Colin Boyd
YOU?
Author Swipe
View article: Introduction to the Special Issue on TLS 1.3
Introduction to the Special Issue on TLS 1.3 Open
The Transport Layer Security (TLS) protocol is known as one of the most important and widely-used security protocols.It emerged in the 1990s from the proprietary SSL protocol, originally designed for securing web traffic in the Netscape br…
View article: A Modern View on Forward Security
A Modern View on Forward Security Open
Forward security ensures that compromise of entities today does not impact the security of cryptographic primitives employed in the past. Such a form of security is regarded as increasingly important in the modern world due to the existenc…
View article: A Blockchain Model in Tamarin and Formal Analysis of Hash Time Lock Contract
A Blockchain Model in Tamarin and Formal Analysis of Hash Time Lock Contract Open
Formal analysis and verification methods can aid the design and validation of security properties in blockchain based protocols. However, to generate a reasonable and correct verification, a proper model for the blockchain is needed. In th…
View article: Towards protected VNFs for multi-operator service delivery
Towards protected VNFs for multi-operator service delivery Open
Value-added 5G verticals are foreseen to be delivered as a service chain over multiple network operators with extensive outsourcing of Virtual Network Functions (VNFs). In this short paper we introduce the initial design of SafeLib, a soft…
View article: Fast and Secure Updatable Encryption
Fast and Secure Updatable Encryption Open
Updatable encryption allows a client to outsource ciphertexts to some untrusted server and periodically rotate the encryption key. The server can update ciphertexts from an old key to a new key with the help of an update token, received fr…
View article: OWASP Top 10 - Do Startups Care?
OWASP Top 10 - Do Startups Care? Open
In a cut-throat world where time-to-market can be the difference between success and failure, it can be tempting for startups to think “let’s get it to work first, and then we’ll worry about security later.” However, major security flaws h…
View article: Offline Assisted Group Key Exchange.
Offline Assisted Group Key Exchange. Open
We design a group key exchange protocol with forward secrecy where most of the participants remain offline until they wish to compute the key. This is well suited to a cloud storage environment where users are often offline, but have onlin…
View article: Security notions for cloud storage and deduplication.
Security notions for cloud storage and deduplication. Open
Cloud storage is in widespread use by individuals and enterprises but introduces a wide array of attack vectors. A basic step for users is to encrypt their data, yet it is not obvious what security properties are required for such encrypti…
View article: Key recovery: Inert and public
Key recovery: Inert and public Open
We propose a public key infrastructure framework, inspired by modern distributed cryptocurrencies, that allows for tunable key escrow, where the availability of key escrow is only provided under strict conditions and enforced through crypt…
View article: Secure Channels and Termination: The Last Word on TLS.
Secure Channels and Termination: The Last Word on TLS. Open
Secure channels are one of the most pivotal building blocks of cryptography today. Internet connections, secure messaging, protected IoT data, etc., all rely upon the security of the underlying channel. In this work we define channel proto…
View article: Side channels in deduplication: trade-offs between leakage and efficiency.
Side channels in deduplication: trade-offs between leakage and efficiency. Open
Deduplication removes redundant copies of files or data blocks stored on the cloud. Clientside deduplication, where the client only uploads the file upon the request of the server, provides major storage and bandwidth savings, but introduc…
View article: Content-independent embedding scheme for multi-modal medical image watermarking
Content-independent embedding scheme for multi-modal medical image watermarking Open
Our proposed image-content independent embedding scheme is modality-wise consistent, and maintains a good image quality of RONI while keeping all other pixels in the image untouched. Thus, with an appropriate watermarking framework (i.e., …
View article: From Stateless to Stateful: Generic Authentication and Authenticated Encryption Constructions with Application to TLS.
From Stateless to Stateful: Generic Authentication and Authenticated Encryption Constructions with Application to TLS. Open
Authentication and authenticated encryption with associated data (AEAD) are applied in cryptographic protocols to provide message integrity. The definitions in the literature and the constructions used in practice all protect against forge…
View article: Content-independent embedding scheme for multi-modal medical image watermarking
Content-independent embedding scheme for multi-modal medical image watermarking Open
As the increasing adoption of information technology continues to offer better distant medical services, the distribution of, and remote access to digital medical images over public networks continues to grow significantly. Such use of med…
View article: A Guide to Fully Homomorphic Encryption.
A Guide to Fully Homomorphic Encryption. Open
Fully homomorphic encryption (FHE) has been dubbed the holy grail of cryptography, an elusive goal which could solve the IT world’s problems of security and trust. Research in the area exploded after 2009 when Craig Gentry showed that FHE …
View article: Protecting Encrypted Cookies from Compression Side-Channel Attacks
Protecting Encrypted Cookies from Compression Side-Channel Attacks Open
View article: Continuous After-the-Fact Leakage-Resilient eCK-Secure Key Exchange
Continuous After-the-Fact Leakage-Resilient eCK-Secure Key Exchange Open