April 26-28, 2017 in Paris, France

2nd IEEE European Symposium on Security and Privacy

   Register

Breakfast

08:00 - 09:00

Opening Remarks

09:00 - 09:15

Session: Side Channels

09:15 - 10:30

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks
Timothy Trippel (University of Michigan), Ofir Weisse (University of Michigan), Wenyuan Xu (University of South Carolina), Peter Honeyman (University of Michigan), Kevin Fu (University of Michigan)
Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge
Florian Tramèr (EPFL), Fan Zhang (Cornell), Huang Lin (EPFL), Jean-Pierre Hubaux (EPFL), Ari Juels (Cornell Tech), Elaine Shi (Cornell)
Privacy Threats through Ultrasonic Side Channels on Mobile Devices
Daniel Arp (Technische Universität Braunschweig), Erwin Quiring (Technische Universität Braunschweig), Christian Wressnegger (Technische Universität Braunschweig), Konrad Rieck (Technische Universität Braunschweig)

Coffee break

10:30 - 11:00

Session: Protocol Security

11:00 - 12:40

Content delivery over TLS: a cryptographic analysis of Keyless SSL
Karthikeyan Bhargavan (Inria de Paris), Ioana Boureanu Carlson (Imperial College London), Pierre-Alain Fouque (Université de Rennes 1/IRISA), Cristina Onete (INSA/IRISA Rennes), Benjamin Richard (Orange/ IRISA Rennes)
Replay Attacks on Zero Round-Trip Time: The Case of the TLS 1.3 Handshake Candidates
Marc Fischlin (Technische Universität Darmstadt, Germany), Felix Günther (Technische Universität Darmstadt, Germany)
A Novel Approach for Reasoning about Liveness in Cryptographic Protocols and its Application to Fair Exchange
Michael Backes (CISPA, Saarland University & MPI-SWS), Jannik Dreier (INRIA), Steve Kremer (INRIA), Robert Kuennemann (CISPA, Saarland University)
Refining Authenticated Key Agreement with Strong Adversaries
David Basin (ETH Zurich), Joseph Lallemand (ENS Cachan, Université Paris-Saclay), Christoph Sprenger (ETH Zurich)

Lunch

12:40 - 14:00

Session: Applied Cryptography

14:00 - 15:40

Redactable Blockchain - or - Rewriting History in Bitcoin and Friends
Giuseppe Ateniese (Stevens Institute of Technology), Bernardo Magri (Sapienza University of Rome), Daniele Venturi (University of Trento), Ewerton Andrade (University of São Paulo)
Secure Queries on an Encrypted Multi-Writer Table
Angelo Massimo Perillo (Università di Salerno, Italy), Giuseppe Persiano (Università di Salerno, Italy), Alberto Trombetta (Università dell'Insubria, Italy)
Towards Practical Attacks on Argon2i and Balloon Hashing
Joel Alwen (IST Austria), Jeremiah Blocki (Purdue University)
An Expressive (Zero-Knowledge) Set Accumulator
Jonathan Katz (University of Maryland), Charalampos Papamanthou (University of Maryland), Yupeng Zhang (University of Maryland)

Coffee Break

15:40 - 16:10

Session: Malware

16:10 - 17:50

Compiler-Agnostic Function Detection in Binaries
Dennis Andriesse (Vrije Universiteit Amsterdam), Asia Slowinska (Lastline, Inc.), Herbert Bos (Vrije Universiteit Amsterdam)
Open Doors for Bob and Mallory: Open Port Usage in Android Apps and Security Implications
Yunhan Jack Jia (University of Michigan), Qi Alfred Chen (University of Michigan), Yikai Lin (University of Michigan), Chao Kong (University of Michigan), Z. Morley Mao (University of Michigan)
LUNA: Quantifying and Leveraging Uncertainty in Android Malware Analysis through Bayesian Machine Learning
Michael Backes (CISPA, Saarland University & MPI-SWS), Mohammad Nauman (MPI-SWS)
9-1-1 DDoS: Attacks, Analysis and Mitigation
Mordechai Guri (Ben-Gurion University of the Negev), Yisroel Mirsky (Ben-Gurion University of the Negev), Yuval Elovici (Ben-Gurion University of the Negev)

