Bernard van Gastel scite author profile

Abstract. This paper introduces TweetNaCl, a compact reimplementation of the NaCl library, including all 25 of the NaCl functions used by applications. TweetNaCl is published on Twitter and fits into just 100 tweets; the tweets are available from anywhere, any time, in an unsuspicious way. Distribution via other social media, or even printed on a sheet of A4 paper, is also easily possible.TweetNaCl is human-readable C code; it is the smallest readable implementation of a highsecurity cryptographic library. TweetNaCl is the first cryptographic library that allows correct functionality to be verified by human auditors with reasonable effort, making it suitable for inclusion into the trusted code base of a secure computer system. TweetNaCl consists of a single C source file, accompanied by a single header file generated by a short Python script (1811 bytes). The library can be trivially integrated into a wide range of software build processes.Portability and small code size come at a loss in efficiency, but TweetNaCl is sufficiently fast for most applications. TweetNaCl's cryptographic implementations meet the same security and reliability standards as NaCl: for example, complete protection against cache-timing attacks.

show abstract

Towards a seamful ethics of Covid-19 contact tracing apps?

Hoffman

Jacobs

Gastel

et al. 2020

Ethics Inf Technol

View full text Add to dashboard Cite

In the early months of 2020, the deadly Covid-19 disease spread rapidly around the world. In response, national and regional governments implemented a range of emergency lockdown measures, curtailing citizens’ movements and greatly limiting economic activity. More recently, as restrictions begin to be loosened or lifted entirely, the use of so-called contact tracing apps has figured prominently in many jurisdictions’ plans to reopen society. Critics have questioned the utility of such technologies on a number of fronts, both practical and ethical. However, little has been said about the ways in which the normative design choices of app developers, and the products that result therefrom, might contribute to ethical reflection and wider political debate. Drawing from scholarship in critical design and human–computer interaction, this paper examines the development of a QR code-based tracking app called Zwaai (‘Wave’ in Dutch), where its designers explicitly positioned the app as an alternative to the predominant Bluetooth and GPS-based approaches. Through analyzing these designers’ choices, this paper argues that QR code infrastructures can work to surface a set of ethical–political seams, two of which are discussed here—responsibilization and networked (im)permanence—that more ‘seamless’ protocols like Bluetooth actively aim to bypass, and which may go otherwise unnoticed by existing ethical frameworks.

show abstract

Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives

Meijer

Gastel

2019

View full text Add to dashboard Cite

We have analyzed the hardware full-disk encryption of several solid state drives (SSDs) by reverse engineering their firmware. These drives were produced by three manufacturers between 2014 and 2018, and are both internal models using the SATA and NVMe interfaces (in a M.2 or 2.5" traditional form factor) and external models using the USB interface.In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many models using hardware encryption have critical security weaknesses due to specification, design, and implementation issues. For many models, these security weaknesses allow for complete recovery of the data without knowledge of any secret (such as the password).BitLocker, the encryption software built into Microsoft Windows will rely exclusively on hardware full-disk encryption if the SSD advertises support for it. Thus, for these drives, data protected by BitLocker is also compromised.We conclude that, given the state of affairs affecting roughly 60% of the market, currently one should not rely solely on hardware encryption offered by SSDs and users should take additional measures to protect their data.

show abstract

Making resource analysis practical for real-time Java

Kersten

Shkaravska

Gastel

et al. 2012

View full text Add to dashboard Cite

For real-time and embedded systems limiting the consumption of time and memory resources is often an important part of the requirements. Being able to predict bounds on the consumption of these resources during the development process of the code can be of great value.Recent research results have advanced the state of the art of resource consumption analysis. In this paper we present a tool that makes it possible to apply these research results in practice for real-time systems enabling Java developers to analyse loop bounds, bounds on heap size and bounds on stack size. We describe which theoretical additions were needed in order to achieve this.We give an overview of the capabilities of the tool ResAna that is the result of this effort. The tool can not only perform generally applicable analyses, but it also contains a part of the analysis which is dedicated to the developers' (real-time) virtual machine, such that the results apply directly to the actual development environment that is used in practice.

show abstract

A Hoare Logic for Energy Consumption Analysis

Kersten

Toldin

Gastel

et al. 2014

View full text Add to dashboard Cite

Using Dependent Types to Define Energy Augmented Semantics of Programs

Gastel

Kersten²,

Eekelen

2016

View full text Add to dashboard Cite

A formalisation of XMAS

Gastel

Schmaltz

2013

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Communication fabrics play a key role in the correctness and performance of modern multi-core processors and systems-on-chip. To enable formal verification, a recent trend is to use high-level micro-architectural models to capture designers' intent about the communication and processing of messages. Intel proposed the xMAS language to support the formal definition of executable specifications of micro-architectures. We formalise the semantics of xMAS in ACL2. Our formalisation represents the computation of the values of all wires of a design. Our main function computes a set of possible routing targets for each message and whether a message can make progress according to the current network state. We prove several properties on the semantics, including termination, non-emptiness of routing, and correctness of progress conditions. Our current effort focuses on a basic subset of the entire xMAS language, which includes queues, functions, and switches

show abstract

A formally verified deadlock-free routing function in a fault-tolerant NoC architecture

Alhussien

Bagherzadeh

Verbeek

et al. 2012

View full text Add to dashboard Cite

12 3

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.