Katholieke Universiteit Leuven

Displaying 1-40 of 276 results

  • White Papers // Dec 2013

    Key-Recovery Attacks on Various RO PUF Constructions via Helper Data Manipulation

    Physically Unclonable Functions (PUFs) are security primitives that exploit the unique manufacturing variations of an Integrated Circuit (IC). They are mainly used to generate secret keys. Ring Oscillator (RO) PUFs are among the most widely researched PUFs. In this paper, the authors claim various RO PUF constructions to be vulnerable...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2013

    Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation

    Physically Unclonable Functions (PUFs) provide a unique signature for Integrated Circuits (ICs), similar to a fingerprint for humans. They are primarily used to generate secret keys, hereby exploiting the unique manufacturing variations of an IC. Unfortunately, PUF output bits are not perfectly reproducible and non-uniformly distributed. To obtain a high-quality...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2013

    Towards Finding Optimal Differential Characteristics for ARX: Application to Salsa20

    An increasing number of cryptographic primitives are built using the ARX operations: addition modulo 2n, bit rotation and XOR. Because of their very fast performance in software, ARX ciphers are becoming increasingly common. However, there is currently no rigorous understanding of the security of ARX ciphers against one of the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Indifferentiability of Double Length Compression Functions

    Double block length hashing covers the idea of constructing a compression function on 2n bits using an n-bit block cipher. In this paper, the authors present a comprehensive indifferentiability analysis of all relevant double length compression functions. Indifferentiability is a stronger security notion than collision and preimage resistance and ensures...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Fault Injection Modeling Attacks on 65nm Arbiter and RO Sum PUFs via Environmental Changes

    Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. So-called strong PUFs provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. To prevent cloning, modeling of the Challenge-Response Pair (CRP) behavior should be infeasible. Machine Learning (ML) algorithms are a well-known threat. Recently, repeatability...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Secure Compilation of Object-Oriented Components to Protected Module Architectures

    A fully abstract compilation scheme prevents the security features of the high-level language from being by-passed by an attacker operating at a particular lower level. This paper presents a fully abstract compilation scheme from a realistic object-oriented language with dynamic memory allocation, cross-package inheritance, exceptions and inner classes to un-typed...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Security Considerations on Extending PACE to A Biometric-Based Connection Establishment

    The regulations of the European Union (EU) council in 2004 are the basis of the deployment of electronic passports within the EU. Since then EU member states adopt the format and the access protocols to further electronic machine readable travel documents (eMRTD) like national electronic ID cards and electronic residence...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Improving the Security of Session Management in Web Applications

    Session management is a critical component of modern web applications, allowing a server to keep track of user-specific state, such as an authentication status. Unfortunately, many applications deploy session management over an insecure HTTP channel, making them vulnerable to eavesdropping, session hijacking or session fixation attacks. On the contrary, state-of-practice...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    IBIHOP: Proper Privacy Preserving Mutual RFID Authentication

    One of the concerns that come with the use of RFID tags is that these respond to any query. This can be overcome by having mutual authentication between reader and tag. However, the ordering between the two authentication steps is crucial. In this paper, the authors formalize mutual RFID authentication:...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Comparing Dual-Core SMP/AMP Performance on a Telecom Architecture

    In the embedded world, symmetric multiprocessing architectures are currently most popular, however more embedded hardware platforms are being developed with asymmetric multiprocessor architectures. These may enable higher performance and provide cleaner separation of subsystems. Telecom applications are typically designed applying a planar architecture pattern. The goal of the authors' experiments...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Simulated Annealing Attack on Certain Fingerprint Authentication Systems

    In this paper, the authors describe a simple and generic attack against minutiae-based fingerprint authentication systems. The aim of the attack is to construct a fingerprint minutiae template, compliant to ISO/IEC standards, that matches a fixed but unknown target fingerprint. The authors' attack is expected to be most effective against...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    High Precision Discrete Gaussian Sampling on FPGAs

    Lattice-based public key cryptography often requires sampling from discrete Gaussian distributions. In this paper the authors present an efficient hardware implementation of a discrete Gaussian sampler with high precision and large tail-bound based on the Knuth-Yao algorithm. The Knuth-Yao algorithm is chosen since it requires a minimal number of random...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Two Attacks on a White-Box AES Implementation

    White-box cryptography aims to protect the secret key of a cipher in an environment in which an adversary has full access to the implementation of the cipher and its execution environment. In 2002, the researchers proposed a white-box implementation of AES. In 2004, they presented an efficient attack (referred to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Revisiting the BGE Attack on A White-Box AES Implementation

