été menées sur un panel d'équipements provenant des principaux fournisseurs d'accès à Internet et des principaux fabricants de téléviseurs, ce qui nous a permis de comparer les différents équipements présents sur le marché. Les vulnérabilités mises en évidence concernent en particulier les liens de communication (boucle locale pour les Box ADSL, interface DVB-T pour les Smarts TVs) reliant les équipements à leurs fournisseurs de service (FAI pour les Box ADSL, TV et VoD pour les Smart TVs). Ces liens sont habituellement considérés de confiance et sont à notre connaissance pas ou peu étudiés jusqu'alors. Cette étude a été réalisée dans le cadre d'une collaboration avec Thalès. LAAS

Thursday 3rd March 2016, 14h00, Amphi B IUT

Sébastien Bardin, CEA LIST, Symbolic Execution, from Software Testing to Security Analysis

Slides Video
Sebastien Bardin
Symbolic Execution is a recent and fruitful approach to automatic code-based test generation, having already detected many (acknowledged) bugs in several classes of software, such as drivers or media readers. The key idea behind Symbolic Execution is that, considering a path of the program under analysis, it is often possible to build a *path predicate* for that path, i.e. a formula whose solutions correspond exactly to the program input exercising that path at run time. Then, solving the path predicate yields input that effectively cover the path, and enumerating over all (bounded) paths allows for a systematic exploration of the program behaviors. This talk intends to give an overview of Symbolic Execution and of its applications to software testing and security. First, we will present the key ideas and algorithms behind the technique, as well as the current state of the art. Then, we will discuss the problem of using Symbolic Execution for generating test suites satisfying complex coverage criteria such as those found in software testing, introducing the Frama-C/LTest testing prototype for C programs. Finally, we will present a few applications of Symbolic Execution to binary-level security analysis, introducing the BINSEC/SE prototype. CEA LIST

Lilian Bossuet, Laboratoire Hubert Curien, CNRS UMR 5516, Université Jean Monnet, Saint-Etienne, La lutte contre le vol, la copie et la contrefaçon de circuits intégrés

Slides Video
Lilian Bossuet
L’industrie microélectronique fait face depuis quelques années à l’augmentation considérable des cas de contrefaçons, de vols et de copies illégales de circuits intégrés. Par exemple, le nombre de contrefaçons de circuits électroniques saisies par la douane américaine a été multiplié par 700 environ entre 2001 et 2011. De 2007 à 2010, elle a saisi 5.6 million de produits électroniques contrefaits. Globalement, l’estimation de la contrefaçon est de 7% du marché mondial des semi-conducteurs ce qui a représenté une perte de plus de 23 milliards de dollars en 2015 pour l’industrie légale et des dizaines de milliers d’emplois perdus. Au-delà des aspects économiques et sociaux, la contrefaçon de circuits intégrés pose un problème sérieux de confiance au niveau matériel notamment pour des domaines d’applications sensibles tels que les domaines militaire et aérospatiale. Il est donc stratégique pour l’industrie microélectronique de protéger la propriété intellectuelle des concepteurs de circuits intégrés. Dans ce contexte, cette présentation fera le point sur les travaux proposant des systèmes matériels salutaires pour lutter contre le vol, la copie illégale et la contrefaçon de circuits intégrés. Sous l’expression « système matériel salutaire » (« salutary hardware » ou salware en anglais) nous entendons un système matériel, difficilement détectable/contournable, inséré dans un circuit intégré et utilisé pour fournir de l’information de propriété intellectuelle (par exemple : marque de propriété ou licence d’utilisation) et/ou pour activer à distance le circuit après fabrication et durant l’usage. ANSSI Laboratoire Hubert Curien

Thursday 4th February 2016, 14h00, Amphi B IUT

Steve Kremer, Inria Nancy Grand-Est & Loria, Pesto team, Verification of cryptographic protocols : from authentication to privacy

Slides Video
Steve Kremer
Formal, symbolic techniques for modelling and automatically analyzing security protocols are extremely successful and were able to discover many security flaws. Initially, these techniques were mainly developed to analyze authentication and confidentiality properties. Both these properties are trace properties and efficient tools for their verification exist. In more recent years anonymity-like properties have received increasing interest. Many flavors of anonymity properties are naturally expressed in terms of indistinguishability and modeled as an observational equivalence in process calculi. We will present recent advances in the verification of such indistinguishability properties and illustrate their usefulness on examples from electronic voting. Inria LORIA

Mathieu CHARBOIS, Directeur d'agence Fidens, Consultant Sécurité, Assurer la cybersécurité de son organisation par la gestion des risques.

Slides Video
Jean Larroumets
« Toute bonne mesure de sécurisation doit être proportionnée au risque encouru ». « Toute démarche de cybersécurité doit être systématiquement précédée ou accompagnée d’une analyse des risques ».
La communauté de la cybersécurité française comme internationale s’accorde sur ces points. Cependant et malgré cette convergence de points de vue, encore peu d’organisations du secteur privé comme du public ont réussi à mettre en place une démarche réellement opérationnelle de cybersécurité qui soit fondée sur ces principes de gestion des risques et de leur arbitrage dans la durée.
Dans cette présentation, nous vous montrerons comment, avec un peu d’outillage et de méthode, il est possible de répondre aux vrais besoins de pilotage de la cybersécurité et comment il est possible d’impliquer la Direction Générale dans cette démarche de façon efficace et pragmatique.

