30/11/2016 – Talk by Moreno Ambrosin (University of Padova)

Title: Secure and Scalable Services for the Internet of Things, and Past and Ongoing Effort in the Security of Software-Defined Networking
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Moreno Ambrosin
Abstract:
In recent years, the advent of Internet of Things (IoT) is populating the world with billions of low cost heterogeneous interconnected devices. IoT devices are quickly penetrating in many aspects of our daily lives, and enabling new innovative services, ranging from fitness tracking, to factory automation. Unfortunately, their wide use, as well as their low-cost nature, make IoT devices also an attractive target for attackers, which may exploit them to perform DoS attacks, or violate the privacy of end users. Furthermore, the potentially very large scale of IoT systems makes the use of existing security solutions unfeasible.
In this talk I will give an overview of our research effort in defining secure and scalable protocols and mechanisms for IoT services, and in particular for: (1) efficient and secure device management at large scale (commands and software distribution, and device sanity check); and (2) privacy-preservation in three representative IoT-enabled services and tasks: location-based services, advanced metering infrastructures, and decentralized consensus in a multi-agent systems. Finally, in the last part of this talk I will briefly introduce past, and ongoing research work of our group in Software-Defined Networking security.

15/11/2016 – Talk by Andrea Marin

Title: Fair workload distribution for multi-server systems with pulling strategies
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Andrea Marin
Abstract:
In this talk we present the paper that has received the best paper award at the conference Valuetools 2016.

We consider systems with a single queue and multiple parallel servers. Each server fetches a job from the queue immediately after completing its current work. We propose a pulling strategy that aims at achieving a fair distribution of the number of processed jobs among the servers. We show that if the service times are exponentially distributed then our strategy ensures that in the long run the expected difference among the processed jobs at each server is finite while maintaining a reasonable throughput.
We give the analytical expressions for the stationary distribution and the relevant stationary performance indices like the throughput and the system’s balance.
Interestingly, the proposed strategy can be used to control the join-queue length in fork-join queues and the analytical model gives the closed form expression of the performance indices in saturation.

Best Paper Award Valuetools 2016

The paper entitled:
“Fair workload distribution for multi-server systems with pulling strategies”
authored by Andrea Marin and Sabina Rossi has been awarded with the “best paper award” at Valuetools 2016.

Congratulations to the authors!

08/11/2016 – Talk by Filippo Cavallin

Title: Multi-Step Discrete Time Process Algebra (MuPA)
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Filippo Cavallin
Abstract:
We consider Discrete Time Markov Chains with synchronous behaviour, i.e. models in which multiple events may occur at each recorded time in the model. This is based on a conceptual model in which the discrete times are sampling points when the system is observed and at each instant all events that have occurred since the previous observation point will be noted. We propose the first process algebra which is capable of capturing such systems and demonstrate its application to discrete time queues both in isolation and forming networks.

05/10/2016 – Talk by Stefano Calzavara

Title: Theory and Practice of CSP
Time: 13:00
Location: Meeting room, Building Zeta
Type: Research Result
Speaker: Stefano Calzavara
Abstract:Content Security Policy (CSP) is a recent W3C standard introduced to prevent and mitigate the impact of content injection vulnerabilities on websites. In this talk we present a systematic, large-scale analysis of the effectiveness of the current CSP deployment, focusing on four key aspects: browser support, website adoption, correct configuration and constant maintenance. Our analysis shows that browser support for CSP is largely satisfactory, with the exception of few notable issues, but unfortunately there are several shortcomings relative to the other three aspects. CSP appears to have a rather limited deployment as yet and, more crucially, existing policies exhibit a number of weaknesses and misconfiguration errors. Moreover, content security policies are not regularly updated to ban insecure practices and remove unintended security violations. We finally discuss how formal methods are an effective tool to substantiate the claims of our empirical evaluation.

28/10/2016 – Talk by Matteo Maffei

Title: Security and Privacy for Cloud Storage
Time: 13:00
Location: Meeting room
Type: Research Result
Speaker: Matteo Maffei (Saarland University)
Abstract: Cloud storage has rapidly become a cornerstone of many IT infrastructures, constituting a seamless solution for the backup, synchronization, and sharing of large amounts of data. Putting user data in the direct control of cloud service providers, however, raises security and privacy concerns related to the integrity of outsourced data, the accidental or intentional leakage of sensitive information, the profiling of user activities and so on. Furthermore, even if the cloud provider is trusted, users having access to outsourced files might be malicious and misbehave. These concerns are particularly serious in sensitive applications like personal health records and credit score systems.
To tackle this problem, we present GORAM, a cryptographic system that protects the secrecy and integrity of outsourced data with respect to both an untrusted server and malicious clients, guarantees the anonymity and unlinkability of accesses to such data, and allows the data owner to share outsourced data with other clients, selectively granting them read and write permissions. GORAM is the first system to achieve such a wide range of security and privacy properties for outsourced storage. In the process of designing an efficient construction, we developed two new, generally applicable cryptographic schemes, namely, batched zero-knowledge proofs of shuffle and an accountability technique based on chameleon signatures, which we consider of independent interest. We implemented GORAM in Amazon Elastic Compute Cloud (EC2) and ran a performance evaluation demonstrating the scalability and efficiency of our construction.