    In 2002, the researcher introduced the concept of white-box cryptography by presenting a white-box implementation of AES. White-box cryptography aims to protect the confidentiality of the secret key of a cipher in a white-box environment. In a white-box environment, an adversary is assumed to have full access to the implementation...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Incremental Hyperproperty Model Checking via Games

    Hyper-properties were proposed as an abstract formalization of security policies, but unfortunately they lack a generic verification methodology. In an attempt to remedy this, the authors introduced the notion of Incremental Hyper-Properties (IHPs), motivated by the observation that they have a clearer and more feasible verification methodology. To show that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Enhancing Transparency with Distributed Privacy-Preserving Logging

    Transparency of data processing is often a requirement for compliance to legislation and/or business requirements. Furthermore, it has recognized as a key privacy principle, for example in the European data protection directive. At the same time, transparency of the data processing should be limited to the users involved in order...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Towards a Secure Kerberos Key Exchange with Smart Cards

    Public key Kerberos (PKINIT) is a standard authentication and key establishment protocol. Unfortunately, it suffers from a security flaw when combined with smart cards. In particular, temporary access to a user's card enables an adversary to impersonate that user for an indefinite period of time, even after the adversary's access...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    Sancus: Low-Cost Trustworthy Extensible Networked Devices with A Zero-Software Trusted Computing Base

    In this paper the authors propose Sancus, security architecture for networked embedded devices. Sancus supports extensibility in the form of remote (even third-party) software installation on devices while maintaining strong security guarantees. More specifically, Sancus can remotely attest to a software provider that a specific software module is running uncompromised,...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    Attack on Liao and Hsiao's Secure ECC-Based RFID Authentication Scheme Integrated with ID-Verifier Transfer Protocol

    The authors proposed a private RFID authentication protocol based on elliptic curve cryptography. Their motivation to switch from symmetric key cryptography to public key cryptography is that this a prerequisite to achieve forward private RFID authentication efficiently at the server (i.e. constant size look-up). To minimize the hardware implementation area,...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    VeriFast: Sound Symbolic Linking in the Presence of Preprocessing

    Formal verification enables developers to provide safety and security guarantees about their code. A modular verification approach supports the verification of different pieces of an application in separation. VeriFast is an annotation-based verifier for C source code that implements symbolic linking to support modular verification. This report describes the process...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2013

    Secure PRNG Seeding on Commercial Off-the-Shelf Microcontrollers

    The generation of high quality random numbers is crucial to many cryptographic applications, including cryptographic protocols, secret of keys, nonces or salts. Their values must contain enough randomness to be unpredictable to attackers. Pseudo-random number generators require initial data with high entropy as a seed to produce a large stream...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2013

    Extended Analysis of DES S-boxes

    For more than three decades, the Data Encryption Standard (DES) was one the most widely used cryptographic algorithms. It is still the dominating block cipher for banking applications. The DES was designed by IBM, verified by NSA and published by the national bureau of standards as a US Federal Information...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Side Channel Modeling Attacks on 65nm Arbiter PUFs Exploiting CMOS Device Noise

    Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. For so-called strong PUFs, the number of Challenge-Response Pairs (CRPs) increases exponentially with the required chip area in the ideal case. They can provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. Modeling of the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Energy Aware Software Evolution for Wireless Sensor Networks

    Wireless Sensor Networks (WSNs) are subject to high levels of dynamism arising from changing environmental conditions and application requirements. Reconfiguration allows software functionality to be optimized for current environmental conditions and supports software evolution to meet variable application requirements. Contemporary software modularization approaches for WSNs allow for software evolution at...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Privacy-Preserving Location-Sharing-Based Services

    Location-Sharing-Based Services (LSBS) are location-based services that allow users to exchange their location in a sporadic manner. Every day, millions of users exchange their location, for example with geo-social services like foursquare, to inform each other about their current location and activities. However, existing LSBS are privacy-invasive because users have...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Security of Countermeasures Against State-of-the-Art Differential Scan Attacks

    Test compression schemes have been claimed to provide a certain level of security against scan-based side-channel attacks. To mitigate these attacks, a number of scan attack countermeasures are proposed in the literature. Recently, a new Differential Scan Attack (DSA) is proposed which focuses on the S-box outputs rather than the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Mar 2013