Thursday 7th January 2016, 14h00, Amphi B IUT

Hervé Debar, Institut Mines-Télécom/Télécom SudParis, Vers une approche quantitative pour la réponse aux attaques

Slides Video
Herve Debar
Le domaine de la sécurité informatique s'est intéressé, depuis le début des années 80 et jusqu'à aujourd'hui, au problème de la détection des attaques informatiques, dite "détection d'intrusions". Le volume d'alertes généré par les sondes de détection d'intrusion a, au début des années 2000, nécessité la mise en place de plates-formes SIEM et ouvert le champ de la corrélation d'alertes. L'idée de la corrélation d'alertes était de regrouper les alertes entre elles et de les contextualiser pour permettre à un opérateur de sécurité de formuler un diagnostic et de réagir de manière pertinente. Il s'avère que ces mécanismes de corrélation sont aujourd'hui insuffisants pour assurer un traitement humain de tous les phénomènes d'attaques. Il devient donc nécessaire d'automatiser plus avant la réponse à certaines attaques. Dans cette présentation, nous aborderons le problème du choix de contres mesures en réponse à une détection (alerte levée par une sonde) en proposant un modèle quantitatif permettant de choisir une contre-mesure (ou un ensemble de) pour répondre à une combinaison d'attaques. Nous montrerons un cas d'usage sur l'exemple d'un système critique, un barrage produisant de l'électricité telecom sud paris

Barbara Kordy, IRISA INSA Rennes, Probabilistic Reasoning with Graphical Security Models

Slides Video
Barbara Kordy
Quantifying probabilistic aspects of attacks is an important issue in security analysis. Decisions on which defense mechanisms or countermeasures should be implemented are based on the probability of attacks. Furthermore, probabilities play an important role in the evaluation of risk-related measures that combine the frequency or the probability of an attack with its impact or costs. The work presented in this talk addresses the growing need of performing meaningful probabilistic analysis of security. We will first identify practical challenges in the domain and formulate the corresponding research questions. Then, we will present a framework that integrates the graphical security modeling technique of attack-defense trees with probabilistic information expressed in terms of Bayesian networks. We will discuss the algebraic theory underlying our framework and show how to improve the efficiency of probabilistic computations. INSA Rennes IRISA

Thursday 3rd December 2015, 14h00, Amphi B IUT

Jean-Guillaume Dumas Laboratoire Jean Kuntzman , Université Joseph Fourier, Comment vérifier les résultats de calculs externalisés ?

Video Slides
JG Dumas
Amazon Web services (à travers Elastic Compute Cloud), Google Compute Engine, ou encore IBM Platform Computing, fournissent des solutions de calcul haute performance décentralisées. L'idée est d'externaliser des calculs gourmands afin de limiter les coûts d'infrastructure. Toutefois aucune de ces plateformes n'offre de garantie sur le calcul effectué : pas de garantie que le résultat est correct, ni même que le calcul a bien été effectué. L'idée du calcul vérifiable est d'associer au résultat d'un calcul une structure de donnée qui permet à un algorithme de vérification de prouver la validité d'un résultat, plus rapidement que de recalculer ce résultat. Il est ainsi possible d'externaliser les calculs à un "cloud" et de vérifier a posteriori que les calculs ont bien été effectués, mais à un coût inférieur à celui du calcul lui-même. On parle ainsi de Prouveur (le serveur effectuant le calcul) et de Vérifieur. En théorie, Goldwasser, Kalair et Rothblum ont donné, dès 2008, une procédure générique permettant de vérifier tout calcul parallélisable, en temps quasi linéaire en la taille des entrées et du résultat. Toutefois le surcoût de calcul pour le Prouveur (et donc le surcoût financier pour le client), bien que seulement d'un facteur constant, n'en reste pas moins prohibitif en pratique. Différemment, nous montrons dans cet exposé que des procédures ad-hoc peuvent être définies pour des calculs en algèbre linéaire avec un surcoût financier négligeable. LJK UJF

Adrien Bécue R & T Coordinator Airbus Defence & Space CYBERSECURITY, Cyber-security of smart buildings : ambitions and results of ITEA FUSE-IT project.

A Becue
FUSE-IT (Facility Using Secure Energy and Information Technology) aims at developing a smart, safe and secure building management system for complex critical sites. This project coordinated by Airbus Defence & Space Cybersecurity was labelled in 2013 by ITEA2 and funded in France by DGE. The consortium groups 21 actors from research & industry background in energy, automation, ICT and security, from France (12), Portugal (4), Belgium (3) and Turkey (2). The project has started in October 2014 and will end in October 2017.

More and more buildings tackle the challenges of smarter energy management, enhanced automation and seamless connectivity. Facing environmental policies as much as cost-reduction objectives, building managers are asking for adequate solutions to monitor, control, command, optimize and predict energy-consumption. In the same time, new uses and state of the art technologies push for comfort upgrades; wireless connectivity, faster reconfiguration, and increased human safety. This trend toward smart building is enabled by the growing integration of Information Technology (IT) into Operational Technology (OT). Traditional automation systems have been traditionally thought secured by isolation and physical protection. Now, they are exposed to fast-growing cyber-threats, targeting their availability, integrity and confidentiality.
FUSE-IT intends to solve the dilemma between efficiency and security by developing a smart secure building management system involving the following innovative capabilities:
  • M1_Secured shared Sensors, Actuators & Devices
  • M2_Trusted federated Energy & Information networks
  • M3_Core Building data processing & analysis module
  • M4_Smart unified Building Management Interface
  • M5_Full Security Management Interface
It will be integrated, tested and demonstrated on 4 different pilot sites and a major professional event. Demonstration scenarios include trusted building micro-grid operation, detection and reaction to a cyber-physical attack, deployment on a temporary event.

