Information on related events

Meetings of Security Seminar and Club

The Security Seminar and Club Meetings are on most Thursdays at 2pm during term time, in the Informatics Forum room 4.31/33. Seminars will be advertised on our as well as the general Informatics seminars list. The Club meetings are advertised to the separate list mailing list. Generally, Seminars alternate with the Club meetings. The Club meetings are less formal, and include work in progress talks, reading group sessions led by locals, etc.



6 Nov - Steven Murdoch - Payment Security: Attacks & Defences

This talk provides a summary of research in payment system security mechanisms and the fraud techniques which are designed to break or bypass these measures. This includes the EMV protocol, along with an illustration of how skimming attacks and the no-PIN attack exploit protocol weaknesses. I will also cover the man-in-the-browser attack against online banking, and how transaction authentication is intended to defend against this. Finally I will describe how security usability is lacking in many current payment systems, and how this results in liability for fraudulent payments being unfairly shifted to the victims.

25 Jul - Markulf Kolweiss - Proving Fast and Slow: A Proof of Cryptobox using Algebraic Rules instead of Boilerplate

Cryptographic protocols often compose multiple primitives. The proof of security of the protocol contains reductions that are to the most part conceptually easy but complicated because they have to simulate the full behaviour of the protocol. These long reductions often stretch tens of pages and can obscure the interesting aspects of the proof. Consequently the proofs are hard to get right and difficult to read and verify.

24 Jul - Yvo Desmedt - Internet Voting on Insecure Platforms

Due to massive hacking and the Snowden leak, the public at large is aware that modern computers and ``secure'' communication over the Internet cannot be fully trusted. The research on booth based voting (where one can trust the voting equipment) has been going on for more than 35 years. However, the legislature and the public want voting over the Internet. In such setting, to be realistic, one has to assume the voter's platform might be hacked.

23 Mar - Louiza Papachristodoulou - Online Template Attacks

Side-Channel Attacks (SCA) constitute a constant threat for secure cryptographic implementations. In this talk, after a short introduction to SCA, I am going to present a new powerful attack technique, called Online Template Attacks.

2 Feb - Jean Paul Degabriele - A Surfeit of SSH Cipher Suites

This work presents a systematic analysis of symmetric encryption modes for SSH that are in use on the Internet, providing deployment statistics, new attacks, and security proofs for widely used modes.

12 Jan - Protecting Provenance Information

Provenance information can be used to help users establish how much they are willing to believe a piece of data, or inform them how it should be used. But what happens when the provenance itself cannot be believed?

2016 Events

A listing of previous events.

Past events

A listing of previous events.