15/09/2016 – Talk by Matus Nemec

Title: The Million-Key Question – Investigating the Origins of RSA Public Keys
Time: 10:45
Location: Meeting room
Type: Research Result
Speaker: Matus Nemec
Abstract: Can bits of an RSA public key leak information about design and implementation choices such as the prime generation algorithm? We analysed over 60 million freshly generated key pairs from 22 open- and closed source libraries and from 16 different smartcards, revealing significant leakage. The bias introduced by different choices is sufficiently large to classify a probable library or smartcard with high accuracy based only on the values of public keys. Such a classification can be used to decrease the anonymity set of users of anonymous mailers or operators of linked Tor hidden services, to quickly detect keys from the same vulnerable library or to verify a claim of use of secure hardware by a remote party.

Our broad inspection provides a sanity check and deep insight regarding which of the recommendations for RSA key pair generation are followed in practice, including closed-source libraries and smartcards. The classification of the key origins of more than 10 million RSA-based IPv4 TLS keys and 1.4 million PGP keys also provides an independent estimation of the libraries that are most commonly used to generate the keys found on the Internet.

Talk based on: https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/svenda

Title: EACirc – Advancing cryptanalytic methods through evolutionary computing
Time: 11:30
Location: Meeting room
Type: Research Result
Speaker: Matus Nemec
Abstract:Cryptographic algorithms (primitives and protocols) always have to go through elaborate testing by skilled experts to assert their overall security. The history carries many examples of serious flaws in cryptographic algorithms that rise concerns about the design and strength of the primitives.

Some automation is possible in the first phases of a cryptanalysis, e.g., by using randomness testing suites. These tools can be applied to check statistical properties of cryptographic algorithm output, to look for a deviation from randomness. Such a defect signalizes a potential flaw in the algorithm design. Yet such testing suites are limited only to predefined pattern testing for certain statistical defects, therefore others will go unnoticed.

We propose a more open approach based on an automatically generated distinguisher in the form of a multiple-output logic function (MOLF) designed by evolutionary algorithms to search for undesired statistical anomalies in the algorithm output. With contrast to the fixed sets of tests, our approach builds a distinguisher automatically, on-the-fly and adaptively to the evaluated algorithm output. This opens up new possibilities for discovering potential weaknesses that remained hidden from statistical tests and even cryptanalyst sights.

15/09/2016 – Talk by Francesco Palmarini

Title: APDU-level attacks in PKCS#11 devices
Time: 10:00
Location: Meeting room
Type: Research Result
Speaker: Francesco Palmarini
Abstract: We describe attacks on PKCS#11 devices that we successfully mounted by interacting with the low-level APDU protocol, used to communicate with the device. They exploit proprietary implementation weaknesses which allow attackers to bypass the security enforced at the PKCS#11 level. Some of the attacks leak, as cleartext, sensitive cryptographic keys in devices that were previously considered secure. We present a new threat model for the PKCS#11 middleware and we discuss the new attacks with respect to various attackers and application configurations. All the attacks presented in this paper have been timely reported to manufacturers following a responsible disclosure process

Note: The work will presented at the 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016) next week.

14/09/2016 – Talk by prof. Jia Yuan Yu (Concordia Institute of Information System Engineering)

Title: Central-Limit Approach to Risk-aware Markov Decision Processes
Time: 14:00
Location: Meeting room
Type: Research Result
Speaker: Jia Yuan Yu
Abstract: Whereas classical Markov decision processes maximize the expected reward, we consider minimizing the risk. We propose to evaluate the risk associated to a given policy over a long-enough time horizon with the help of a central limit theorem. The proposed approach works whether the transition probabilities are known or not. We also provide a gradient-based policy improvement algorithm that converges to a local optimum of the risk objective.

07/09/2016 – Talk by Mohsin Jafri

Title:  Simulating Depth-based routing in Underwater Networks
Time: 13:45
Location: Meeting room
Type: Research Result
Speaker: Mohsin Jafri
Abstract: In this talk, I will briefly discuss my ongoing research activities. I will present the implementation of a simulator for
studying Depth-Based Routing (DBR) in Underwater Wireless Sensor Networks (UWSNs). One of the major challenges for DBR is the configuration of a parameter called “holding time” which influences the network throughput, response time and energy consumption. I will show how it is possible to use the simulator to support the validation of a choice for a given value of the holding time, as well as other network parameters. The presentation will also discuss the important features that distinguish the implemented simulator with respect to the other ones available in the scientific literature and its validation against previous simulation models or measurements.