SecAppDev 2024 lecture details
When network protocols meet new threat models
This presentation will argue that several past (wireless) protocol attacks were found by creatively thinking about threat models.
Wednesday June 5th, 09:00 - 10:30
Room West Wing
Download handoutsAbstract
This presentation will argue that several past (wireless) protocol attacks were found by creatively thinking about threat models. This will be illustrated by Wi-Fi attacks such as KRACK and FragAttacks and past HTTPS attacks such as BEAST and HEIST. During the presentation I will also discuss how this can inspire defenders and attackers.
Key takeaway
Attacks only get better: either by finding new flaws or by introducing new threat models.
Content level
Introductory
Target audience
Security engineers
Prerequisites
None
Related lectures
Practical cryptography with Tink
Deep-dive lecture by Neil Madden in room West Wing
Monday June 3rd, 16:00 - 17:30
Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.
Key takeaway: Learn how to use Tink to implement cryptographic features and protocols in a robust manner.
Vulnerabilities of Large Language Model Applications
Deep-dive lecture by Vera Rimmer in room West Wing
Wednesday June 5th, 11:00 - 12:30
The session will start with a quick primer on data-driven AI and the key mechanisms behind LLMs. Then we will explore the general threat landscape, including academic attacks and more practical threats (OWASP Top 10 for LLMs).
Key takeaway: LLMs are a vulnerable intermediary between users and information. Increasing autonomy, complexity and integration of AI amplifies all existing risks.
Passkeys: the future of user authentication
Advanced lecture by Philippe De Ryck in room Lemaire
Wednesday June 5th, 11:00 - 12:30
This session explores passkeys as a replacement for complex multi-factor authentication, covering user and developer perspectives and the technical details of passkeys.
Key takeaway: Passkeys offer strong user authentication across platforms, with a fully integrated browser UI.