Information on related events Meetings of Security Seminar and Club The Security Seminar and Club Meetings are on most Thursdays at 2pm during term time, in the Informatics Forum room 4.31/33. Seminars will be advertised on our security-privacy@inf.ed.ac.uk as well as the general Informatics seminars list. The Club meetings are advertised to the separate list security-club@inf.ed.ac.uk mailing list. Generally, Seminars alternate with the Club meetings. The Club meetings are less formal, and include work in progress talks, reading group sessions led by locals, etc. 6 Nov - Steven Murdoch - Payment Security: Attacks & Defences This talk provides a summary of research in payment system security mechanisms and the fraud techniques which are designed to break or bypass these measures. This includes the EMV protocol, along with an illustration of how skimming attacks and the no-PIN attack exploit protocol weaknesses. I will also cover the man-in-the-browser attack against online banking, and how transaction authentication is intended to defend against this. Finally I will describe how security usability is lacking in many current payment systems, and how this results in liability for fraudulent payments being unfairly shifted to the victims. 25 Jul - Markulf Kolweiss - Proving Fast and Slow: A Proof of Cryptobox using Algebraic Rules instead of Boilerplate Cryptographic protocols often compose multiple primitives. The proof of security of the protocol contains reductions that are to the most part conceptually easy but complicated because they have to simulate the full behaviour of the protocol. These long reductions often stretch tens of pages and can obscure the interesting aspects of the proof. Consequently the proofs are hard to get right and difficult to read and verify. 24 Jul - Yvo Desmedt - Internet Voting on Insecure Platforms Due to massive hacking and the Snowden leak, the public at large is aware that modern computers and ``secure'' communication over the Internet cannot be fully trusted. The research on booth based voting (where one can trust the voting equipment) has been going on for more than 35 years. However, the legislature and the public want voting over the Internet. In such setting, to be realistic, one has to assume the voter's platform might be hacked. 11 Apr - Petros Wallden - TBA TBA 10 Apr - Petros Wallden - TBA TBA 23 Mar - Louiza Papachristodoulou - Online Template Attacks Side-Channel Attacks (SCA) constitute a constant threat for secure cryptographic implementations. In this talk, after a short introduction to SCA, I am going to present a new powerful attack technique, called Online Template Attacks. 2 Feb - Jean Paul Degabriele - A Surfeit of SSH Cipher Suites This work presents a systematic analysis of symmetric encryption modes for SSH that are in use on the Internet, providing deployment statistics, new attacks, and security proofs for widely used modes. 12 Jan - Protecting Provenance Information Provenance information can be used to help users establish how much they are willing to believe a piece of data, or inform them how it should be used. But what happens when the provenance itself cannot be believed? 2016 Events A listing of previous events. Past events A listing of previous events. This article was published on 2024-11-22
