Related papers: Attestation Waves: Platform Trust via Remote Power…
Cryptosystem implementations often disclose information regarding a secret key due to correlations with side channels such as power consumption, timing variations, and electromagnetic emissions. Since power and EM channels can leak distinct…
Causal nonseparability is the property underlying quantum processes incompatible with a definite causal order. So far it has remained a central open question as to whether any process with a clear physical realisation can violate a causal…
The electrical power network is a critical infrastructure in today's society, so its safe and reliable operation is of major concern. State estimators are commonly used in power networks, for example, to detect faulty equipment and to…
Self-testing is a method to characterise an arbitrary quantum system based only on its classical input-output correlations, and plays an important role in device-independent quantum information processing as well as quantum complexity…
This paper considers a cyber-physical system under an active eavesdropping attack. A remote legitimate user estimates the state of a linear plant from the state information received from a sensor. Transmissions from the sensor occur via an…
Especially in context of critical urban infrastructures, trust in IoT data is of utmost importance. While most technology stacks provide means for authentication and encryption of device-to-cloud traffic, there are currently no mechanisms…
Information cross-validation can be a powerful tool to detect manipulated, dubious GNSS data. A promising approach is to leverage time obtained over networks a mobile device can connect to, and detect discrepancies between the GNSS-provided…
Semi-device-independent quantum protocols realize information tasks - e.g. secure key distribution, random access coding, and randomness generation - in a scenario where no assumption on the internal working of the devices used in the…
Quantum computers are on the brink of surpassing the capabilities of even the most powerful classical computers. This naturally raises the question of how one can trust the results of a quantum computer when they cannot be compared to…
While the standard formulation of quantum theory assumes a fixed background causal structure, one can relax this assumption within the so-called process matrix framework. Remarkably, some processes, termed causally nonseparable, are…
Due to the constant increase and versatility of IoT devices that should keep sensitive information private, Side-Channel Analysis (SCA) attacks on embedded devices are gaining visibility in the industrial field. The integration and…
Cloud computing is a ubiquitous solution to handle today's complex computing demands. However, it comes with data privacy concerns, as the cloud service provider has complete access to code and data running on their infrastructure. VM-based…
Control-flow attestation unifies the worlds of control-flow integrity and platform attestation by measuring and reporting a target's run-time behaviour to a verifier. Trust assurances in the target are provided by testing whether its…
In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing. SeM uses a small amount of in-chip additional hardware that monitors key communication channels inside the CPU chip, and only acts…
Kettle is an attested build system that produces cryptographically verifiable provenance for software built inside Trusted Execution Environments (TEEs). A Kettle build records the source commit, dependency set, toolchain, build…
A Kubernetes cluster typically consists of trusted nodes, running within the confines of a physically secure datacenter. With recent advances in edge orchestration, this is no longer the case. This poses a new challenge: how can we trust a…
In order to protect user privacy on mobile devices, an event-driven implicit authentication scheme is proposed in this paper. Several methods of utilizing the scheme for recognizing legitimate user behavior are investigated. The…
In recent years, several hacking attacks have broken the security of quantum cryptography implementations by exploiting the presence of losses and the ability of the eavesdropper to tune detection efficiencies. We present a simple attack of…
Suppose one wants to certify that a quantum channel is not entanglement-breaking. I consider all four combinations of trusted and untrusted devices at the input and output of the channel, finding that the most interesting is a trusted…
Remote attestation (RA) is the foundation for trusted execution environments in the cloud and trusted device driver onboarding in operating systems. However, RA misses a rigorous mechanized definition of its security properties in one of…