IWSEC 2019

August 28 (Wed) - 30 (Fri), 2019
Tokyo Institute of Technology, Tokyo, Japan

Keynote Talks

We will have keynote talks from the following world-leading researchers.

Dr. Jun Furukawa

Senior Researcher, NEC Israel Research Center


Multiparty Computation with an Honest Majority in the Foreseeable Future

Abstract

Secure multiparty computation (MPC) is an advanced cryptography that enables a set of parties to securely carry out a joint computation of their private inputs without revealing anything but the output. MPC has the potential to offer reliable protection of computation as well as the protection of data.

I will take a brief look at the current state of MPC with an honest majority and discuss its foreseeable future. More specifically, I will talk about what it can, what is within its reach, which applications we can apply it to, and how we can expect it to work.


Prof. Michel van Eeten

Faculty of Technology, Policy and Management, Delft University of Technology, Netherlands

https://www.tudelft.nl/en/tpm/about-the-faculty/departments/multi-actor-systems/people/professors/profdr-mjg-michel-van-eeten/


Fighting Malicious Hosting Practices: The Good, the Bad and the Ugly

Abstract

Many criminal business models rely on hosting infrastructure for key parts of their operations. Think of phishing pages, command-and-control servers, drive-by download sites, spam domains and hosting child sexual abuse material. The Netherlands is often listed among the top 5 countries in the world in terms of malicious hosting practices. This mainly reflects the fact that we have a lot of hosting infrastructure in our country and this infrastructure attracts its fair share of criminal activity. Still, there is broad consensus the hosting providers need to act more vigilantly against abuse.

Over the past two years, we have worked with the Dutch government and the hosting sector to help improve the security of hosting in the Netherlands. We developed benchmarks to separate good from bad providers. The benchmark intends to improve the incentives for providers to take action. They are being shared with the providers via an abuse-sharing platform set up by the industry itself. To join the platform, providers have to sign a code of conduct. Of course, there are also providers who do not care about benchmarks and who consciously facilitate crime. In those cases, law enforcement has to step in. We have worked with the High Tech Crime Unit of the Dutch National Policy to unravel the operations of Maxided, a so-called bullet proof hosting provider. This work has provided us with new insights into the evolution of how malicious hosting services are being provisioned. We uncovered a shift from monolithic bullet-proof providers with their own infrastructure to a platform-based market where agile merchants sell legitimate resources of upstream providers to criminal customers.