    Automated Allocation and Configuration of Dual Stack IP Networks

    The manual configuration and management of a modern network infrastructure is an increasingly complex task. This complexity is caused by factors including heterogeneity, a high degree of change and dependencies between configuration parameters. Due to increasing complexity, manual configuration has become time consuming and error prone. This paper proposes an...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2013

    Building a Customizable Business-Process-as-a-Service Application with Current State-of-Practice

    Application-level multi-tenancy is an increasingly prominent architectural pattern in Software-as-a-Service (SaaS) applications that enables multiple tenants (customers) to share common application functionality and resources among each other. This has the disadvantage that multi-tenant applications are often limited in terms of customizability: one application should t the needs of all customers....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2013

    Solving Data-Sensitive Coordination Constraints

    In this paper the authors focused on complex coordination mechanisms based on constraint satisfaction. In particular, it focuses on data-sensitive connectors from the reo coordination language. These connectors restrict how and where data can flow between loosely-coupled components taking into account the data values being exchanged. Unfortunately, existing engines for...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Security and Reliability Properties of Syndrome Coding Techniques Used in PUF Key Generation

    A Physical Unclonable Function (PUF) uniquely identifies identically manufactured silicon devices. To derive keys, a stability algorithm is required. Unlike conventional error correction used in communication systems, a PUF stability algorithm has a dual mandate of accounting for environmental noise while minimally disclosing keying material; the latter, security, aspect is...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Towards a Systematic Literature Review on Secure Software Design

    In recent years numerous researchers have proposed a wide variety of approaches to incorporate security concerns into software design. Unfortunately a Systematic Literature Review (SLR) providing a detailed overview of the state of the art and defining interesting research opportunities is lacking. This creates an extra barrier for (new) researchers...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Privacy-Friendly Checking of Remote Token Blacklists

    Consulting a remote blacklist as part of verifying a token should not come at the cost of privacy. In particular, the blacklist provider should be unable to identify which tokens are being verified. The contents of the blacklist should also be protected; that is, it should not be possible to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Secure Compilation of Object-Oriented Components to Untyped Machine Code

    A fully abstract compilation scheme prevents high-level code security features from being bypassed by an attacker operating at a lower level. This paper presents a fully abstract compilation scheme from a realistic object-oriented language with dynamic memory allocation to untyped machine code. Full abstraction of the compilation scheme relies on...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Access Control in Multi-Party Wireless Sensor Networks

    Emerging real world WSNs seldom exist as single owner, single application, isolated networks, but instead comprise of sensor nodes owned by multiple parties. These sensors offer multiple services to users locally or across the Internet, and travel between multiple WSNs. How-ever, users should only have access to a limited subset...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    StIgMa: Status Information Management for Evolvable Wireless Sensor Networks

    The application of run-time evolvable software stacks promises an increase in the lifetime of wireless sensor network deployments. Besides supporting changing application requirements, said systems allow the underlying platforms to adapt to new environments by replacing system and communication services at runtime. These dynamics across various software layers however complicate...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Smarmy - A Language to Verify the Security of Software Architectures

    In this paper, the authors present smarmy, a formal modeling language intended to verify the security of software architectures. smarmy is created with the practicing software architect in mind. Its semantics are very close to how software architecture would be modeled in UML, while its syntax is similar to Java....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Towards an Automated Pattern Selection Procedure in Software Models

    Software patterns are widely adopted to manage the rapidly increasing complexity of software. Despite their popularity, applying software patterns in a software model remains a time-consuming and error-prone manual task. In this paper, the authors argue that the relational nature of both software models and software patterns can be exploited...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Optimal Collision Security in Double Block Length Hashing with Single Length Key

    The idea of double block length hashing is to construct a compression function on 2n bits using a block cipher with an n-bit block size. All optimally secure double block length hash functions known in the literature employ a cipher with a key space of double block size, 2n-bit. On...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Impossibility Results for Indifferentiability with Resets

    The in-differentiability framework of Maurer, Renner, and Holenstein (MRH) has gained immense popularity in recent years and has proved to be a powerful way to argue security of cryptosystems that enjoy proofs in the random oracle model. Recently, however, Ristenpart, Shacham, and Shrimpton (RSS) showed that the composition theorem of...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2012

    VVID: A Delay Tolerant Data Dissemination Architecture for VANETs Using V2V and V2I Communication

    Vehicular Ad-hoc NETworks (VANETs) have a highly dynamic network topology due to the constant and rapid movement of vehicles. Therefore, communication in VANETs is mostly affected with disruptions and delays as a result of network disconnections and partitions. Moreover increasing the geographical coverage area for data dissemination, keeping the data-delivery...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2011