Best paper award

17:50 - 18:00

Reception and poster session

18:00 - 21:00

Breakfast

08:00 - 09:00

Keynote (by Dan Boneh)

09:00 - 10:05

Session: Systematization

10:05 - 10:55

SoK: Fraud in Telephony Networks
Merve Sahin (Eurecom), Aurélien Francillon (Eurecom), Payas Gupta (New York University Abu Dhabi), Mustaque Ahamad (Georgia Institute of Technology)
SoK: Single Sign-On Security – An Evaluation of OpenID Connect
Christian Mainka (Horst Görtz Institute for IT-Security), Vladislav Mladenov (Horst Görtz Institute for IT-Security), Tobias Wich (ecsec GmbH), Jörg Schwenk (Horst Görtz Institute for IT-Security)

Coffee Break

10:55 - 11:25

Session: Privacy-preserving Systems

11:25 - 12:40

Privacy-Preserving User Auditable Pseudonym Systems
Jan Camenisch (IBM Research - Zurich), Anja Lehmann (IBM Research - Zurich)
Auditable Data Structures
Michael Goodrich (University of California - Irvine), Evgenios Kornaropoulos (Brown University), Michael Mitzenmacher (Harvard University), Roberto Tamassia (Brown University)
Efficient Accumulators with Applications to Anonymity-Preserving Revocation
Foteini Baldimtsi (Boston University), Jan Camenisch (IBM Zurich), Maria Dubovitskaya (IBM Zurich), Anna Lysyanskaya (Brown University), Leo Reyzin (Boston University), Kai Samelin (IBM Zurich), Sophia Yakoubov (Boston University)

Lunch

12:40 - 14:00

Session: Web Security and Privacy

14:00 - 15:40

Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools
Georg Merzdovnik (SBA Research), Markus Huber (Fachhochschule St. Pölten), Damjan Buhov (SBA Research), Nick Nikiforakis (Stony Brook University), Sebastian Neuner (SBA Research), Martin Schmiedecker (SBA Research), Edgar Weippl (SBA Research)
Efficient and Flexible Discovery of PHP Application Vulnerabilities
Michael Backes (CISPA, Saarland University & MPI-SWS), Konrad Rieck (TU Braunschweig), Malte Skoruppa (CISPA, Saarland University), Ben Stock (CISPA, Saarland University), Fabian Yamaguchi (TU Braunschweig)
Large-scale Analysis & Detection of Authentication Cross-Site Request Forgeries
Avinash Sudhodanan (Fondazione Bruno Kessler), Nicolas Dolgin (SAP Labs France), Roberto Carbone (Fondazione Bruno Kessler), Umberto Morelli (Fondazione Bruno Kessler), Luca Compagna (SAP Labs France), Alessandro Armando (Fondazione Bruno Kessler)
Revisiting Browser Security in the Modern Era: New Data-only Attacks and Defenses
Roman Rogowski (University of North Carolina at Chapel Hill), Micah Morton (University of North Carolina at Chapel Hill), Forrest Li (University of North Carolina at Chapel Hill), Kevin Z. Snow (University of North Carolina at Chapel Hill), Fabian Monrose (University of North Carolina at Chapel Hill), Michalis Polychronakis (Stony Brook University)

