Catégorie
Sécurité des systèmes d'information
Publications associées (1 000)
Multiparty Homomorphic Encryption: from Theory to Practice
Multiparty homomorphic encryption (MHE) enables a group of parties to encrypt data in a way that (i) enables the evaluation of functions directly over its ciphertexts and (ii) enforces a joint cryptographic access-control over the underlying data.By extend ...
EPFL2023A RISC-V Extension to Minimize Privileges of Enclave Runtimes
Edouard Bugnion, Neelu Shivprakash Kalani
In confidential computing, the view of the system software is Manichean: the host operating system is untrusted and the TEE runtime system is fully trusted. However, the runtime system is often as complex as a full operating system, and thus is not free fr ...
ACM2023P3LI5: Practical and confidEntial Lawful Interception on the 5G core
Apostolos Pyrgelis, Francesco Intoci
Lawful Interception (LI) is a legal obligation of Communication Service Providers (CSPs) to provide interception capabilities to Law Enforcement Agencies (LEAs) in order to gain insightful data from network communications for criminal proceedings, e.g., ne ...
New York2023On the (Im)possibility of Commitment over Gaussian Unfair Noisy Channels
Commitment is a key primitive which resides at the heart of several cryptographic protocols. Noisy channels can help realize information-theoretically secure commitment schemes; however, their imprecise statistical characterization can severely impair such ...
2023Authenticated private information retrieval
Bryan Alexander Ford, Simone Maria Stefano Colombo, Henry Nathaniel Corrigan-Gibbs, Kirill Nikitin
This paper introduces protocols for authenticated private information retrieval. These schemes enable a client to fetch a record from a remote database server such that (a) the server does not learn which record the client reads, and (b) the client either ...
Berkeley2023WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches
Mathias Josef Payer, Flavio Toffalini, Luca Di Bartolomeo, Jianhao Xu
Code-reuse attacks are dangerous threats that attracted the attention of the security community for years. These attacks aim at corrupting important control-flow transfers for taking control of a process without injecting code. Nowadays, the combinations o ...
IEEE COMPUTER SOC2023A Practical Influence Approximation for Privacy-Preserving Data Filtering in Federated Learning
Boi Faltings, Ljubomir Rokvic, Panayiotis Danassis
Federated Learning by nature is susceptible to low-quality, corrupted, or even malicious data that can severely degrade the quality of the learned model. Traditional techniques for data valuation cannot be applied as the data is never revealed. We present ...
2023Toward contactless human thermal monitoring: A framework for Machine Learning-based human thermo-physiology modeling augmented with computer vision
Alexandre Massoud Alahi, Dolaana Khovalyg, Mohamed Ossama Ahmed Abdelfattah, Mohamad Rida
The transition towards a human-centered indoor climate is beneficial from occupants’ thermal comfort and from an energy reduction perspective. However, achieving this goal requires the knowledge of the thermal state of individuals at the level of body part ...
2023TEEzz: Fuzzing Trusted Applications on COTS Android Devices
Mathias Josef Payer, Marcel Busch
Security and privacy-sensitive smartphone applications use trusted execution environments (TEEs) to protect sensitive operations from malicious code. By design, TEEs have privileged access to the entire system but expose little to no insight into their inn ...
IEEE COMPUTER SOC2023Improving Deepfake Detectors against Real-world Perturbations with Amplitude-Phase Switch Augmentation
Touradj Ebrahimi, Yuhang Lu, Ruizhi Luo
In recent years, the remarkable progress in facial manipulation techniques has raised social concerns due to their potential malicious usage and has received considerable attention from both industry and academia. While current deep learning-based face for ...
2023