Publicaties
Gekozen filters:
Gekozen filters:
My other car is your car: compromising the Tesla Model X keyless entry system KU Leuven
This paper documents a practical security evaluation of the Tesla Model X keyless entry system. In contrast to other works, the keyless entry system analysed in this paper employs secure symmetric-key and public-key cryptographic primitives implemented by a Common Criteria certified Secure Element. We document the internal workings of this system, covering the key fob, the body control module and the pairing protocol. Additionally, we detail our ...
Toward a Common Performance and Effectiveness Terminology for Digital Proximity Tracing Applications KU Leuven
Digital proximity tracing (DPT) for Sars-CoV-2 pandemic mitigation is a complex intervention with the primary goal to notify app users about possible risk exposures to infected persons. DPT not only relies on the technical functioning of the proximity tracing application and its backend server, but also on seamless integration of health system processes such as laboratory testing, communication of results (and their validation), generation of ...
On Self-Equivalence Encodings in White-Box Implementations KU Leuven
All academic methods to secure software implementations of block ciphers against adversaries with full control of the device have been broken. Despite the huge progress in the cryptanalysis of these white-box implementations, no recent progress has been made on the design side. Most of the white-box designs follow the CEJO framework, where each round is encoded by composing it with small random permutations. While several generic attacks have ...
Exploring the storj network: a security analysis KU Leuven
The recent decade has seen a tremendous increase in volumes of data consumed and generated. Towards storing such data, companies typically make use of centralised cloud storage systems which allow for on-demand scalability and a pay-per-use model. These storage providers, while presenting many benefits, have several downsides in terms of (i) posing as a single point of failure (e.g. data breaches), (ii) featuring the potential for misuse of ...