Tuesday June 2

18:00 - 20:00

Welcome Reception

Bernheim & Schwartz Hall & Restaurant

2911 Broadway, New York [map]

Wednesday June 3

8:30 - 9:00


9:00 - 9:15


9:15 - 10:15

Invited Talk: Vitaly Shmatikov (Cornell NYC Tech)

All Your SSL Are Belong To Us [slides]

SSL/TLS is the de facto standard for secure Internet communications. Deployed widely in Web browsers and non-browser software, it is intended to provide end-to-end security even against active, man-in-the-middle attacks. This security fundamentally depends on correct validation of X.509 certificates presented when the connection is established.

I will first demonstrate that many SSL/TLS deployments are completely insecure against man-in-the-middle attacks. Vulnerable software includes cloud computing clients, merchant SDKs responsible for transmitting payment information from e-commerce sites to payment processors, online shopping software, and many forms of middleware. Even worse, several popular SSL/TLS implementations do not validate certificates correctly and thus all software based on them is generically insecure. These bugs affect even common Web browsers, where minor validation errors such as recent certificate expiration can mask serious issues such as failure to authenticate the Web server's identity.

I will then analyze the root causes of these vulnerabilities and describe how we used "frankencerts," a new methodology for automatically testing SSL/TLS implementations, to uncover dozens of subtle certificate validation bugs in popular SSL/TLS implementations.

10:15 - 10:45


10:45 - 12:00

Secure Computation I: Primitives and New Models

Session Chair: Shai Halevi

Universally Verifiable Multiparty Computation from Threshold Homomorphic Cryptosystems

Berry Schoenmakers (Eindhoven University of Technology), Meilof Veeningen (Eindhoven University of Technology)

Communication-Optimal Proactive Secret Sharing for Dynamic Groups

Joshua Baron (Rand Corporation), Karim El Defrawy (HRL Laboratories), Joshua Lampkins (University of California, Los Angeles), Rafail Ostrovsky (University of California, Los Angeles)

Round-Optimal Password-based Group Key Exchange Protocols in the Standard Model

Jing Xu (Institute of Software, Chinese Academy of Sciences), Xuexian Hu (Institute of Software, Chinese Academy of Sciences), Zhenfeng Zhang (Institute of Software, Chinese Academy of Sciences)

12:00 - 14:00

Lunch (on your own)

14:00 - 15:40

Public Key Cryptographic Primitives

Session Chair: Moti Yung

Generic Construction of UC-Secure Oblivious Transfer

Olivier Blazy (Université de Limoges, XLim), Céline Chevalier (Université Panthéon-Assas)

Non-malleability under Selective Opening Attacks: Implication and Separation

Zhengan Huang (Shanghai Jiao Tong University), Shengli Liu (Shanghai Jiao Tong University), Xianping Mao (Shanghai Jiao Tong University), Kefei Chen (Hangzhou Normal University and State Key Laboratory of Mathematical Engineering and Advanced Computing)

A Signature Scheme with a Fuzzy Private Key

Kenta Takahashi (Hitachi, Ltd.), Takahiro Matsuda (AIST), Takao Murakami (AIST), Goichiro Hanaoka (AIST), Masakatsu Nishigaki (Shizuoka University)

Practical Ciphertext-Policy Attribute-Based Encryption: Traitor Tracing, Revocation, and Large Universe

Zhen Liu (City University of Hong Kong), Duncan S. Wong (Security and Data Sciences, ASTRI)

15:40 - 16:10


16:10 - 17:50

Secure Computation II: Applications

Session Chair: Nelly Fazio

Zero-Knowledge Authenticated Order Queries and Order Statistics on a List

Esha Ghosh (Brown University), Olga Ohrimenko (Microsoft Research), Roberto Tamassia (Brown University)

Private Database Access With HE-over-ORAM Architecture

Craig Gentry (IBM), Shai Halevi (IBM), Charanjit Jutla (IBM), Mariana Raykova (SRI International)

Accumulable Optimistic Fair Exchange from Verifiably Encrypted Homomorphic Signatures

Jae Hong Seo (Myongji University), Keita Emura (NICT), Keita Xagawa (NTT Secure Platform Laboratories), Kazuki Yoneyama (NTT Secure Platform Laboratories)

LightCore: Lightweight Collaborative Editing Cloud Services for Sensitive Data

Weiyu Jiang (Institute of Information Engineering, Chinese Academy of Sciences), Jingqiang Lin (Institute of Information Engineering, Chinese Academy of Sciences), Zhan Wang (Institute of Information Engineering, Chinese Academy of Sciences), Huorong Li (Institute of Information Engineering, Chinese Academy of Sciences), Lei Wang (Institute of Information Engineering, Chinese Academy of Sciences)

