In recent years, we have faced an increasingly pervasive use of cryptography. The expansion of IoT, home automation and industry 4.0 has worryingly increased the attack surface, making it necessary to use cryptographic protocols to protect communications and data. However, cryptography is complex: not all cryptographic mechanisms offer the same level of protection; management and configuration is often the Achilles' heel of cryptographic systems; finally, protocols and implementations may present bugs that weaken or, in some cases, cancel the security guarantees offered by the adopted mechanisms. In this talk we will give an overview of the problems and attacks encountered in real cryptographic systems, discussing their weaknesses and possible remedies. We will present some practical case studies we have dealt with, highlighting how we improved the security of real cryptographic systems through foundational research and formal verification.
Join at http://imt.lu/seminar