Thursday 5 November 2015, 14h00, Amphi B IUT

Emmanuel Thomé INRIA Equipe Caramel, The Logjam attack.

Slides.pdf Video
Emmanuel Thome
We investigate the security of Diffie-Hellman key exchange as used in popular Internet protocols and find it to be less secure than widely believed. With the number field sieve algorithms, computing a single discrete log in prime fields is more difficult than factoring an RSA modulus of the same size. However, an adversary who performs a large precomputation for a prime p can then quickly calculate arbitrary discrete logs in groups modulo that prime, amortizing the cost over all targets that share this parameter. The algorithm can be tuned to reduce individual log costs even further. Although this fact is well known among mathematical cryptographers, it seems to have been lost among practitioners deploying cryptosystems. Using these observations, we implement a new attack on TLS in which a man-in-the-middle can downgrade a connection to 512-bit export-grade cryptography. In the 1024-bit case, we estimate that discrete log computations are plausible given nation-state resources, and a close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break.
Joint work with David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin, Paul Zimmermann.
Inria Caramel

Slawomir Grzonkowski Symantec, Dublin, SMS spam: a holistic view.

Slides.pdf Video SMS phishing
Slawomir Grzonkowski
Spam has been infesting our emails and Web experience for decades; distributing phishing scams, adult/dating scams, rogue security software, ransomware, money laundering and banking scams... the list goes on. Fortunately, in the last few years, user awareness has increased and email spam filters have become more effective, catching over 99% of spam. The downside is that spammers are constantly changing their techniques as well as looking for new target platforms and means of delivery, and as the world is going mobile so too are the spammers. Indeed, mobile messaging spam has become a real problem and is steadily increasing year-over-year. We have been analyzing SMS spam data from a large US carrier for over six months, and we have observed all these threats, and more, indiscriminately targeting large numbers of subscribers. In this paper, we touch on such questions as what is driving SMS spam, how do the spammers operate, what are their activity patterns and how have they evolved over time. We also discuss what types of challenges SMS spam has created in terms of filtering, as well as security. Symantec

Tuesday 27 Octobre 2015, 9h00, Amphi Recherche

Evangelos Kranakis Ecole Normale Supérieure, Paris, France, Secure Distributed Computation on Private Inputs.

Slides.pdf Video
David Pointcheval
Many companies have already started the migration to the Cloud and many individuals share their personal informations on social networks. While some of the data are public information, many of them are personal and even quite sensitive (strategic, medical, financial, intellectual property, etc). Unfortunately, the current access mode is purely right-based, therefore, the provider itself not only has total access to the data, but also knows which data are accessed, by whom, and how. Privacy, which includes secrecy of data (confidentiality), identities (anonymity), and requests (obliviousness), should be enforced by design. Recent cryptographic primitives have been proposed, with functional encryption and fully homomorphic encryption. In this talk, we will propose some efficient concrete solutions, together with a new approach with secure multi-party computation. LIENS

Monday 26 Octobre 2015, 11h00, Amphi Recherche

Evangelos Kranakis School of Computer Science, Carleton University, Optimization Problems in Infrastructure Security.

Slides.pdf Video
Evangelos Kranakis
How do we identify and prioritize risks and make smart choices based on fiscal constraints and limited resources? The main goal of infrastructure security is to secure, withstand, and rapidly recover from potential threats that may affect critical resources located within a given bounded region. In order to strengthen and maintain secure, functioning, and resilient critical infrastructure, proactive and coordinated efforts are necessary. Motivated from questions raised by infrastructure security, in this talk we survey several recent optimization problems whose solution has occupied (and continues to occupy) computer science researchers in the last few years. Topics discussed include: (1) Patrolling, (2) Sensor Coverage and Interference, (3) Evacuation, (4) Domain Protection and Blocking. The central theme in all the problems mentioned above will involve mobility in that the participating agents will be able to move over a specified region with a given speed. Security in itself is undoubtedly a very broad and complex task which involves all layers of the communication process from physical to network. As such the limited goal of this survey is to outline existing models and ideas and discuss related open problems and future research directions, pertaining to optimization problems in infrastructure security. Carlton University

Thursday 1er October 2015, 14h30, Amphi B IUT

Cristina Onete, IRISA, Equipe EMSEC, Security and Privacy in 3G/4G/5G-Network authentication: the AKA protocol.

Slides.pptx Slides.pdf Video
Cristina Onete
Authentication in mobile networks is usually a process between three participants: a client, an operator, and an intermediary, local authority (which can be a roaming agent, or an agent of the client's operator). The result of positive authentication is that the client may use services via the intermediary authority. A rejected client will not be able to use the network coverage offered by the intermediary authority, nor any other service. However, a central security and privacy demand requires that the intermediary agent does not know client-specific information, which is stored by the client and the operator.
In this talk we explore the process of authentication with the specific focus on the AKA protocol, which is a main contender for use in 5G networks. This protocol is symmetric key, features mutual authentication, and its design does not follow typical cryptographic paradigms. Its basic building blocks are a set of seven algorithms, which can be implemented either by using AES (this algorithm set is called Milenage), or by using the internal permutation of Keccak (the set is called TUAK). We show that despite being unorthodox, the design of the AKA protocol is mostly sound, both when instantiated with TUAK and when instantiated with Milenage. However, this same design does not allow for an analysis in traditional authenticated key-exchange security models (e.g. Canetti/Krawczyk, Bellare/Rogaway, Bellare/Pointcheval/Rogaway); instead, we have to modify the framework to capture one particular weakness in the mutual authentication, which allows a strange type of relay attack.
Finally, we address some privacy issues of this protocol, in particular with respect to the (un)traceability requirement mentioned in the specifications.

