IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas

Charlas Invitadas

Julien Gamba

Tuesday, March 17, 2020

10:45am Meeting room 302 (Mountain View), level 3

Julien Gamba, PhD Student, IMDEA Networks Institute, Madrid

An Analysis of Pre-installed Android Software

Abstract:

The open-source nature of the Android OS makes it possible for manufacturers to ship custom versions of the OS along with a set of pre-installed apps, often for product differentiation. Some device vendors have recently come under scrutiny for potentially invasive private data collection practices and other potentially harmful or unwanted behavior of the preinstalled apps on their devices. Yet, the landscape of preinstalled software in Android has largely remained unexplored, particularly in terms of the security and privacy implications of such customizations. In this paper, we present the first large scale study of pre-installed software on Android devices from more than 200 vendors. Our work relies on a large dataset of real-world Android firmware acquired worldwide using crowd-sourcing methods. This allows us to answer questions related to the stakeholders involved in the supply chain, from device manufacturers and mobile network operators to third-party organizations like advertising and tracking services, and social network platforms. Our study allows us to also uncover relationships between these actors, which seem to revolve primarily around advertising and data-driven services. Overall, the supply chain around Android's open source model lacks transparency and has facilitated potentially harmful behaviors and backdoored access to sensitive data and services without user consent or awareness. We conclude the paper with recommendations to improve transparency, attribution, and accountability in the Android ecosystem.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Alberto Ros

Thursday, March 05, 2020

10:45am Meeting room 302 (Mountain View), level 3

Alberto Ros, Associate Research Professor, Universidad de Murcia

Non-Speculative and Invisible Reordering of Memory Operations

Abstract:

High-performance multicores providing strong consistency guarantees speculatively reorder memory operations. If a memory reordering is seen by other cores, speculative operations are squashed and re-executed. This talk presents the concept of non-speculative and invisible reordering of memory operations, the foundation on which the ECHO project (an ERC Consolidator Grant) is based on. The talk offers a background about memory-level speculation in current multicores. Then, it shows that, for the case of the load-load reordering, is not necessary to squash and re-execute reordered loads to guarantee the load-load order. It also presents a case for store-store ordering, which allows for the first time cost-effective store coalescing with strong consistency. Finally, it discusses solutions for secure speculative execution.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Borzoo  Bonakdarpour

Tuesday, February 25, 2020

10:45am Meeting room 302 (Mountain View), level 3

Borzoo Bonakdarpour, Assistant Research Professor, Iowa State University

Synthesis of Parametrized Distributed Self-stabilizing Protocols

Abstract:

Program synthesis is often called the "holy grail" of computer science, as it enables users to refrain from error-prone software development process and focus on only analyzing the intended behavior of the system. Thus, program synthesis exhibits its power in automatic generation of intricate and complex parts of a system as well as in repetitive programming tasks, and bringing the power of programming to the average computer user who may not possess sophisticated programming skills. A particular area where program synthesis can play a central role is in distributed systems due to their inherent complex nature. This talk will present our recent results and breakthroughs in synthesizing parameterized distributed self-stabilizing algorithms.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Carsten Baum

Monday, February 24, 2020

10:45am Meeting room 302 (Mountain View), level 3

Carsten Baum, Post-doctoral Researcher, Aarhus University, Denmark

Efficient Constant-Round MPC with Identifiable Abort and Public Verifiability

Abstract:

Recent years have seen a tremendous growth in the interest in secure multiparty computation (MPC) and its applications. While much progress has been made concerning its efficiency, many current, efficient protocols are vulnerable to Denial of Service attacks, where a cheating party may prevent the honest parties from learning the output of the computation, whilst remaining anonymous. The security model of identifiable abort aims to prevent these attacks, by allowing honest parties to agree upon the identity of a cheating party, who can then be excluded in the future. Several existing MPC protocols offer security with identifiable abort against a dishonest majority of corrupted parties. However, all of these protocols have a round complexity that scales linearly with the depth of the circuit, so are unsuitable for use in high latency networks. In this work, we present the first efficient MPC protocols with identifiable abort in the dishonest majority setting, which run in a constant number of rounds and make only black-box use of cryptographic primitives. Our main construction is built from highly efficient primitives in a careful way to achieve identifiability at a low cost. In particular, we avoid the use of public-key operations outside of a setup phase, incurring a relatively low overhead on top of the fastest currently known constant-round MPC protocols based on garbled circuits. In addition, we show how to upgrade our protocol to achieve public verifiability using a public bulletin board, allowing any external party to verify correctness of the computation and identify a cheating party.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Jaron Skvosted Gundersen

Thursday, February 20, 2020

10:45am Meeting room 302 (Mountain View), level 3

Jaron Skvosted Gundersen, PhD Student, Aalborg University, Denmark

Improved Bounds on the Threshold Gap in Ramp Secret Sharing

Abstract:

