Filetype
Pseudo-random functions are a fundamental building block in many cryptographic applications. In certain scenarios, a weaker notion (where security is restricted to uniformly random input), but more computationally efficient, called weak pseudo-random functions, is sufficient. In this work, we present new differential attacks on the main binary weak pseudo-random function constructions, namely the
Misuse resilience is an important security criterion in the evaluation of the NIST Post-quantum cryptography standardization process. In this paper, we propose new key mismatch attacks against Kyber and Saber, NIST's selected scheme for encryption and one of the finalists in the third round of the NIST competition, respectively. Our novel idea is to recover partial information of multiple secret e
Connected and automated vehicles (CAVs) will be a key component of future cooperative intelligent transportation systems (C-ITS). Since the adoption of C-ITS is not foreseen to happen instantly, not all of its elements are going to be connected at the early deployment stages. We consider a scenario where vehicles approaching a traffic light are connected to each other, but the traffic light itself
Beyond 5G/6G communication systems promise to significantly impact the development of a New Generation of CCAM. Reconfigurable Intelligent Metasurfaces (RIM) are by now established as a key enabling technology for 6G Systems. They have been extensively investigated the last few years, as they possess exotic properties allowing for precise control over any aspect of an impinging wave. As such, they
In this paper, we present novel key-recovery attacks on Approximate Homomorphic Encryption schemes, such as CKKS, when employing noise-flooding countermeasures based on non-worst-case noise estimation. Our attacks build upon and enhance the seminal work by Li and Micciancio at EUROCRYPT 2021. We demonstrate that relying on average-case noise estimation undermines noise-flooding countermeasures, ev
Nowadays, the growth of advanced technologies is paving the way for Industrial Control Systems (ICS) and making them more efficient and smarter. However, this makes ICS more connected to communication networks that provide a potential platform for attackers to intrude into the systems and cause damage and catastrophic consequences. In this paper, we propose implementing digital twins that have bee
We demonstrate a tool for identifying, prioritizing and evaluating vulnerabilities in software. The tool aims to improve security in products by making maintenance more efficient and robust. Software components and release versions are matched with vulnerability information from open resources. The results are visualized on several different levels, ranging from product portfolio and individual prWe demonstrate a tool for identifying, prioritizing and evaluating vulnerabilities in software. The tool aims to improve security in products by making maintenance more efficient and robust. Software components and release versions are matched with vulnerability information from open resources. The results are visualized on several different levels, ranging from product portfolio and individual pr
The inherent flexibility of 5G networks come with a high degree of configuration and management complexity. This makes the performance outcome for UEs, more than ever, dependent on intricate configurations and interplay between algorithms at various network components. In this paper, we take initial steps towards a performance exposure system at the base station using a data-driven approach for pr
Side-channel resilience is a crucial feature when assessing whether a postquantum cryptographic proposal is sufficiently mature to be deployed. In this paper, we propose a generic and efficient adaptive approach to improve the sample complexity (i.e., the required number of traces) of plaintext-checking (PC) oracle-based sidechannel attacks (SCAs), a major class of key recovery chosen-ciphertext S
The Internet of Things (IoT) is a large network of connected devices. In IoT, devices can communicate with each other or back-end systems to transfer data or perform assigned tasks. Communication protocols used in IoT depend on target applications but usually require low bandwidth. On the other hand, IoT devices are constrained, having limited resources, including memory, power, and computational
In this thesis, we address three main security problems related to cryptography andcloud storage. To tackle the challenge posed by a quantum computer, we needencryption that is resistant to quantum computers. This category of cryptographyis called post-quantum cryptography. In the first paper, we solve a challengein one of the lattice-based cryptographic protocols called Nth-degree Truncatedpolyno
Checklist for Global Responsible Engagement GRE 2023 Page 1 of 4 Division of External Relations International Office Pär Svensson, International coordinator Checklist GRE March 2023 Checklist for Global Responsible Engagement In the current multipolar global context, collaboration with foreign partners and transborder research have become more complex, and the current security and geopolitical sit
Whereas theoretical attacks on standardized crypto primitives rarely lead to actual practical attacks, the situation is different for side-channel attacks. Improvements in the performance of side-channel attacks are of utmost importance.In this paper, we propose a framework to be used in key-recovery side-channel attacks on CCA-secure post-quantum encryption schemes. The basic idea is to construct
To systematically address non-technical engineering skills (NTES), six mandatory "Engineering Days" (Ing-dagar) were introduced in two bachelor programmes. The students were also allowed to perform voluntary activities leading to a Certification of Non-technical Engineering Competences, a certificate the students can attach to their CVs. To be certified, the student must have performed activities
We study the notion of anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation. The first property implies that users keep their identity private when authenticating unless and until an appointed authority requests to revoke this privacy, retroactively. The second property enforces th
In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on the reference implementation of HQC. We build a cache-timing based distinguisher for implementing a plaintext-checking (PC) oracle. The PC oracle uses side-channel information to check if a given ciphertext decrypts to a given message. This is done by identifying a vulnerability during the generating process of two
In this paper, we show that a software implementation of IND-CCA-secure Saber key encapsulation mechanism protected by first-order masking and shuffling can be broken by deep learning-based power analysis. Using an ensemble of deep neural networks trained at the profiling stage, we can recover the session key and the secret key from 257 × N and 24 × 257 × N traces, respectively, where N is the num
It is important that you feel safe at work. Here you will find information on what to do in different situations, where to get help and where to report an incident. In case of an emergency or acute danger Call 112In an emergency, call 112. Remember to dial "0" first if you are calling from a desk phone. Sos Alarm AppAn SOS Alarm app is available. Calling from the app makes it easier for the operat
https://www.staff.lu.se/case-emergency - 2026-06-06
A key enabler for Industry 4.0 is Fifth Generation Wireless Specifications (5G), within which network slicing is a promising technique to ensure customized quality of service for specific end-user groups in industrial scenarios. Massive Multiple Input Multiple Output (MIMO) plays a significant role in 5G but network slicing for massive MIMO has not yet been addressed. In this paper, we propose a n
Cloud-RAN (C-RAN) is a promising paradigm for the next generation radio access network infrastructure, which offers centralized and coordinated base-band signal processing in a BBU pool. This requires extremely low latency fronthaul links to achieve real-time signal processing. In this paper, we investigate massive MIMO pilot scheduling in a C-RAN infrastructure under a factory automation scenario