Marine Minier, INSA de Lyon, Laboratoire CITI, INRIA Equipe Privatics, CUBE Cipher: A Family of Quasi-Involutive Block Ciphers easy to mask.

Slides Video
Marine Minier
In this talk, we will describe a joint work with Thierry Berger and Julien Francq. We propose a new quasi-involutive lightweight design called CUBE cipher family. The design have been carefully chosen to be easily masked. The basic building block is a cube of size nxnxn on which are applied SPN transformations followed by a particular cube mapping. We analyze the proposals from a security point of view and provide a full hardware implementation analysis. Citi INSA Privatics Inria

Thursday 3 September 2015, 14h00, Amphi B IUT

Ralf Sasse Institute of Information Security, Department of Computer Science, ETH Zurich, ARPKI: Attack Resilient Public-Key Infrastructure.

Slides Video
Ralf Sasse
We present ARPKI, a public-key infrastructure that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research. Moreover, ARPKI is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing all features required for deployment. ARPKI efficiently handles the certification process with low overhead and without incurring additional latency to TLS.
ARPKI offers extremely strong security guarantees, where compromising n-1 trusted signing and verifying entities is insufficient to launch an impersonation attack. Moreover, it deters misbehavior as all its operations are publicly visible.

Philippe Owezarski LAAS, Plateform for controled execution of malwares.

Slides Video
Philippe Owezarski
Internet is not a safe environment. One of the risk is the existence of botnets, large sets of compromised computers by some malicious persons that can use them to launch massive attacks ... To actively prevent such attack it is important to analyse the Internet trafic. In this talk, we presetn a plateform that collects and execute malwares to observe such malicious activity. However the owner of a computer is legally responsible of the trafic that he has generated, then the plateform has to control his trafic. It contains a ne type of wirefall that filter all malicous packets. We also gice some performances analysis of our plateform. LAAS

Thursday 4 June 2015, 14h00, Amphi B IUT

Guillaume Bonfante LORIA, Miseries of antivirus and splendors of malwares.

Slides Video
Guillaume Bonfante
Writing a software to detect malware is difficult, even undecidable. But designers of malwares use techniques against some heuristics that can be used in the antiviruses, which leads to an even more difficult task. We illustrate sith some examples of existing famous malwares the observations perform in laboratory. LORIA Mines Université lorraine

Amrit Kumar Privatics team, INRIA Grenoble, Google Safe Browsing: Security and Privacy.

Slides Video
Amrit Kumar
Phishing and malware websites are still duping unwary targets by infecting private computers or by committing cybercrimes such as fraud and identity theft. Safe Browsing is a defensive technology which identifies unsafe websites and notifies users in real-time of any potential harm of visiting a URL. All the established web service providers such as Google, Microsoft and Yandex offer Safe Browsing as feature in their software solutions and products. Hence, knowingly or unknowingly, you are certainly one of its users. The goal of this talk is to analyze the prevalent Safe Browsing architectures through a security and privacy point of view.
While, some of these services such as Microsoft Smart Screen Filter are privacy unfriendly by design, i.e. without any effort, the backend server may track a user's activity over the web. Other players such as Google and Yandex advert in their privacy policy that their Safe Browsing architecuture does allow them to track users. This talk would prove that their privacy policy is incorrect.
On the security front, our findings are rather opposite. Microsoft Smart Screen Filter is a secure solution, while Google and Yandex Safe Browsing are insecure by design. We propose several denial-of-service attacks that simultaneously affect both the Safe Browsing servers and its clients. One of our attacks allows an adversary to force Google and Yandex to "blacklist" any target benign URL.
Privatics Inria

Thursday 7 May 2015, 14h00, Amphi B IUT

Maryline Laurent Institut Mines-Télécom/Télécom SudParis, CNRS UMR 5157 SAMOVAR Co-fondatrice de la chaire Valeurs et politiques des informations personnelles : Internet des objets : Quels sont les freins à la protection des données personnelles ?

Slides Video
Maryline Laurent
Over 33 billions of things will be connected at Internet before 2020 according to strategyanalytics. These objects collect, analyse, transmit to remote server, objeects personal data more or less sensitive about our environment, performances, health and activities. They have to respect the law about the personal data protection in Europe, la Directive Européenne de 1995. In this talk, after having explained the difficulties to deply protection for personal data, we present serveral solutions to address these challenges.
These works have partially been done with the "chaire Valeurs et politiques des informations personnelles". They are also explained in the book "La gestion des identités numériques", (Ed. M. Laurent, S. Bouzefrane), collection ISTE, ISBN: 978-1-78405-056-6 (papier), ISBN : 978-1-78406-056-5 (ebook), 2015.
IMT telecom sud paris

Florent Autréau, Mataru Audit et test de sécurité - pratiques et retour d'expériences.

