Publications associées (29)

Performing and Detecting Backdoor Attacks on Face Recognition Algorithms

Alexander Carl Unnervik

The field of biometrics, and especially face recognition, has seen a wide-spread adoption the last few years, from access control on personal devices such as phones and laptops, to automated border controls such as in airports. The stakes are increasingly ...
EPFL2024

Thwarting Malicious Adversaries in Homomorphic Encryption Pipelines

Sylvain Chatel

Homomorphic Encryption (HE) enables computations to be executed directly on encrypted data. As such, it is an auspicious solution for protecting the confidentiality of sensitive data without impeding its usability. However, HE does not provide any guarante ...
EPFL2023

Designing a Provenance Analysis for SGX Enclaves

Mathias Josef Payer, Flavio Toffalini

SGX enclaves are trusted user-space memory regions that ensure isolation from the host, which is considered malicious. However, enclaves may suffer from vulnerabilities that allow adversaries to compromise their trustworthiness. Consequently, the SGX isola ...
ASSOC COMPUTING MACHINERY2022

A Use Case Oriented Survey of Self-Sovereign Identity

With self-sovereign identity (SSI), we stand at a crossroads that is leading society to a new kind of digital identity. Under this new paradigm, users no longer have to remember a username and a password; instead they gain full power on the information tha ...
2022

Optimal Symmetric Ratcheting for Secure Communication

Serge Vaudenay, Andrea Felice Caforio, Daniel Patrick Collins, Hailun Yan

To mitigate state exposure threats to long-lived instant messaging sessions, ratcheting was introduced, which is used in practice in protocols like Signal. However, existing ratcheting protocols generally come with a high cost. Recently, Caforio et al. pro ...
OXFORD UNIV PRESS2022

Crypt4GH: a file format standard enabling native access to encrypted data

Juan Ramón Troncoso-Pastoriza

Motivation: The majority of genome analysis tools and pipelines require data to be decrypted for access. This potentially leaves sensitive genetic data exposed, either because the unencrypted data is not removed after analysis, or because the data leaves t ...
OXFORD UNIV PRESS2021

Trust as a Programming Primitive

Adrien Ghosn

Programming has changed; programming languages have not.Modern software embraced reusable software components, i.e., public libraries, and runs in the cloud, on machines that co-locate applications from various origins.This new programming paradigm leads t ...
EPFL2021

Beyond Security and Efficiency: On-Demand Ratcheting with Security Awareness

Serge Vaudenay, Andrea Felice Caforio, Fatma Betül Durak

Secure asynchronous two-party communication applies ratcheting to strengthen privacy, in the presence of internal state exposures. Security with ratcheting is provided in two forms: forward security and post-compromise security. There have been several suc ...
2021

Malware in the SGX supply chain: Be careful when signing enclaves!

Rafael Pereira Pires, Pascal Felber

Malware attacks are a significant part of the new software security threats detected each year. Intel Software Guard Extensions (SGX) are a set of hardware instructions introduced by Intel in their recent lines of processors that are intended to provide a ...
2020

Symmetric Asynchronous Ratcheted Communication with Associated Data

Serge Vaudenay, Hailun Yan

Following up mass surveillance and privacy issues, modern secure communication protocols now seek strong security, such as forward secrecy and post-compromise security, in the face of state exposures. To address this problem, ratcheting was thereby introdu ...
Springer, Cham2020

Graph Chatbot

Chattez avec Graph Search

Posez n’importe quelle question sur les cours, conférences, exercices, recherches, actualités, etc. de l’EPFL ou essayez les exemples de questions ci-dessous.

AVERTISSEMENT : Le chatbot Graph n'est pas programmé pour fournir des réponses explicites ou catégoriques à vos questions. Il transforme plutôt vos questions en demandes API qui sont distribuées aux différents services informatiques officiellement administrés par l'EPFL. Son but est uniquement de collecter et de recommander des références pertinentes à des contenus que vous pouvez explorer pour vous aider à répondre à vos questions.