Recent Advances in Secure Two-Party Computation

/in /by

Abstract:
Secure two-party computation allows two parties to securely compute a function on their respective private inputs. It allows to preserve privacy in applications that involve a client and a single server, and in settings where private data is outsourced to two non-colluding servers. In this talk, I will give an overview on recent advances in the area of secure two-party computation. In particular, I will focus on the setting with semi-honest parties, which allows to construct the most efficient protocols. I will summarize three recent research results from the ENCRYPTO group: First, circuit synthesis and secure evaluation of circuits should be considered together to not leak private information when evaluating malformed circuits with popular instantiations of Yao’s garbled circuits protocol (JoC’23). In the area of secret-sharing based protocols, ABY2.0 (USENIX Security’21) allows highly efficient secure evaluation of Boolean circuits with multi-input AND gates and vector products, and FLUTE (IEEE S&P’23) extends these results to multi-input lookup tables. Among many other applications, these protocols substantially improve efficiency of privacy-preserving machine learning.

Short Bio:
Thomas Schneider is full professor for Cryptography and Privacy Engineering in the Department of Computer Science at Technical University of Darmstadt, Germany. Before, he was independent research group leader at TU Darmstadt (2012-2018), did a PhD in IT Security at Ruhr-University Bochum (2008- 2011), and wrote his Master thesis during a research internship at Nokia Bell Labs, NJ, USA (2007). His research focuses on privacy, cryptographic protocols, applied cryptography, and computer security. He heads the Cryptography and Privacy Engineering Group (ENCRYPTO), whose mission is to demonstrate that privacy can be efficiently protected in real-world applications. For this, his group combines applied cryptography and algorithm engineering to develop cryptographic protocols and tools for protecting sensitive data and algorithms. For his research on cryptography and privacy engineering, he was awarded with an ERC Starting Grant 2019 and an ERC Consolidator Grant 2023. See https://encrypto.de/tschneider for more details.

Photo copyright: TU Darmstadt

Graz Security Week 2024

/in , /by

We are happy to announce that Security Week will take place again in September 2024!
This summer school targets graduate students interested in security and correctness aspects of computing devices. 

The registration is now open! Check it out → HERE


Click here to check out Security Week of 2023 (photos, programme, etc.)!

Bachelor@IAIK 2023/24

/in /by

We present our new open bachelor’s thesis topics and award prizes to excellent students who contributed to scientific publications this past year.

If you’re interested in joining us for your bachelor’s thesis in security, this is the best way to get an impression of our topics as well as how a bachelor’s thesis at IAIK works: You’ll hear about our research areas and current hot topics, our Bachelor@IAIK program where you can work on your thesis together with your fellow students in one of our offices if you like, and maybe you’ll get to know your supervisor while chatting along.

The event will also be the kick-off lecture in Introduction to Scientific Working (ISW) where you will be able to choose your preferred topic!   

We are looking forward to meeting you!

 

Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses

/in /by

Abstract
Side-channel techniques have been traditionally applied toward the recovery of computer-related secrets, such as cryptographic keys. Recently, however, attackers have turned to target humans, who also share secrets of their own with their computers. Recoverable human secrets include, for example, browsing habits, keystrokes, political or religious beliefs, or sensitive information about the user’s health. In this talk, I will show how a cache side-channel attacker can target humans using a *targeted deanonymization* attack. Targeted deanonymization attacks, which let a malicious website discover whether a website visitor bears a certain public identifier, such as an email address or a Twitter handle, are both practical and dangerous, as they can put journalists, activists, and other vulnerable populations into serious risk.

After describing and demonstrating the attack, I will talk about the unique challenge of defending against an attack which involves users, and show how mitigations against the attack were built into the popular NoScript extension.


Based on joint work with Mojtaba Zaheri and Reza Curtmola presented at USENIX Security ’22. Artifacts available here: https://github.com/leakuidatorplusteam/artifacts

Bio 
Yossi Oren is a Senior Lecturer (Assistant Professor in U.S. terms) in the Department of Software and Information Systems Engineering at Ben Gurion University of the Negev, and a member of BGU’s Cyber Security Research Center. Prior to joining BGU, Yossi was a Post-Doctoral Research Scientist in the Network Security Lab at Columbia University in the City of New York and a member of the security lab at Samsung Research Israel. He holds a Ph.D. in Electrical Engineering from Tel-Aviv University (thesis), and an M.Sc. in Computer Science from the Weizmann Institute of Science (thesis).

His research interests include implementation security (side-channel attacks, micro-architectural attacks, power analysis and other hardware attacks and countermeasures; low-resource cryptographic constructions for lightweight computers) and cryptography in the real world (consumer and voter privacy in the digital era; web application security). He has been recognized by The Register as a Top Boffin.


(Source: https://iss.oy.ne.ro)



Photo copyright: Ben-Gurion University of the Negev.