Coffee Break

15:40 - 16:10

Short Talks

16:10 - 17:10

Business Meeting

17:10 - 18:00

Banquet at Les Salons Hoche

19:00 -

Breakfast

08:00 - 09:00

Closing Remarks

09:00 - 09:15

Session: Human Aspects of Security and Privacy

09:15 - 10:30

Confidante: Usable Encrypted Email – A Case Study With Lawyers and Journalists
Adam Lerner (University of Washington), Eric Zeng (University of Washington), Franziska Roesner (University of Washington)
FairTest: Discovering Unwarranted Associations in Data-Driven Applications
Florian Tramèr (EPFL), Vaggelis Atlidakis (Columbia University), Roxana Geambasu (Columbia University), Daniel Hsu (Columbia University), Jean-Pierre Hubaux (EPFL), Mathias Humbert (CISPA, Saarland University), Ari Juels (Cornell Tech), Huang Lin (EPFL)
Internet Censorship in Thailand: User practices, potential threats and necessary responses
Genevieve Gebhart (University of Washington Information School), Tadayoshi Kohno (University of Washington Computer Science & Engineering), Anonymous

Coffee Break

10:30 - 11:00

Session: Secure Messaging and Mobile Security

11:00 - 12:40

Automated Verification for Secure Messaging Protocols and their Implementations: A Symbolic and Computational Approach
Nadim Kobeissi (INRIA Paris), Karthikeyan Bhargavan (INRIA Paris), Bruno Blanchet (INRIA Paris)
A Formal Security Analysis of the Signal Messaging Protocol
Katriel Cohn-Gordon (University of Oxford), Cas Cremers (University of Oxford), Benjamin Dowling (Queensland University of Technology), Luke Garratt (University of Oxford), Douglas Stebila (McMaster University)
Designing and proving an EMV-compliant payment protocol for mobile devices
Véronique Cortier (Loria - CNRS), Alicia Filipiak (Loria - Orange), Jan Florent (Orange), Said Gharout (Orange), Jacques Traoré (Orange)
ARTist: The Android Runtime Instrumentation and Security Toolkit
Michael Backes (CISPA, Saarland University & MPI-SWS), Sven Bugiel (CISPA, Saarland University), Oliver Schranz (CISPA, Saarland University), Philipp von Styp-Rekowsky (CISPA, Saarland University), Sebastian Weisgerber (CISPA, Saarland University)

Lunch

12:40 - 14:00

Session: System Security

14:00 - 15:40

Reasoning about Probabilistic Defense Mechanisms against Remote Attacks
Martín Ochoa (Singapore University of Technology and Design), Sebastian Banescu (Technische Universität München), Cynthia Disenfeld (University of Toronto), Gilles Barthe (IMDEA Software), Vijay Ganesh (University of Waterloo)
CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks
Xi Chen (VU Amsterdam), Cristiano Giuffrida (VU Amsterdam), Herbert Bos (VU Amsterdam)
Symbolic Models for Isolated Execution Environments
Charlie Jacomme (ENS Cachan, Université Paris-Saclay), Steve Kremer (LORIA, Inria Nancy & CNRS & Université de Lorraine), Guillaume Scerri (University of Bristol)
On the Effectiveness of Virtualization Based Memory Isolation on Multicore Platforms
Siqi Zhao (Singapore Management University), Xuhua Ding (Singapore Management University)

Coffee Break

15:40 - 16:10

Session: Network Security

16:10 - 17:25

Outsmarting Network Security with SDN Teleportation
Kashyap Thimmaraju (TU Berlin/T-Labs), Liron Schiff (Tel Aviv University), Stefan Schmid (Aalborg University/TU Berlin)
Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs
Maciej Korczynski (Delft University of Technology), Samaneh Tajalizadehkhoob (Delft University of Technology), Arman Noroozian (Delft University of Technology), Maarten Wullink (SIDN Labs), Cristian Hesselman (SIDN Labs), Michel van Eeten (Delft University of Technology)
When Cellular Networks Met IPv6: Security Problems of Middleboxes in IPv6 Cellular Networks
Hyunwook Hong (KAIST), Hyunwoo Choi (KAIST), Dongkwan Kim (KAIST), Hongil Kim (KAIST), Byeongdo Hong (KAIST), Jiseong Noh (KAIST), Yongdae Kim (KAIST)