    Integrated Management of Network and Security Devices in IT Infrastructures

    IT infrastructures just needs to work and at the same time adapt to changing requirements. A significant amount of their downtime is caused by configuration errors and because all other subsystems depend on the network, network errors there have a big impact. Configuration errors are often caused by parameters that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2010

    Middleware for Resource Sharing in Multi-Purpose Wireless Sensor Networks

    In order to improve application reaction times and decrease overall transmission overhead, Wireless Sensor Network (WSN) applications are being developed to push intelligence into the network. In multi-purpose enterprise deployments of WSNs the infrastructure is considered a lightweight service platform that can provide services for multiple concurrent distributed applications. In...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2010

    Expressing and Configuring Quality of Data in Multipurpose Wireless Sensor Networks

    Wireless Sensor Networks (WSNs) are evolving towards interconnected, sensing, processing and actuating infrastructures that are expected to provide services for multiple concurrent applications. In a multipurpose WSN, concurrently running applications share network resources and each may have varying Quality of Data (QoD) requirements. The authors' middleware targets these multi-purpose WSN...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2010

    Security in Context: Analysis and Refinement of Software Architectures

    Security analysis methods can provide correct yet meaningless results if the assumptions underlying the model do not conform to reality. The authors present an approach to analyze the security of software-intensive system architectures that focuses on making these underlying assumptions explicit, so that they can be taken into account. Starting...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2010

    HProxy: Client-Side Detection of SSL Stripping Attacks

    In today's world wide web hundreds of thousands of companies use SSL to protect their customers' transactions from potential eavesdroppers. Recently, a new attack against the common usage of SSL surfaced, SSL stripping. The attack is based on the fact that users almost never request secure pages explicitly, but rather...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2010

    Middleware for Adaptive Group Communication in Wireless Sensor Networks

    While the size and heterogeneity of wireless sensor networks confirm the need and benefit of group communication, an intelligent approach that exploits the interaction pattern and network context is still missing. This paper introduces sensor middleware to dynamically select the most efficient alternative from a set of group communication mechanisms....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Mar 2011

    Challenge-Response Based Secure Test Wrapper for Testing Cryptographic Circuits

    Cryptographic circuits need a special test infrastructure due to security constraints. Typical Design For Testability (DFT) methods, such as scan chains, as applied to most ASICs can not be applied directly to cryptographic chips. These methods, though providing the highest testability, open backdoors or side-channels for attackers to extract secret...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2012

    A Metric to Evaluate Interaction Obfuscation in Online Social Networks

    Online Social Networks (OSNs) have become one of the main communication channels in today's information society, and their emergence has raised new privacy concerns. The content uploaded to OSNs (such as pictures, status updates, comments) is by default available to the OSN provider, and often to other people to whom...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Smarmy - A Language to Verify the Security of Software Architectures

    In this paper, the authors present smarmy, a formal modeling language intended to verify the security of software architectures. smarmy is created with the practicing software architect in mind. Its semantics are very close to how software architecture would be modeled in UML, while its syntax is similar to Java....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2012

    Coinductive Unwinding of Security-Relevant Hyperproperties

    Unwinding relations have been widely used to prove that finite systems are secure with respect to a variety of non-interference policies. The latter are prominent instances of security-relevant hyperproperties. As hyperproperties are defined on potentially in finite systems, a new mathematical development is needed in order to (re)use unwinding relations...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    DEMACRO: Defense Against Malicious Cross-Domain Requests

    In the constant evolution of the web, the simple always gives way to the more complex. Static webpages with click-through dialogues are becoming more and more obsolete and in their place, asynchronous JavaScript requests, Web mash-ups and proprietary plug-ins with the ability to conduct cross-domain requests shape the modern user...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2012

    PESAP: A Privacy Enhanced Social Application Platform

    Now-a-days, social networking sites provide third party application developers with means to access their social graph, by providing a social application platform. Through their users, these developers acquire a significant set of personal information from the social graph. The current protection mechanisms, such as privacy policies and access control mechanisms...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Reusable Formal Models for Secure Software Architectures

    Formal modeling techniques are often disregarded as their semantics are too distant from the mainstream practice of software architecture design, which is dominated by the use of component based modeling and patterns. This paper advocates the need for formal modeling techniques for humans, i.e., software architects who need to precisely...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Secure Compilation to Modern Processors

