Publications


On TLS 1.3 - Early performance analysis in the IoT field

ICISSP 2016 - SCITEPRESS
This paper provides an overview of the novelties introduced in TLS 1.3 draft finalized to improve security and latency of the protocol: the reworked handshake flows and the newly adopted cryptographic algorithms are analyzed and compared in terms of security and latency to the current TLS in use.

What users should know about Full Disk Encryption based on LUKS

CANS 2015 - IACR - Springer
Full Disk Encryption (FDE) solutions might help users to protect sensitive data in the event that devices are lost or stolen. In this paper we focus on the security of Linux Unified Key Setup (LUKS) specifications, the most common FDE solution implemented in Linux based operating systems. In particular, we analyze the key management process used to compute and store the encryption key, and the solution adopted to mitigate the problem of brute force attacks based on weak user passwords. Our testing activities shows some weaknesses and user’s behavior that can significantly reduce the security of the main LUKS implementation, Cryptsetup.

On the weaknesses of PBKDF2

CANS 2015 - IACR - Springer
This paper shows that, if HMAC-SHA-1 is computed in a standard mode without following the performance improvements described in the implementation note of RFC 2104 and FIPS 198-1, an attacker is able to avoid 50 % of PBKDF2’s CPU intensive operations, by replacing them with precomputed values. We note that a number of well-known and widely-used crypto libraries are subject to this vulnerability. In addition to such a vulnerability, we describe some other minor optimizations that an attacker can exploit to reduce even more the key derivation time.