Seminar Real World Crypto
The central topic of this seminar are cryptographic pitfalls and attacks. It is co-organized by the groups Codes and Cryptography, Software Engineering and System Security.
The seminar is expected to take place as a block seminar at the end of the lecture period.
Dates & Deadlines
- First week: distribution of topics.
- End of April: Topic consultation
- May 15th: Preliminary seminar thesis version (at least 5 pages) describing the main paper problem.
- June 22nd: Submission deadline of the prefinal seminar thesis.
- July 5th: Submission deadline of the reviews.
- July 17th: Submission deadline of the final version of the seminar thesis.
- July 13th & 14th (13-18h): Block Seminar, Presentation of your work
Depending on the situation in July, the presentations will possibly be held remotely.
The seminar will be organized over Panda.
Registration of Topics
The topics are given in the first meeting.
Grading and Demands
Presentation
20 minutes presentation. 5 minutes discussion and questions.
The best presentation will be awarded! More information will be given in the first meeting.
Seminar thesis
Essay of length about 15 pages written according to the standards of a scientific paper. You can use our templates: cs.uni-paderborn.de/cuk/lehre/studentische-arbeiten/materialien-und-vorlagen/
Reviews
We will follow a peer review procedure similar to scientific publications:
- You submit your thesis (paper) at easychair.org
- Some (2) peers (other students) review your submission:
- Read and understand the submitted paper
- Criticize your paper
- Make recommendations on how to improve
- Be honest, polite, and helpful when writing your reviews
- The reviews you write will influence your final grade
- The reviews you receive will not influence (but your final version)
- Each student has to write 2 reviews (each 1-2 pages)
Depending on the situation in July, the presentations will possibly be held remotely.
Registration of Topics
The topics are given in the first meeting.
Note that there are several topics describing attacks based on complex side channels (e.g., 3, 8,...see below). If you are going to handle such a paper, we do not expect you to understand every subtle specific of these complex side channels. You can abstract them (describe on a high level on 1/2 page) and concentrate on the cryptographic content.
Topics
1. Stevens et al.: The first collision for full SHA-1. eprint.iacr.org/2017/190.pdf
2. Nemec et al.: The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli. crocs.fi.muni.cz/_media/public/papers/nemec_roca_ccs17_preprint.pdf
3. Yarom et al.: CacheBleed: A Timing Attack on OpenSSL ConstantTime RSA. eprint.iacr.org/2016/224.pdf
4. Ronen et al.: Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure. eprint.iacr.org/2018/747.pdf
5. Ronen et al.: The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations. eprint.iacr.org/2018/1173.pdf
6. Calzavara et al.: Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem. secgroup.github.io/tlswebscan/
7. Ukrop and Matyas: Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability. crocs.fi.muni.cz/_media/publications/pdf/2018-rsa-ukrop.pdf
8. Moghimi et al.: TPM-FAIL: TPM meets Timing and Lattice Attacks. tpm.fail/tpmfail.pdf
9. Van Bulck et al.: Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. foreshadowattack.eu
10. Breitner and Heninger: Biased Nonce Sense: Lattice Attacks againstWeak ECDSA Signatures in Cryptocurrencies. eprint.iacr.org/2019/023.pdf
11. Vanhoef and Ronen: Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. eprint.iacr.org/2019/383.pdf
12. Cohney et al.: Pseudorandom Black Swans: Cache Attacks on CTR DRBG. eprint.iacr.org/2019/996.pdf
13. Cohney, Green, Heninger: Practical state recovery attacks against legacy RNG implementations. duhkattack.com/paper.pdf
14. Checkoway et al.: A Systematic Analysis of the Juniper Dual EC Incident. eprint.iacr.org/2016/376.pdf
15. Biham and Neumann: Breaking the Bluetooth Pairing - Fixed Coordinate Invalid Curve Attack. crypto.iacr.org/2019/affevents/wac/medias/Neumann-BreakingBluetoothPairing.pdf
16. Antonioli, Tippenhauer, Rasmussen: The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR. www.usenix.org/conference/usenixsecurity19/presentation/antonioli
17. Mladenov et al.: 1 Trillion Dollar Refund: How To Spoof PDF Signatures. www.nds.ruhr-uni-bochum.de/media/ei/veroeffentlichungen/2019/06/28/PDF_Signature.pdf
18. Müller et al.: Practical Decryption exFiltration: Breaking PDF Encryption. www.nds.ruhr-uni-bochum.de/media/ei/veroeffentlichungen/2019/09/30/paper-pdf_encryption-ccs2019.pdf
19. Gorski et al.: Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic {API} Misuse. www.usenix.org/conference/soups2018/presentation/gorski
20. Paletov et al.: Inferring crypto API rules from code changes. files.sri.inf.ethz.ch/website/papers/diffcode-pldi2018.pdf
21. Rahaman et al.: CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects. arxiv.org/pdf/1806.06881.pdf