Physical attacks against cryptographic devices typically take advantage of information leakage (e.g., side-channels attacks) or erroneous computations fault injection attacks). Preventing detecting these has become a challenging task in modern research. In this context intrinsic physical properties integrated circuits, such as Physical(ly) Unclonable Functions~(PUFs), can be used to complement classical constructions, and enhance the security devices. PUFs have recently been proposed for...

Proofs of Retrievability (POR) are cryptographic proofs that enable a cloud provider to prove user can retrieve his file in its entirety. POR need be frequently executed by the ensure their files stored on fully retrieved at any point time. To conduct and verify POR, users equipped with devices have network access, tolerate (non-negligible) computational overhead incurred verification process. This clearly hinders large-scale adoption users, since many increasingly rely portable limited...

Software attestation has become a popular and challenging research topic at many established security conferences with an expected strong impact in practice. It aims verifying the software integrity of (typically) resource-constrained embedded devices. However, for practical reasons, cannot rely on stored cryptographic secrets or dedicated trusted hardware. Instead, it exploits side-channel information, such as time that underlying device needs specific computation. As traditional solutions...

Cloud storage providers such as Dropbox and Google drive heavily rely on data deduplication to save costs by only storing one copy of each uploaded file. Although recent studies report that whole file can achieve up 50% reduction, users do not directly benefit from these savings-as there is no transparent relation between effective the prices offered users. In this paper, we propose a novel solution, ClearBox, which allows service provider transparently attest its customers patterns...

Due to the increased use of devices with restricted resources such as limited area size, power or energy, community has developed various techniques for designing lightweight ciphers. One approach that is increasingly discussed cipher key stored on device in non-volatile memory not only initialization registers but during encryption/decryption process well. Recent examples are ciphers Midori (Asiacrypt’15) and Sprout (FSE’15). This may one hand help save resources, also allow a stronger...

Due to the increased use of devices with restricted resources such as limited area size, power or energy, community has developed various techniques for designing lightweight ciphers. One approach that is increasingly discussed cipher key stored on device in non-volatile memory not only initialization registers but during encryption/decryption process well. Recent examples are ciphers Midori (Asiacrypt’15) and Sprout (FSE’15). This may one hand help save resources, also allow a stronger...

Hundred millions of Internet Things devices implement ZigBee, a low-power mesh network standard, and the number is expected to be growing. To facilitate an easy integration new into ZigBee network, touchlink commissioning was developed. It adopted in latest specifications, 3.0, which were released public December 2016, as one two options for devices. 3.0 products can used various applications, also including security-critical such door locks intruder alarm systems. The aim this work warn...

ABSTRACT Cryptocurrency exchanges have become a multi‐billion dollar industry. Although these platforms are not only relevant for economic reasons but also from privacy and legal perspective, empirical studies investigating the operations of cryptocurrency behavior their users surprisingly rare. A notable exception is study analyzing exchange ShapeShift . While this described new heuristics to retrieve significant fraction trades made on plaform, its approach relied identifying transactions...

Aggregator nodes commonly have the ability to read, corrupt or disrupt flow of information produced by a wireless sensor network (WSN). Despite this fact, existing aggregator node election schemes do not address an adversary that strives influence process towards candidate it controls. We discuss requirements need be fulfilled non-manipulable protocol. conclude these can satisfied distributed random number generator function in which no is able determine output function. provide and compare...