Formal Hardware/Software Modeling for Timing Properties: from Safety to Security

/in /by

Short abstract
The emergence of open hardware initiatives, for instance, based on the RISC-V ISA, exposes more easily the exact behavior of hardware designs. They can then be analyzed and combined with application-level semantics to formally verify complex safety (and security) properties at the system level. In this talk, we first present an overview of the LEAF approach for verifying such timing-related properties. Then, we focus on the required formal model tailored to a specific property: the detection of Timing Anomalies (TA) within pipelines of processors. A TA is a counterintuitive timing behavior that can threaten Worst-Case Execution Time (WCET) analyses. We also report ongoing work to generate such pipeline formal models from RISC-V processors described in Chisel/FIRRTL. Finally, we conclude on current extensions to apply the LEAF approach to safety properties.

Bio
Dr. Mathieu Jan obtained his engineering diploma in 2003 and got a Ph.D. in 2006 on data management for grid architectures from Univ. of Rennes 1 in an INRIA laboratory. He joined CEA LIST in 2007 as a full-time researcher. Since then, his main research interests are embedded systems and real-time systems. Senior expert at CEA LIST since 2014, he obtained a “Habilitation à Diriger des Recherches” (HDR) in 2016, and is a CEA Research Director since 2021. He spent the whole year 2019 as visiting scholar at the University of California, Berkeley (UCB) in the group of Prof. Edward Lee. Since 2020, Mathieu focuses on the hardware/software formal verification of embedded systems and is the Ph.D. director of several Ph.D. students in this area.

Photo: Private

Review of laser and EM fault injection attacks into microcontrollers

/in /by

Abstract
Microcontrollers storing valuable data or using security functions are vulnerable to fault injection attacks. Among the various types of faults, instruction skips induced at runtime proved to be effective against identification routines or encryption algorithms. Until recently, most research papers assessed a fault model that consists in a single instruction skip, i.e. the ability to prevent one chosen instruction in a program from being executed. This seminar reports experimental results that extend the complexity and versatility of the instruction-skip fault model. It shows how using laser or EM fault injection makes it possible to induce several consecutive instructions skips or to skip instructions from different parts of a program. It focuses on results obtained on custom test circuits and general purpose microcontrollers at different technology nodes. An analysis of the involved injection mechanisms is also provided.



Short bio
Prof. Jean-Max Dutertre received the M.S. and Ph. D. degrees in microelectronics from the University of Science of Montpellier, France, in 1998 and 2002, respectively. He is head of the Secured Architectures and Systems (SAS) research department of Mines Saint-Etienne from Institut Mines-Télécom, which is part of a joint R&D team with the CEA Leti. His research interests are with hardware attack techniques and the design of the related counter-measures (either hardware or software). He has been studying fault injection attacks of secure integrated circuits for 15 years.

Graz Security Week

/in , /by

Once again, IAIK will hold the Graz Security Week. This summer school targets graduate students interested in security and correctness aspects of computing devices. 

Click here to check out the details of the programme and speakers, and to register!

We are looking forward to seeing you there!

Austrian Computer Science Day 2023

/in , /by

The Austrian Computer Science Day (ACSD) is an annual assembly that brings together computer scientists across Austria and beyond to improve visibility of the field and foster collaboration in research and teaching.

This year’s focus is on trusted computing, raising crucial questions: Can we trust artificial intelligence? Can we prove that our implementations are correct? How secure is our data?


Click HERE to register for your free participation!

ERC Starting Grant Kick-off Event – Project Presentation

/in /by

Daniel Gruss of IAIK received the prestigious EU Starting Grant for research on energy-efficient IT security from the European Research Council in 2022.
With his ERC Starting Grant, he is researching how energy efficiency in IT can be increased in the future without causing security gaps.

Detecting Wi-Fi Networks Vulnerable to FragAttacks: Feasible, but also Ethical?

/in /by

Abstract:

This presentation will first introduce the FragAttacks vulnerabilities (USENIX 2021). The FragAttacks findings consist of three cryptographic design flaws in the fragmentation and aggregation features of Wi-Fi. Additionally, the FragAttacks research discovered multiple widespread implementation flaws related to fragmentation and aggregation. We give a brief overview of these design and implementation vulnerabilities.
An open question is how many Wi-Fi networks in the meantime have been updated to fix these vulnerabilities. In the second part of the presentation, we will show how some of the FragAttacks vulnerabilities can be reliably detected during a Wi-Fi survey (also known as a Wi-Fi wardrive). This would enable researchers to measure how many access points have been updated, and how much of a risk the vulnerabilities still present. Most importantly, we examine the ethical aspects of possibly doing such a Wi-Fi survey, and hope to discuss the ethical aspects of this with the audience.

Short Bio:

Mathy Vanhoef is an Assistant Professor at KU Leuven University in Belgium. He’s interested in network and software security, where he studies the security of the full network stack, with a focus on Wi-Fi security and applied cryptography. In this area, he tries to bridge the gap between real-world code and theory. He previously discovered the KRACK attack against WPA2 and the Dragonblood attack against WPA3. He also collaborated with the industry to design and standardize two new Wi-Fi defenses. One of these defenses, called beacon protection, will become mandatory in Wi-Fi 7.