Slides Video
Florent Autréau
Florent Autréau is working over 30 years in IT and oer 20 year in inormation security. In this talk, we present the basics of security audit and associated methodology regarding our long experience in this domain. Mataru

Thursday 9th April 2015, 14h00, Amphi B IUT

Alexandre Anzala-Yamajako Thales Communication & Security, Thales Paris, France : Securing the cloud, Symmetric searchable encryption and implementation.

Slides Video
Alexandre Anzala-Yamajako
The rise of cloud storage is a game-changer for more than a few companies. They can now offload massive amounts of business-critical data without having to deal with the issues of infrastructure, backup and synchronization. Ensuring a better service in a transparent way for users is however a non-trivial security issue since the goal is to provide the highest possible security level given that the cloud provider is honest but very curious about the data stored. A Symmetric Searchable Encryption scheme allow a client to store his data on an untrusted server while still being able to perform search queries on it. The security property we are aiming at is to guarantee that the server won’t gain information on the search query or the response. In this talk we will present different methods achieving that goal as well as he technical hurdle of that is the efficient implementation of such schemes. Thales

Thursday 5th March 2015, 14h00, Amphi B of IUT

Gildas Avoine from IRISA INSA Rennes : Time-memory Trade-off Applied to Non-uniform Distributions

Slides Video
Gildas Avoine
Cryptanalytic time-memory trade-offs (TMTO) were introduced by Hellman in 1980 in order to perform key-recovery attacks on cryptosystems. A major advance was presented at Crypto 2003 by Oechslin, with the rainbow tables that outperform Hellman's seminal work. After introducing the cryptanalytic time-memory trade-offs, we will present in this talk a technique to improve the efficiency of TMTOs when considering non-uniform distributions, e.g. to crack non-uniformly distributed passwords. INSA Rennes

Olivier Pereira Université catholique de Louvain (UCL), Crypto group : Ballot privacy in elections: new metrics and constructions.

Slides Video
Olivier Pereira
Vote privacy is a central aspect of most of our elections. It is however not an absolute property: it will depend on the ballot format, tallying rules, voter turnout and preferences. Furthermore, it is achieved using various techniques, creating new trade-offs with the adoption of end-to-end verifiable voting systems for instance. In this talk, we describe new privacy metrics designed for elections, and illustrate their use in public elections. We then introduce a new cryptographic primitive, commitment-consistent encryption, and show how it be used to obtain universally verifiable elections that do not bring extra privacy risk, even in the long term.
This is based on joint work with David Bernhard, Véronique Cortier, Edouard Cuvelier, Thomas Peters and Bogdan Warinschi.
UCL Crypto

Thursday 5th February 2015, 14h00, Amphi B of IUT

Olivier Blazy from Xlim : Blind signatures with flying colors

Slides Video
Olivier Blazy
Blind signatures are commonly used as a primary building block when anaonymity is required, for example in e-voting or e-cash systems. They allow a user to obtain a signature on a message from a signer while preventing the signer to learn anything about what has been signed. We will see how the general approach has evolved and show how to achieve a round-optimal scheme while maintaining communication efficiency. Then we will focus on several applications, for e-voting, e-cash and linear operation over a wireless sensor network. Xlim

Thursday 8th January 2014, 14h00, IUT Amphi B

Lionel Rivière, SAFRAN Morpho, IDentity and Security Alliance (The Morpho and Télécom ParisTech Research Center) et Télécom ParisTech : Fault Injection attacks Robustness Evaluation With The Embedded Fault Simulator

Slides Video
Lionel Rivière
Fault attacks target smartcards or secure elements that store and compute confidential data. Laser beams and electromagnetic pulses are two physical means that are generally used to practically inject faults. Achieving practical fault injections is often expensive, complex and time consuming, but is still required to validate the security of a product. Simulation allows developers to evaluate the usefulness and the relevance of adding specific security features and comes at an early stage. The quality of the simulation is therefore of crucial importance because it influences the results in term of security strategy and reliability. This led us to propose a novel simulation approach: the Embedded Fault Simulator. In this talk, we will introduce the context of fault injection attacks and simulations, then we will describe our new concept.
This is based on joint works with Maêl Berthier, Julien Bringer, Hervé Chabanne, Thanh-Ha Le, Marie-Laure Potet, Maxime Puys and Victor Servant.
SAFRAN MORPHO STelecom ParisTech labo

Vendredi 5 Décembre 2014 à 11h00, Amphi Recherche

Serge Vaudenay, Security and Cryptography Laboratory (LASEC), EPFL Defeating Relay Attacks in NFC Payments

Slides Video
Serge Vaudenay
NFC payment is spreading with e.g. NFC-equipped bank cards. Common implementations need no action of the payer such as activating the card or typing a PIN code. So, this is prone to relay attacks, where an adversary could simulate an NFC payment at the cashier of a supermarket while making an innocent card holder queuing behind him pay without even knowing. Distance bounding offers a way to defeat this attack. In this talk, we review recent results on distance bounding and show how to make it fit a standard payment scenario. EPFL LASEC

Thursday 4th December 2014 à 12h00, Amphi Recherche

Sébastien Canard, Orange Labs Applied Cryptography Group Advances in cryptology for trust and data services

Slides Video
Sébastien Canard
One of the main technical challenge regarding our daily life is the way to propose to consumers their usual services, while protecting their privacy. Cryptography is certainly one security tool than can answer to several open questions in this context, by the way of advanced tools going beyond traditional features. In this talk, we will first talk about the way to provide both accountability and anonymity for users of mobile services. We will then focus on the way to provide traditional manipulation of data stored on a safe or a cloud storage, while protecting the data by encrypting it. Orange Labs

20th November 2014

Vincent Mazenod, expert SSI à la DR7 CNRS : How to enhance your security with good password policy?