    The authors present a secure (fully abstract) compilation scheme to compile an object-based high-level language to low-level machine code. Full abstraction is achieved by relying on a fine-grained program counter-based memory access protection scheme, which is part of their low-level target language. They discuss why standard compilers fail to provide...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2012

    A Security Analysis of Emerging Web Standards: HTML5 and Friends, from Specification to Implementation

    Over the past few years, a significant effort went into the development of a new generation of web standards, centered around the HTML5 specification. Given the importance of the web in their society, it is essential that these new standards are scrutinized for potential security problems. This paper reports on...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Formal Analysis of Policies in Wireless Sensor Network Applications

    Since wireless sensor network applications are ever growing in scale and complexity, managers require strong formal guarantees that any changes done to the system can be enacted safely. This paper presents the formalization and analysis of the semantics of policies, tiny software artefacts used to orchestrate wireless sensor network applications....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2012

    Resource Allocation for Cloud-Assisted Mobile Applications

    Mobile devices such as netbooks, smart phones, and tablets have made computing ubiquitous. However, such battery powered devices often have limited computing power for the benefit of an extended runtime. Nevertheless, despite the reduced processing power, users expect to perform the same types of operations as they could do using...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Serene: Self-Reliant Client-Side Protection Against Session Fixation

    The web is the most wide-spread and de facto distributed platform, with a plethora of valuable applications and services. Building stateful services on the web requires a session mechanism that keeps track of server-side session state, such as authentication data. These sessions are an attractive attacker target, since taking over...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Secure Multi-Execution Through Static Program Transformation

    Secure Multi-Execution (SME) is a dynamic technique to ensure secure information flow. In a nutshell, SME enforces security by running one execution of the program per security level, and by reinterpreting input/output operations w.r.t. their associated security level. SME is sound, in the sense that the execution of a program...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2012

    On the Effectiveness of Virtualization-Based Security

    Protecting commodity operating systems and applications against malware and targeted attacks has proven to be difficult. In recent years, virtualization has received attention from security researchers who utilize it to harden existing systems and provide strong security guarantees. This has lead to interesting use cases such as cloud computing where...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2011

    Deploy, Adjust and Readjust: Supporting Dynamic Reconfiguration of Policy Enforcement

    For large distributed applications, security and performance are two requirements often difficult to satisfy together. Addressing them separately leads more often to fast systems with security holes, rather than secure systems with poor performance. For instance, caching data needed for security decisions can lead to security violations when the data...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2011

    Towards Incrementalization of Holistic Hyperproperties

    A hyperproperty is a set of sets of finite or infinite traces over some fixed alphabet and can be seen as a very generic system specification. In this paper, the authors define the notions of holistic and incremental hyperproperties. Systems specified holistically tend to be more intuitive but difficult to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2011

    Automatic and Precise Client-Side Protection Against CSRF Attacks

    A common client-side countermeasure against Cross Site Request Forgery (CSRF) is to strip session and authentication information from malicious requests. The difficulty however is in determining when a request is malicious. Existing client-side countermeasures are typically too strict, thus breaking many existing websites that rely on authenticated cross-origin requests, such...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2011

    Code Pointer Masking: Hardening Applications Against Code Injection Attacks

    In this paper the authors present an efficient countermeasure against code injection attacks. Their countermeasure does not rely on secret values such as stack canaries and protects against attacks that are not addressed by state-of-the-art countermeasures of similar performance. By enforcing the correct semantics of code pointers, they thwart attacks...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2012

    Tuple Cryptanalysis of ARX with Application to BLAKE and Skein

    The authors introduce tuple cryptanalysis, a variant of structural cryptanalysis techniques as square, saturation, integral, internal collision, and multi-set cryptanalysis, the main difference being that tuple cryptanalysis considers ordered rather than unordered multi-sets. This allows cryptanalysts to better trace structural properties within a cipher's internal state. Unlike previous papers that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2011

    Reactive Non-Interference for the Browser

    In this paper, the authors investigate the suitability of non-interference as a replacement for the baseline security policy of a browser, the same-origin-policy. They propose an enforcement mechanism that can enforce non-interference with respect to a broad class of security level posets for the full browser. They prove the security...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2010

    The Security Twin Peaks

    The feedback from architectural decisions to the elaboration of requirements is an established concept in the software engineering community. However, pinpointing the nature of this feedback in a precise way is a largely open problem. Often, the feedback is generically characterized as additional qualities that might be affected by an...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Threshold Implementations of All 3 x 3 and 4 x 4 S-Boxes

