- Speaker: Richard Clayton
- Title: TBD
- Abstract: TBD
- Speaker: Iraklis Symeonidis
- Title: Analysis and design of privacy-enhancing systems: the case of Facebook and car sharing
- Abstract: The advancement of communication technologies such as the Internet, mobile communications, wireless networks and online platforms has eased the exchange of information between individuals: it has enabled collection of large amounts of personal data to an ever-increasing rate. In this talk we focus on two use cases: the interdependent privacy on Facebook and the privacy issues of car sharing systems. First, I will present a comprehensive analysis and countermeasures of the interdependent privacy problem on Facebook; providers of third-party applications on Facebook exploit the interdependency between users and their friends. Second, I will present the privacy issues on car sharing systems; owing to the massive amounts of personal information, rich information about individuals' everyday lives and habits can be extracted, enabling profiling. Finally, I will present a fully-fledged privacy-enhancing protocol (sketch) for car access provision as a solution design.
- Speaker: Karola Marky
- Title: Investigation of Human Factors in End-to-End Verifiable E-Voting Schemes
- Abstract: E-voting delivers benefits in terms of efficiency and accessibility and is already used in a number of countries.
End-to-end verifiable e-voting schemes facilitate verification of the integrity of individual votes as well as the election outcome.
Voters are actively involved in end-to-end verifiable e-voting schemes, therefore these schemes have to be tailored according to the voters' needs.
This talk gives an overview on the investigation of human factors in end-to-end verifiable e-voting schemes and resulting challenges.
- Speaker: Boris Skoric
- Title: Quantum security with optical PUFs
- Abstract: The combination of optical PUFs and quantum optics makes it possible to build protocols whose security relies on physical assumptions, e.g. the assumption that it is difficult to losslessly emulate a PUF's behaviour.
QSA (Quantum Secure Authentication) is an example of such a protocol.
Unfortunately, QSA requires a two-way quantum channel.
This talk discusses a new protocol, PUF-Enabled Asymmetric Communication (PEAC), which needs only a one-way channel.
- Speaker: Lara Schmid
- Title: How to model (e-voting) protocols in Tamarin
- Abstract: The Tamarin prover is a tool for the symbolic modeling and analysis of security protocols. It takes as input a protocol model, a specification of the adversary, and a specification of the protocol's desired properties. Tamarin can then be used to automatically check if the protocol fulfills the properties, given that arbitrarily many instances of the protocol's roles are run in parallel with the adversary.
In addition to trace properties, Tamarin can express observational equivalence properties. Such properties express that an adversary cannot distinguish two systems and are especially useful for modeling privacy.
In this talk, we present an introduction to the Tamarin tool and
explain how a protocol specified in traditional Alice&Bob notation can be translated to the Tamarin protocol model. Furthermore, we explain on the example of a simplified e-voting protocol how properties such as privacy and receipt-freeness can be modeled with Tamarin's built in observational equivalence theory.
- Speaker: Tiziano Bianchi
- Title: User Authentication via PRNU-Based Physical Unclonable Functions
- Abstract: Multifactor user authentication systems enhance security by augmenting passwords with the verification of additional pieces of information such as the possession of a particular device. In this work we present an innovative user authentication scheme that verifies the possession of the user's smartphone by uniquely identifying its camera sensor. High-frequency components of the photo-response nonuniformity of the optical sensor are extracted from raw images and used as a weak physical unclonable function. A novel scheme for efficient transmission and server-side verification is also designed based on adaptive random projections and on an innovative fuzzy extractor using polar codes. The security of the system is thoroughly analyzed under different attack scenarios both theoretically and experimentally.
Back to SRM presentations.
For questions and comments contact