Slides Video
Vincent Mazenod
Passwords are the main defense to prevent access on your personal and professional data. After discussing precisely what can be accessed with your password, we will see the 6 basic hygien rules about passwords. Finaly we will see how to choose strong passwords and how to never forget them.

Thursday 13th Novembre 2014, 14h00, IUT Amphi B

Jordi Herrera, Universitat Autonòma de Barcelona (UAB) : Is bitcoin a suitable research topic?

Slides Video
Jordi Herrera
Bitcoin has emerged as the most successful crypto currency since its appearance back in 2009. Besides its security robustness, two main properties have probably been its key to success: anonymity and decentralization. In this talk, we provide a detailed description of the bitcoin protocol and we explain how its security robustness is achieved through its P2P network and suitable cryptographic tools. We also analyze which anonymity degree can be effectively obtained when dealing with bitcoins. Finally, we discuss some research challenges that bitcoin faces and some opportunities around the bitcoin ecosystem for funding such type of research. UAB

Delmotte Sébastien, Arrignon Florent, (MAD-Environnement) : Méthodologies de gestion des risques: potentiel d’application sur les réseaux de capteurs.

Florent Arrignon
Différentes méthodes conformes à la norme ISO 31000 existent pour gérer les risques dans les systèmes complexes. Selon les objectifs et les méthodes utilisées, il est ainsi possible d’objectiver l’ensemble des risques auxquels est exposé le système tout en prenant en compte la perception des risques par les entités le constituant. Le potentiel d’application aux réseaux de capteurs de deux méthodes, l’Analyse Globale des Risques et la Cartographie des Perceptions des Risques, est présenté par le biais d’illustrations issues d’applications sur d’autres systèmes complexes et par la spécification des besoins pour documenter de telles analyses. Sebastien Delmotte MAD-Environnement

Thursday 9th October 2014 at 14h00

Tancrède Lepoint, CryptoExperts : (Fully) Homomorphic Encryption: From Theory to Practice

Video Slides
Lepoint Tancrede
Fully Homomorphic Encryption (considered as the Holy Grail of cryptography) allows to publicly operate over encrypted data. However, this new primitive came with a major downside: it is (and remains) order of magnitude slower than usual public-key primitives. For example, a multiplication over two encrypted bits requires a post-precessing step taking several dozen of minutes.
In this talk, we will tackle the practicality of (fully) homomorphic encryption, its potential and limitation. There exist several families of FHE schemes; we will focus on the most promising ones, respectively over the integers and based on RLWE. Finally, we will tackle communication issues with the Cloud due to the huge ciphertext expansion in the existing schemes.

Philippe AMBLARD, Docteur en droit, Consultant/expert TIC, Chargé de cours à l’Université d’Auvergne, Membre associé à la Fédération des Tiers de Confiance (FNTC) : Enjeux et impacts juridiques du chiffrement homomorphe

P. Amblard
La régulation de nos économies avancées se caractérise par cette dépendance toujours plus grande au progrès des sciences et techniques et en particulier des technologies de l’information et de la communication (TIC). Les avancées actuelles de la recherche en cryptographie en matière de chiffrement homomorphe illustre bien ce nouveau rapport entretenu entre le droit et les TIC. La promesse du «tout chiffré tout le temps» est en passe de bouleverser les modèles juridiques du cloud computing. Tentons donc de voir ensemble les enjeux et impacts juridiques du chiffrement homomorphe sur la confidentialité des données stockées dans le cloud et sur la responsabilité des acteurs du cloud computing UDA

Thursday 4 September 2014 à 14h00, Amphi B de l'IUT

Marie-Laure Potet , Verimag DCS : Combinaison d'analyses statiques pour l'aide à la détection et à l'exploitabilité de vulnérabilités dans du code binaire

Slides Video
Marie-Laure Potet
Vulnerability analysis requires several steps: identification of flaws in the source, capability to exploit these flaws and to mount an exploit according to countermeasures implemented on the execution plateform. We propose several static anlysis to support this process. One allow us to detect buffers overflow caused by some loops. An inter-procedurale tainted analysis allows us to deal with large size applications. Finally we present an analysis to detect use-after-free, one of the most exploited vulnerabilties in nowdays browsers. Verimag

Olivier Heen, Technicolor: Keep calm and change your password

Olivier Heen
Passwords are radioactive material. First we recall bad and good practices for storing passwords. Then we demo three attacks based on leaked password files such as LinkedIn, YouPorn and Adobe. The Adobe file contains 130 Million encrypted passwords. The attacks allow retrieving popular passwords, disclosing hidden links between accounts, de-anonymizing users pseudonyms. Last, we provide workarounds and discuss long term consequences of password leaks.

Olivier Heen is Senior Scientist at Technicolor RD. He received his Ph.D. in theoretical computer science from the Université Paris 7 in 1996. Then he joined France Telecom Research Lab, before co-founding the start-up Intranode and managing the research team. During years 2008 and 2009 he was Associate Researcher in the Celtique team at INRIA. At Technicolor RD, his research interests include fingerprinting, datamining for security and cloud security. His favorite programming languages are Python and Prolog.

