March 21-24, 2016 at the Congress Center Saar, Saarbrücken, GERMANY

1st IEEE European
Symposium on Security
and Privacy


Registration and Reception

06:00PM - 09:00PM

Snacks & Coffee

07:30AM - 08:30AM

Opening Remarks

08:30AM - 09:00AM

Keynote (by Adi Shamir)

09:00AM - 10:00AM

Keynote: Extended Functionality Attacks on IoT Devices
Adi Shamir


10:00AM - 10:30AM

Session: Information Flow

10:30AM - 12:30PM

Explicit Secrecy: A Policy for Taint Tracking
Daniel Schoepe, Musard Balliu (Chalmers University of Technology), Benjamin C. Pierce (University of Pennsylvania), Andrei Sabelfeld (Chalmers University of Technology)
Precisely Measuring Quantitative Information Flow: 10K Lines of Code and Beyond
Celina G Val (Amazon), Michael A Enescu, Sam Bayless, William Aiello, Alan J Hu (The University of British Columbia)
HornDroid: Practical and Sound Static Analysis of Android Applications by SMT Solving
Stefano Calzavara (Università Ca' Foscari Venezia), Ilya Grishchenko, Matteo Maffei (CISPA, Saarland University)
Games Without Frontiers: Investigating Video Games as a Covert Channel
Bridger Hahn, Rishab Nithyanand, Phillipa Gill, Rob Johnson (Stony Brook University)


12:30PM - 01:30PM

Session: Security Protocols

01:30PM - 03:30PM

The OPTLS Protocol and TLS 1.3
Hugo Krawczyk (IBM Research), Hoeteck Wee (ENS)
A class of precomputation-based distance-bounding protocols
Sjouke Mauw, Jorge Toro Pozo, Rolando Trujillo-Rasua (University of Luxembourg, SnT)
Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation
Benjamin Mood (University of Florida), Debayan Gupta (Yale University), Henry Carter (Georgia Institute of Technology), Kevin Butler, Patrick Traynor (University of Florida)
Translingual Obfuscation
Pei Wang, Shuai Wang, Jiang Ming, Yufei Jiang, Dinghao Wu (The Pennsylvania State University)


03:30PM - 04:00PM

Session: OS & Database Security

04:00PM - 05:30PM

Reasoning about Object Capabilities with Logical Relations and Effect Parametricity
Dominique Devriese (iMinds - DistriNet, KU Leuven), Lars Birkedal (Dept. of Comp. Science, Aarhus University), Frank Piessens (iMinds - DistriNet, KU Leuven)
Strong and Provably Secure Database Access Control
Marco Guarnieri (ETH Zurich), Srdjan Marinovic (The Wireless Registry), David Basin (ETH Zurich)
Fine-Grained Control-Flow Integrity for Kernel Software
Xinyang Ge, Nirupama Talele (The Pennsylvania State University), Mathias Payer (Purdue University), Trent Jaeger (The Pennsylvania State University)

Poster Session

05:30PM - 07:00PM

Snacks & Coffee

07:30AM - 08:30AM

Session: Privacy

08:30AM - 10:00AM

On the Inference of User Paths from Anonymized Mobility Data
Galini Tsoukaneri (The University of Edinburgh), George Theodorakopoulos (Cardiff University), Hugh Leather, Mahesh K. Marina (The University of Edinburgh)
NavigaTor: Finding Faster Paths to Anonymity
Robert Annessi (TU Wien), Martin Schmiedecker (SBA Research)
Security Analysis of Re-Encryption RPC Mix Nets
Ralf Kuesters (University of Trier), Tomasz Truderung (Polyas)


