Information on related events
Meetings of Security Seminar and Club
The Security Seminar and Club Meetings are on most Thursdays at 2pm during term time, in the Informatics Forum room 4.31/33. Seminars will be advertised on our firstname.lastname@example.org as well as the general Informatics seminars list. The Club meetings are advertised to the separate list email@example.com mailing list. Generally, Seminars alternate with the Club meetings. The Club meetings are less formal, and include work in progress talks, reading group sessions led by locals, etc.
6 Nov - Steven Murdoch - Payment Security: Attacks & Defences
This talk provides a summary of research in payment system security mechanisms and the fraud techniques which are designed to break or bypass these measures. This includes the EMV protocol, along with an illustration of how skimming attacks and the no-PIN attack exploit protocol weaknesses. I will also cover the man-in-the-browser attack against online banking, and how transaction authentication is intended to defend against this. Finally I will describe how security usability is lacking in many current payment systems, and how this results in liability for fraudulent payments being unfairly shifted to the victims.
24 Jul - Yvo Desmedt - Internet Voting on Insecure Platforms
Due to massive hacking and the Snowden leak, the public at large is aware that modern computers and ``secure'' communication over the Internet cannot be fully trusted. The research on booth based voting (where one can trust the voting equipment) has been going on for more than 35 years. However, the legislature and the public want voting over the Internet. In such setting, to be realistic, one has to assume the voter's platform might be hacked.
12 Jan - Protecting Provenance Information
Provenance information can be used to help users establish how much they are willing to believe a piece of data, or inform them how it should be used. But what happens when the provenance itself cannot be believed?