Thursday 12th June 2014 at 14h00, Amphi B IUT

Kasper Rasmussen, Oxford University : Authentication Using Pulse-Response Biometrics

Slides Video
Many modern access control systems augment the traditional two-factor authentication procedure (something you know and something you have) with a third factor: ``something you are'', i.e., some form of biometric authentication. This additional layer of security comes in many flavors: from fingerprint readers on laptops used to facilitate easy login with a single finger swipe, to iris scanners used as auxiliary authentication for accessing secure facilities. In the latter case, the authorized user typically presents a smart card, then types in a PIN, and finally performs an iris (or fingerprint) scan.
In this talk I will introduce a new biometric -- based on the human body's response to an electric square pulse signal -- that we call pulse-response. The pulse-response biometric is effective because each human body exhibits a unique response to a signal pulse applied at the palm of one hand, and measured at the palm of the other. Using a prototype setup, we show that users can be correctly identified, with high probability, in a matter of seconds. This identification mechanism integrates very well with other well-established methods and offers a reliable layer of additional security, either on a continuous basis or at login time. I will present our results from experiments with a proof-of-concept prototype that demonstrate the feasibility of using pulse-response as a biometric. Our results are very encouraging: we achieve accuracies of 100\% over a static data set and 88\% over a data set with samples taken over several weeks.

Azzam Mourad, Department of Computer Science & Mathematics Lebanese American University (LAU): Security issues and Directions of Intelligent Transport Systems within limited-resources constraints

Slides Video
Intelligent transport system (ITS) is becoming a necessity in our everyday life for traffic control, time management, real-time traffic flow, incident management, etc. In the context of limited-resources constraints (i.e. lack of infrastructure), some necessary information may not be available and/or a single source of data may not be enough in order to provide accurate decision by the core modules. In this context, the proposed idea is to rely on vehicles as principal source of information, diversify the sources of data and build cooperative and service-based models at all layers of ITS in order to target the aforementioned problem. However, such approach entails several challenges in terms of adaptability, context-awareness, QoS and security. In my talk, I will be discussing security problems and solutions targeting separately services cooperation/composition and vehicular networks, which will potentially form the base to elaborate the intended approach.
Starting with the security of services cooperation, current solutions for Web services composition (e.g. BPEL) still do not provide mechanisms to dynamically adapt the business process with the rapid changes in business goals and requirements. Therefore, more efforts are needed to reach high adaptation of composition at several levels, most importantly, business logic, behavioral rules and security policies. In terms of security, XACML (eXtensible Access Control Markup Language) has been known as the de facto standard widely used by many vendors for specifying access control and context-aware policies for individual Web services. Due to the complexity of interaction in composite services, diversity of rules, and notably complexity of policies specification languages, many flaws and conflicts are more likely to arise, specially that the size of XACML policies are significantly growing to cope with the composed behaviors. In this context, we will discuss E-AspectBPEL, a model driven approach based on aspect-oriented programming for defining both context-aware policies to reach higher adaptability, and dependability between policies hardened in the BPEL process to overcome the conflict among them. Moreover, we will discuss SBA-XACML, a novel set-based algebra scheme that provides better evaluation performance and allows to detect flaws, conflicts and redundancies in XACML policies.
As for the security of Vehicular network, we will discuss the problem of clustering in Vehicular Ad Hoc Networks (VANETs) in the presence of selfish nodes. The problem arises due to the highly mobile topology of VANET, which leads to frequent clusters disconnections and alters the Quality of Service (QoS) over the network. Moreover, the presence of selfish nodes would hinder the application of any clustering model. These nodes behave rationally and tend hence to maximize their gain regardless of the negatives implication that may affect the network. Thus, the proposed solution is concerned with introducing a stable clustering model that deals with the high mobility of vehicles by considering a tradeoff between QoS requirements and high mobility constraints. This model is accompanied with a multi-phase model able to stimulate the cooperation of the vehicles, detect the selfish nodes, and regulate the cooperation. In this regard, several theories and algorithms will be discussed such as Ant Colony Optimization algorithms, incentive mechanism, cooperative watchdog based on Dempster-Shafer theory and repeated game theory based on Tit-for-Tat strategy.

Wednesday 14th May 2014 at 14h00, Amphi B IUT

Aurélien Francillon, EURECOM: IoT: Internet of (Insecure) Things.

Slides Video
Abstract EURECOM

François Devoret, Lex Persona: Electronic signature and digital identity: the essential ingredients to build trust over the Internet.

Slides Video
Trust services provider on the Internet since 2009, Lex Persona dematerializes business exchanges by performing electronic signature operations based on personal digital certificates. Using numerous examples of real-world business applications, François Devoret, founder and CEO of Lex Persona, will describe how using secure technologies is not incompatible with the ease of use and the speed of deployment which are expected when building on line signature applications over the Internet. EURECOM

Thursday 3rd April 2014 at 14h00, Amphi B IUT

Damien Vergnaud , LIENS: Cryptographic Primitives and Constructions for Digital Confidence.

