Developed in Belgium’s northern region of Flanders, Rijndael is an algorithm used to scramble data shared on computer networks. The brainchild of Leuven University, it was first adopted by the US government after approval by the NSA to secure classified and top-secret information. Today, the algorithm is used to encrypt and protect internet traffic, hard disks, banking transactions and more around the globe.
Rijndael isn’t the only flagship contributing to Flanders’ reputation in cybersecurity and other digital niches. Pioneers such as Robert Cailliau, one of the co-inventors of the internet, and Dries Buytaert, founder of Drupal, have gained celebrity status in ICT entourages worldwide. As new bright minds take the tech stage in Flanders, the list grows longer by the day. Wim Sohier, science and technology councilor at Flanders Investment & Trade highlights 3 recent success stories from Flanders, Belgium’s northern region. (This article was first published via LinkedIn Pulse).
Few Silicon Valley companies are as well-known as Intel. The American firm produces a broad portfolio of solutions from semiconductors and hardware components to Internet of Things platforms and antivirus software. In 2018, a Flanders-based research group from Leuven University – called DistriNet – launched an ethical cyberattack on Intel Software Guard Extensions (SGX), which protects processors against viruses that take advantage of system errors. Designed to increase the security of application code and data, Intel SGX allows users to define private regions of memory or enclaves, whose contents cannot be read or saved outside the enclave.
Sounds like a watertight application, but it took hacking to believe that it wasn’t. DistriNet carried out its ‘Foreshadow attack’ in collaboration with the Israel Institute of Technology, Michigan University and Adelaide University. In doing so, the research group revealed that Intel’s enclaves were very vulnerable to attackers trying to steal sensitive information from personal computers or third-party clouds.
Who left the cookie jar open? That’s how computer scientists from Leuven University phrased their punny research question. It was only a matter time before Gertjan Franken, Tom Van Goethem and Wouter Joosen revealed that security and privacy policies applied by 7 internet browsers and 45 domain name extensions could easily be bypassed by hackers with bad intentions. Their work enables critical improvements in how browsers prevent cross-site attacks and third-party tracking through cookies.
In August 2018, the three scientists from Flanders won first place and a $100,000 cash reward for their paper at Facebook’s annual Internet Defense Prize ceremony. Just like the bright minds behind the Foreshadow attack, the team is part of the DistriNet research group, which is associated with imec – one of four strategic research centers in Flanders and a global reference in nanotech and digital innovation.
For many people, Tesla’s electric cars stand for intelligent design. To verify just how smart the cars’ security systems actually are, yet another Leuven University research group – called COSIC – united its cryptography scientists in an ethical key fob hacking project. Their target? The Passive Keyless Entry and Start system (PKES) that allows Tesla Model S electric cars to be remotely locked and unlocked.
With a budget of only $600 in radio and computer equipment, the Leuven University cryptography experts managed to hack and clone the PKES system in a mere 2 seconds – theoretically enabling them to steal the e-vehicle. The team notified Tesla about their findings in August 2018. The company immediately adapted its PKES system and rewarded the Flanders-based COSIC team with $10,000.
Stories such as these are living proof of how Flanders continues to position itself as a cybersecurity powerhouse in the heart of the European Union. One of the reasons why digital and technological firms and innovators thrive in Flanders is the crosspollination occurring between the private, public and academic sectors – encouraged, driven and (financially) backed by the government of Flanders through its cluster policy.