In secret sharing a dealer holds a secret and wants to distribute it among several parties in such a way that the individuals do not learn the secret. However, if several of the parties unite their shares they are able to reconstruct the secret. Secret sharing has several applications such as distributed storage and secure multiparty computation. For different applications it is desired to have different properties for the secret sharing scheme used. Such properties can be linearity, low share size compared to the secret size, low reconstruction, and high privacy. In this talk, I will present some bounds connecting some of these properties. These bounds give some restrictions on what we can achieve for secret sharing schemes. The talk is based on results from the paper "Improved Bounds on the Threshold Gap in Ramp Secret Sharing" by Ignacio Cascudo, Jaron Skovsted Gundersen and Diego Ruano, published in IEEE Transactions on Information Theory.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Roberto Di Cosmo

Thursday,February 13, 2020

3:15pm Lecture hall 1, level B

Roberto Di Cosmo, Research Professor, INRIA Paris, France

Archiving, assessing and attributing research software: towards software as a first class citizen in the scholarly world

Abstract:

Software is a fundamental pillar of modern scientific research, across all fields and disciplines. However, there is a general lack of adequate means to archive, reference and cite software. In this talk, we will survey the main issues that make this task difficult, ranging from the specificity of the persistent identifiers needed for reproducibility to the complexity of determining software authorship and authority, especially for long running projects, which are needed for proper software attribution and credit. We report on recent contributions to the ongoing efforts to develop proper processes, guidelines and recommendations for software reference and software citation, building upon the internal experience of Inria and the emerging Software Heritage infrastructure.


Time and place:
3:15pm Lecture hall 1, level B
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Ida Tucker

Wednesday, January 15, 2020

10:45am Meeting room 302 (Mountain View), level 3

Ida Tucker, PhD Student,

Distributing the elliptic curve digital signature algorithm both securely and efficiently

Abstract:

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a widely adopted digital signature standard; in particular it is employed to validate bitcoin transactions. In this context, the theft of a secret signing key results in an immediate financial loss, thereby creating a single point of failure. An interesting solution to reduce the risk of key theft is that of sharing the secret signing key among various devices, such that a signature can only be produced if these devices collaborate to jointly produce a signature, thereby distributing the signature protocol. In this talk I will focus on the two party case, which allows for instance to share a secret key between a mobile phone and a laptop. Unfortunately, efficient distributed variants of ECDSA are notoriously hard to achieve and prior to our work, solutions required expensive zero knowledge proofs to deal with malicious adversaries (MacKenzie et al. (Crypto’01)), relied on non standard interactive assumptions (Lindell (Crypto’17)) or induced a high communication cost (Doerner et al. (IEEE S&P’18)). I will explain how, in a recent article from Crypto’19 we overcome all of the above drawbacks, and — using class groups of imaginary quadratic fields — provide a provably secure two party ECDSA protocol, relying only on standard assumptions, which is the most efficient to date in terms of bandwidth consumption while remaining competitive in terms of timings. I will further justify that — by resorting to two recently introduced computational assumptions on class groups — we can dramatically improve the efficiency of the zero knowledge proofs needed by our protocol (and thereby that of the overall protocol).


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Samira Briongos

Tuesday, January 14, 2020

10:45am Meeting room 302 (Mountain View), level 3

Samira Briongos, Post-doctoral Researcher, UPM

RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks

Abstract:

Caches have become the prime method for unintended information extraction across logical isolation boundaries. They are widely available on all major CPU platforms and, as a side-channel, caches provide great resolution, making them the most convenient channel for Spectre and Meltdown. As a consequence, several methods to stop cache attacks by detecting them have been proposed. Detection is strongly aided by the fact that observing cache activity of co-resident processes is not possible without altering the cache state and thereby forcing evictions on the observed processes. In this work, we show that this widely held assumption is incorrect. Through clever usage of the cache replacement policy, it is possible to track cache accesses of a victim's process without forcing evictions on the victim' s data. Hence, online detection mechanisms that rely on these evictions can be circumvented as they would not detect the introduced RELOAD+REFRESH attack. The attack requires a profound understanding of the cache replacement policy. We present a methodology to recover the replacement policy and apply it to the last five generations of Intel processors. We further show empirically that the performance of RELOAD+REFRESH on cryptographic implementations is comparable to that of other widely used cache attacks, while detection methods that rely on L3 cache events are successfully thwarted.


Time and place:
10:45am Meeting room 302 (Mountain View), level 3
IMDEA Software Institute, Campus de Montegancedo
28223-Pozuelo de Alarcón, Madrid, Spain


Charlas Invitadas - 2019