Slides Video
Zero-knowledge proofs allow a user to prove the validity of a mathematical statement without revealing any other information. These proofs have found numerous applications in cryptography but are rarely used in practice since the resulting protocols are generally inefficient. A recent line of work, initiated by Groth, Ostrovsky and Sahai, enables to construct non-interactive proof system which are very efficient for specific statements. Another approach relies on the use of Smooth Projective Hash Functions introduced by Cramer et Shoup. This talk (in large part expository) will give an overview of the construction of these proof systems and discuss several applications recently proposed. LIENS

Thursday 6th March 2014, 14h00, Amphi B of IUT

Mathieu Cunche , Equipe Privatics: Wi-Fi told me everything about you

Wi-Fi technology has become ubiquitous: more and more devices are equipped with it and the number of Wi-Fi networks is constantly increasing. Despite security mechanisms, Wi-Fi technology represents a serious threat to the privacy of its users. Indeed, devices equipped with a Wi-Fi interface are broadcasting private information in clear-text. Using off-the-shelf tools, it is possible to collect information such as: the full name of an individual, its travel history, or even the existence of social links. Wi-Fi signals broadcasted by our portable devices can also be used to track our every moves, opening the way to global tracking of individuals for marketing or surveillance purposes. This presentation will include technical details about the information leak as well as the description of applications exploiting this information and their privacy implications. Privatics

Thursday 6th February 2014, 14h00, Amphi B of IUT

Gambs Sébastien, IRISA/INRIA Team CIDre : Toward an ID Card preserving privacy

Slides Video
A privacy-preserving identity card is a personal device, which has exactly the same usages than the traditional identity card, but does not reveal more information than necessary for a specific objective. For instance with such a card, a citizen can prove his nationality when he crosses the border, demonstrate that he belongs to some interval of age in order to obtain a discount at the theater or access to the local services that are reserved for the inhabitants of a city, without having to reveal his name, his first name or his date of birth.
More precisely, the privacy of the user is protected through the use of anonymous credentials allowing him to prove binary statements about himself to another entity without having to disclose his identity or any unnecessary information. The proposed scheme also prevents the possibility of tracing the user, even if he proves several times the same statement (unlinkability property). A tamper-resistant smartcard is used to store the personal information of the user thus protecting his privacy and preventing the risks of forgery at the same time. The user identifies himself to the card via biometrics thus forbidding an unauthorized use in the situation where the card is stolen or lost.
During this presentation, I will introduce the concept of the privacy-preserving identity card and the fundamental properties that such as card should ideally fulfilled. I will also describe two practical implementations of the privacy-preserving identity card, one based on the use of a tamper-resistant smartcard and the other on the combination of fuzzy extractors and zero-knowledge proofs. Finally, I will conclude with a discussion on the possible extensions. This is a joint work with Yves Deswarte (LAAS-CNRS).

Thursday 9th January 2014, 14h00, Amphi B of IUT

Lauradoux Cédric, Equipe Privatics INRIA: Identifiers and guesswork

Slides Video
Identifiers are the backbone of metadata and processing systems. Unique identifiers are a special case often used to link the real identity of a user to the digital world. Therefore, they can be a source privacy leaks and unique identifiers must be designed carefully. The main analysis tool of unique naming schemes is called guesswork. It is an important topic of security (passwords), cryptography (key materials) and privacy. The complexity of a guesswork is determined by the pre-computation, the computation power and the memory available to the adversary but also by the probability distribution associated to the element she wants to guess. In this lecture, I will describe the problem of guessing several everyday-life identifiers. Privatics

Jean-Philippe Halbwachs, D.R.R.I. 63: New weapons of James Bond

Today, the technologies are used to protect data, whether personal or corporate policy. At least, that's what we believe. Indeed, we must never forget that the greatest part of the hacker activity or an intelligence service is based on the human and its vulnerabilities, even before tackling the inherent vulnerabilities of the system. The aim of this intervention is to explain how does it work, based on the following points:
  • generation Y and the associated risks,
  • danger USB key
  • identity theft through email exchanges and consequences
  • MICE and vulnerabilities
  • in the interest of "strong" password
  • wi-fi
  • telephony

Friday 13th December 2013, 14h00, Amphi B at IUT

Jean-Louis Lanet from Xlim: Virus in a smart card: Myth or reality?

Slides Video
Jean-Louis Lanet
All communicating devices are prone to software attaks which are often protected by some software components. Recently a german researcher has demonstrated the ability to upload a code into a SIM card. We will present a state of the art concerning smart card attacks. Smart cards are often the target of software or hardware attacks. The most recent attacks are based on fault injection which modifies the behavior of the application. Xlim

Guillaume Vernat, Coffreo: Digital confidance from the user's point of view.

Guillaume Vernat
About digital trust there is on one side our researchs, offers and solutions and on the other side users online. They are on the other side of the mirror. Since 2010, Coffreo is one of the historical leaders of the digital home on the internet. Through some daily exchanges we have with users Coffreo, we propose to consider how to integrate the "other side of the mirror" to the theme of digital trust. Coffreo

Thursday 7th November 2013, 15h30, Amphi B at IUT

Pascal Lafourcade from LIMOS:
How to trust digital applications? Formal methods can help you.

Slides Video Transcript in english
Pascal Lafourcade
Security is one one the main concern in the modern applications. In this talks we show how formal methods can help to anlayze and design scure protocols in the context of e-voting, e-auction and e-exam. LIMOS

Jean-Marie Tirbois from almerys compagny:
How to put the user at the center of exchanges? ebee puts the debate.

Slides Video Transcript in english
Jean-Marie Tirebois
The internet users are only information seekers. We must focus on the individual exchanges as a central element. ebee puts the individual in his place and redistributes relationships. After positioning the substantive debate, the presentation will address the issue by a solutions approach. almerys

Number of visits: