Papers by Sebastian Banescu
blogdir.ro
This paper describes the design and implementation of a distributed system used for storing and r... more This paper describes the design and implementation of a distributed system used for storing and retrieving personal health records. The central repository is protected by the ciphertext-policy attribute-based encryption scheme. The implementation was done using Java and the jPBC [4] library for pairing-based cryptography.
blogdir.ro
3G is the third generation digital network developed by 3GPP to provide telecommunication service... more 3G is the third generation digital network developed by 3GPP to provide telecommunication services to users. Although claimed to be secure, scientific literature proves that 3G design remains vulnerable to malicious actions. As a response to the security issues faced by 3G, a new security architecture was developed for Long Term Evolution (LTE). This paper presents the main security features of 3G and LTE digital cellular networks and provides an in depth view of the network access security and network domain security. A denial of service attack against the presence service supported in 3G network as well as two attacks against the cryptographic ciphers KASUMI and SNOW3G used in currently deployed systems are also described in detail. Finally, general remarks and conclusions regarding the security of 3G and LTE networks are given.
We know that several chemicals can be combined to form explosives. Therefore, we do not want thes... more We know that several chemicals can be combined to form explosives. Therefore, we do not want these to end up in airplanes together. Similarly, in the architecture of complex systems, it is often possible to combine the results of several system services to acquire illegitimate benefits or disrupt operation. For example, in what is called simboxing, telephone services are purchased from different providers, and a composite service is set up which redirects incoming calls to the service purchased from the target provider, bypassing interconnection fees. Due to their complex nature, such attacks are extremely hard to predict and prevent. This paper provides a first systematic description and classification of the phenomenon of system abuse by service composition, as well as an analysis to identify the most common types of attacks in the design phase. We employ attack trees to express ways to achieve the goal of obtaining a service at a cost lower than the regular amount charged. We use the purchase of railway tickets as a running example, where the atomic services are the rights to travel between two directly adjacent stations. These can potentially be composed in various ways to travel cheaper, for example where there are stations A, B, and C on a railway line, and a single ticket from B to A via C is cheaper than a return ticket from B to C. Our method provides the foundations for systematically discovering such issues.
This thesis report is the result of my graduation project, which concludes the master program Inf... more This thesis report is the result of my graduation project, which concludes the master program Information Security Technology, a special track of Computer Science and Engineering at the Eindhoven University of Technology. The project was carried out within the Healthcare Information Management department of Philips Research B.V. in collaboration with the Security group (SEC) of the department of Mathematics and Computer Science at the Eindhoven University of Technology. I would like to express the deepest gratitude to my supervisor, Prof. Milan Petković and my tutor Dr. Nicola Zannone, who have guided and encouraged me throughout this period. Their comments, suggestions, and advice were invaluable to the completion of this work. I wish all students the honor and opportunity of working with either Prof. Petković or Dr. Zannone. Additionally, I am indebted to the staff of the Healthcare Information Management department of Philips Research B.V., especially to my on site supervisor, Dr. Mina Deng for accommodating me during this period, and for creating such a pleasant and propitious work environment. Moreover, I would like to thank Arya Adriansyah, Andrei Calin and Ya Liu for helping me with valuable advice during the experimental validation process. Last but not least, I would like to express my gratitude to my wife; without her help, support and encouragement this work would not be the same.
blogdir.ro
This paper summarizes the work of Davis , which presents how the naïve use of public-key cryptogr... more This paper summarizes the work of Davis , which presents how the naïve use of public-key cryptographic layers can lead to various attacks.
This paper presents several side-channel attacks based on timing information leaked from CPU cach... more This paper presents several side-channel attacks based on timing information leaked from CPU cache memory. The attacks are focused towards cryptographic ciphers that have an implementation based on lookup tables. Several attacks lead to a recovery of a major part of the secret key, such that an exhaustive search on the rest of the undetermined bits becomes computationally feasible. This attack is possible due to the data-dependent lookups performed during the encryption process. Since encryptions are performed in variable amounts of time this leads to a correlation between the time and data. By making some wise assumptions based also on the cipher structure, the attacker is able to extract the secret key from the earlier correlation. The paper also discusses the applicability of these attacks and offers some countermeasures.
researchgate.net
In the last decade, the popularity of Online Social Networks (OSNs) has considerably increased. N... more In the last decade, the popularity of Online Social Networks (OSNs) has considerably increased. Nowadays, OSNs connect hundreds of millions of users daily. Consequently, individuals have started to manifest a real concern regarding the amount of private information shared and displayed online. Three distinct threat sources can be identified: the user itself, direct or indirect connections of users and finally, OSN providers. User friendly privacy control settings have become very important features for OSNs. However, it still remains up to each user to adopt and apply those settings that best correspond with her privacy goals. Even when appropriately applied, most privacy protection mechanisms provided by OSNs do not eliminate all the possible threats. In this paper we present existing privacy threats that OSN users are exposed to. We discuss about conflicts, how they appear and how they create opportunities for threats. A set of existing solutions to enhance privacy protection are also covered in this work.
Biometric systems have become ubiquitous in strict security systems. However there is no such thi... more Biometric systems have become ubiquitous in strict security systems. However there is no such thing as a perfect physiological feature. From fingerprint to iris, a designer has to make compromises to obtain an efficient system with the desired level of security and a limited budget. Vein networks underneath the human skin provide a robust recognition pattern, that implies low costs. This document presents the design and implementation details of a hand-vein recognition system. The main contributions are: (i) a region of interest detection algorithm by border tracing and (ii) using Speeded-Up Robust Features for hand-vein patterns. The results are not state of the art; nevertheless some interesting conclusions are presented.
The Internet is continuously extending to mobile devices. This implies that applications should b... more The Internet is continuously extending to mobile devices. This implies that applications should be tailored to make efficient use of the limited resources of such devices. Mobile agents are a promising solution for this purpose. However, secure protocols are required in order to assure confidentiality and integrity of the data such an agent collects. This paper describes 6 such security protocols presented in the scientific literature. These protocols are analyzed with respect to a series of security requirements that should be satisfied by such protocols. An overview of some published attacks on these protocols and the proposed solutions is also presented.
Unpredictable Random Number Generator Based on Hardware Performance Counters
Digital Information Processing and …, 2011
Security Measurements and Metrics ( …, 2011
Business Process Management, 2012
Nowadays, repurposing of personal data is a major privacy issue. Detection of data repurposing re... more Nowadays, repurposing of personal data is a major privacy issue. Detection of data repurposing requires posteriori mechanisms able to determine how data have been processed. However, current a posteriori solutions for privacy compliance are often manual, leading infringements to remain undetected. In this paper, we propose a privacy compliance technique for detecting privacy infringements and measuring their severity. The approach quantifies infringements by considering a number of deviations from specifications (i.e., insertion, suppression, replacement, and re-ordering).
Implementing true random number generators by generating crosstalk effects in FPGA chips
Proceedings of the 6th …, 2009
Software Random Number Generation Based on Race Conditions
Symbolic and Numeric …, 2008
ACM SIGARCH Computer …, 2011
The implementation of high-precision floating-point applications on reconfigurable hardware requi... more The implementation of high-precision floating-point applications on reconfigurable hardware requires a variety of large multipliers: Standard multipliers are the core of floating-point multipliers; Truncated multipliers, trading resources for a well-controlled accuracy degradation, are useful building blocks in situations where a full multiplier is not needed. This work studies the automated generation of such multipliers using the embedded multipliers and adders present in DSP blocks of current FPGAs. The optimization of such multipliers is expressed as a tiling problem where a tile represents a hardware multiplier and super-tiles are the wiring of several hardware multipliers making efficient use of the DSP internal resources. This tiling technique is shown to adapt to full or truncated multipliers. It addresses arbitrary precisions including single, double but also in the quadruple precision introduced by the IEEE-754-2008 standard and currently unsupported by processor hardware. An open-source implementation is provided in the FloPoCo project.
Uploads
Papers by Sebastian Banescu