    Side-channel attacks have proven many hardware implementations of cryptographic algorithms to be vulnerable. A recently proposed masking method, based on secret sharing and multi-party computation methods, introduces a set of sufficient requirements for implementations to be provably resistant against first-order DPA with minimal assumptions on the hardware. The original paper...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2010

    Dynamic Composition of Cross-Organizational Features in Distributed Software Systems

    Companies offering software services to external customer organizations must ensure that the non-functional requirements of all these customer organizations are satisfied. However, in such a cross-organizational context where services are provided and consumed by different organizations, the implementation of features, for example security, is scattered across the services of the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2009

    Resource Management Middleware to Support Self Managing Wireless Sensor Networks

    In the vision of pervasive computing, technology is integrated throughout the people environment. Wireless Sensor Networks (WSNs) provide support for pervasive computing applications through integration of environmental data. The authors believe that previous approaches to resource management in WSNs are designed to provide support for a specific application and do...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2009

    Challenging VMs on Battery-Powered Embedded Devices

    Many consumer devices, such as portable game consoles or cell-phones, can be described as battery-powered wireless embedded devices. Many of these are not taking advantage of virtual machines, certainly not for their core tasks, instead relying on C or close derivatives for implementing their behaviour. However, faced with software that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2011

    Sensor Middleware to Support Diverse Data Qualities

    Wireless Sensor Network (WSN) applications are traditionally developed on a per-case basis, offering very little reusability or extensibility. Any runtime variability in required data quality is at best addressed by parameterization, reconfiguration and rewiring of existing service compositions. These generic mechanisms can be further optimized if the same data is...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    CrimeSPOT: A Language and Runtime for Developing Active Wireless Sensor Network Applications

    Advances in wireless sensing and actuation technology allow embedding significant amounts of application logic inside wireless sensor networks. Such active WSN applications are more autonomous, but are significantly more complex to implement. Event-based middleware lends itself to implementing these applications. It offers developers fine-grained control over how an individual node...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    LooCI: The Loosely-Coupled Component Infrastructure

    Creating and managing applications for Wireless Sensor Networks (WSNs) is complicated by large scale, resource constraints and network dynamics. Reconfigurable component models minimize these complexities throughout the application lifecycle. However, contemporary component based middleware for WSNs is limited by its poor support for distribution. This paper introduces the Loosely-coupled Component...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Access Control in Multi-Party Wireless Sensor Networks

    Emerging real world WSNs seldom exist as single owner, single application, isolated networks, but instead comprise of sensor nodes owned by multiple parties. These sensors offer multiple services to users locally or across the Internet, and travel between multiple WSNs. How-ever, users should only have access to a limited subset...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    StIgMa: Status Information Management for Evolvable Wireless Sensor Networks

    The application of run-time evolvable software stacks promises an increase in the lifetime of wireless sensor network deployments. Besides supporting changing application requirements, said systems allow the underlying platforms to adapt to new environments by replacing system and communication services at runtime. These dynamics across various software layers however complicate...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2011

    Optimizing Resource Use in Multi-Purpose WSNs

    In multi-purpose Wireless Sensor Networks (WSNs) the infrastructure is considered a light-weight service platform that can provide services for multiple concurrent distributed applications. Concurrently running applications share network resources and each may have varying Quality of Data (QoD) requirements. In this context, the authors' research focuses on optimizing resource use...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2010

    Unified Patterns to Transform Business Rules Into an Event Coordination Mechanism

    Business rules define and constrain various aspects of the business, such as vocabulary, behavior and organizational issues. Enforcing the rules of the business in information systems is however not straightforward, because different mechanisms exist for the (semi-)automatic transformation of various business constraints and rules. In this paper, the authors examine...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2006

    Designing Compliant Business Processes with Obligations and Permissions

    The sequence and timing constraints on the activities in business processes are an important aspect of business process compliance. To date, these constraints are most often implicitly transcribed into controlflow-based process models. This implicit representation of constraints, however, complicates the verification, validation and reuse in business process design. In this...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2007

    Compliant and Flexible Business Processes with Business Rules

    When modeling business processes, the authors often implicitly think of internal business policies and external regulations. Yet to date, little attention is paid to avoid hard-coding policies and regulations directly in control-flow based process models. The standpoint of this analysis is the role of business rule modeling in achieving business...

    Provided By Katholieke Universiteit Leuven