10:00AM - 10:30AM

Session: Cryptography

10:30AM - 12:30PM

Foundations of Hardware-Based Attested Computation and Application to SGX
Manuel Barbosa (HASLab - INESC TEC and DCC FC Universidade do Porto), Bernardo Portela (HASLab - INESC TEC and Minho University), Bogdan Warinschi, Guillaume Scerri (University of Bristol)
Highly Efficient Algorithms for AES Key Retrieval in Cache Access Attacks
Ashokkumar C, Ravi Prakash Giri, Bernard Menezes (Indian Institute of Technology Bombay, India)
Highly-Efficient and Composable Password-Protected Secret Sharing (Or: How to Protect Your Bitcoin Wallet Online)
Stanislaw Jarecki (University of California, Irvine), Aggelos Kiayias (University of Athens), Hugo Krawczyk (IBM Research), Jiayu Xu (University of California, Irvine)
Argon2: new generation of memory-hard functions for password hashing and other applications
Alex Biryukov, Daniel Dinu, Dmitry Khovratovich (University of Luxembourg)


12:30PM - 01:30PM

Session: Attacks

01:30PM - 03:00PM

Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack
Kartik Nayak, Srijan Kumar, Andrew Miller (University Of Maryland, College Park), Elaine Shi (University Of Maryland, College Park/Cornell University, Ithaca)
Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On
Christian Mainka, Vladislav Mladenov, Jörg Schwenk (Horst Görtz Institute for IT-Security)
CacheKit: Evading Memory Introspection Using Cache Incoherence
Ning Zhang (Virginia Polytechnic Institute and State University), He Sun, Kun Sun (College of William and Mary), Wenjing Lou (Virginia Polytechnic Institute and State University), Y. Thomas Hou (Virginia Polytechnic Institute and State University)


03:00PM - 03:30PM

Short Talks

03:30PM - 04:30PM

TC Business Meeting

04:30PM - 05:40PM

Conference Dinner

06:30PM - 10:00PM

Snacks & Coffee

07:30AM - 08:30AM

Closing Remarks

08:30AM - 08:40AM

Session: Security & Learning

08:40AM - 10:10AM

ZETA - Zero-Trust Authentication: Relying on Innate Human Ability, not Technology
Andreas Gutmann (Technische Universität Darmstadt), Karen Renaud, Joseph Maguire (The University of Glasgow), Melanie Volkamer, Peter Mayer (Technische Universität Darmstadt), Kanta Matsuura (University of Tokyo), Jörn Müller-Quade (Karlsruhe Institute of Technology)
The Limitations of Deep Learning in Adversarial Settings
Nicolas Papernot, Patrick McDaniel (The Pennsylvania State University), Somesh Jha (University of Wisconsin-Madison), Matt Fredrikson (Carnegie Mellon University), Z. Berkay Celik (The Pennsylvania State University), Ananthram Swami (Army Research Laboratory)
I Am Robot: (Deep) Learning to Break Semantic Image CAPTCHAs
Suphannee Sivakorn, Iasonas Polakis (Columbia University), Angelos D. Keromytis (Columbia University)

Break (20 minutes)

10:10AM - 10:30AM

Session: Network Security

10:30AM - 12:00PM

PKI Safety Net (PKISN): Solving the Too-Big-to-Be-Revoked Problem
Pawel Szalachowski, Laurent Chuat, Adrian Perrig (ETH Zurich)
It Bends but Would it Break? Topological Analysis of BGP Infrastructures in Europe
Sylvain Frey, Yehia Elkhatib, Awais Rashid, Karolina Follis, John Vidler, Nick Race, Chris Edwards (Lancaster University)
AppScanner: Automatic Fingerprinting of Smartphone Apps From Encrypted Network Traffic
Vincent F. Taylor (University of Oxford), Riccardo Spolaor, Mauro Conti (University of Padua), Ivan Martinovic (University of Oxford)

Session: Protocol Analysis

12:00PM - 01:00PM

How Secure is TextSecure?
Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz (Ruhr-Universität Bochum)
To Du or not to Du: A Security Analysis of Du-Vote
Steve Kremer, Peter Roenne (Inria)


01:00PM - 02:00PM