Thursday June 4

8:30 - 9:00


9:00 - 10:40

Anonymity and Related Applications

Session Chair: Allison Bishop Lewko

Violating Consumer Anonymity: Geo-locating Nodes in Named Data Networking

Alberto Compagno (Sapienza University of Rome), Mauro Conti (University of Padua), Paolo Gasti (New York Institute of Technology), Luigi V. Mancini (Sapienza University of Rome), Gene Tsudik (University of California, Irvine)

Post-Quantum Forward-Secure Onion Routing (Future Anonymity in Today's Budget)

Satrajit Ghosh (ISI Indian Statistical Institute), Aniket Kate (CISPA, Saarland University)

Scalable Divisible E-Cash

Sébastien Canard (Orange Labs), David Pointcheval (Ecole Normale Supérieure, CNRS & INRIA), Olivier Sanders (Orange Labs, Ecole Normale Supérieure, CNRS & INRIA), Jacques Traoré (Orange Labs)

Recovering Lost Device-Bound Credentials

Foteini Baldimtsi (Boston University), Jan Camenisch (IBM Research - Zurich), Lucjan Hanzlik (Wroclaw University of Technology), Stephan Krenn (IBM Research - Zurich), Anja Lehmann (IBM Research - Zurich), Gregory Neven (IBM Research - Zurich)

10:40 - 11:10


11:10 - 12:10

Invited Talk: Matthew D. Green (Johns Hopkins University)

From strong mathematics to weak cryptography [slides]

The past three decades have been a remarkable time for the science of cryptography. From the first provably-secure protocols to the practice-oriented work of the 1990s, the research community has accumulated a wealth of knowledge about secure protocol design. However, the distribution of this wealth has not been even. Even in 2015 we continue to see routine ‘breaks’ of core cryptographic standards and software, often caused by the continued use of obsolete primitives and protocol design techniques. These failures have serious consequences — ranging from the immediate cost of remediation to a long-term potential loss of confidence in security protocols.

In this talk I will discuss the interaction between the cryptographic research community and the ‘cryptographic engineering’ community responsible for bringing cryptography into practice. I will summarize some of the recent and important research results related to core cryptographic standards, and how cryptographers have both impacted — or failed to impact — standards development. I will also discuss the implications of this interaction, and the how poor communication between communities may have facilitated some decryption efforts revealed by recent NSA leaks.

12:10 - 14:00

Lunch (on your own)

14:00 - 15:15

Cryptanalysis and Attacks (Symmetric Crypto)

Session Chair: Yossi Oren

Analysis of Boomerang Differential Trails via a SAT-Based Constraint Solver URSA

Aleksandar Kircanski (NCC Group)

Time--Memory Trade-off Attack on the GSM A5/1 Stream Cipher using Commodity GPGPU

Jiqiang Lu (Institute for Infocomm Research), Zhen Li (Institute for Infocomm Research), Matt Henricksen (Institute for Infocomm Research)

Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher

Yuval Yarom (The University of Adelaide), Gefei Li (The University of Adelaide), Damith C. Ranasinghe (The University of Adelaide)

15:15 - 15:45


15:45 - 17:00

Privacy and Policy Enforcement

Session Chair: David Pointcheval

Cryptographic Enforcement of Information Flow Policies without Public Information

Jason Crampton (Royal Holloway, University of London), Naomi Farley (Royal Holloway, University of London), Gregory Gutin (Royal Holloway, University of London), Mark Jones (Royal Holloway, University of London), Bertram Poettering (Ruhr University Bochum)

A Fully Decentralized Data Usage Control Enforcement Infrastructure

Florian Kelbert (Technische Universität München), Alexander Pretschner (Technische Universität München)

Oblivion: Mitigating Privacy Leaks by Controlling the Discoverability of Online Information

Milivoj Simeonovski (CISPA, Saarland University), Fabian Bendun (CISPA, Saarland University), Muhammad Rizwan Asghar (University of Auckland), Michael Backes (CISPA, Saarland University and MPI-SWS), Ninja Marnau (CISPA, Saarland University), Peter Druschel (MPI-SWS)

17:00 - 17:50

Authentication via Eye Tracking and Proofs of Proximity

Session Chair: Vlad Kolesnikov

Exploiting Eye Tracking for Smartphone Authentication

Dachuan Liu (University of Delaware and College of William and Mary), Bo Dong (College of William and Mary), Xing Gao (University of Delaware and College of William and Mary), Haining Wang (University of Delaware)

Optimal Proximity Proofs Revisited

Handan Kılınç (EPFL), Serge Vaudenay (EPFL)

19:00 - 22:00

Conference Dinner

Le Monde Restaurant

2885 Broadway, New York [map]

Friday June 5

8:30 - 9:00


9:00 - 10:15

Malware Analysis and Side Channel Attacks

Session Chair: Michalis Polychronakis

Replacement Attacks: Automatically Impeding Behavior-based Malware Specifications

Jiang Ming (The Pennsylvania State University), Zhi Xin (Nanjing University), Pengwei Lan (The Pennsylvania State University), Dinghao Wu (The Pennsylvania State University), Peng Liu (The Pennsylvania State University), Bing Mao (Nanjing University)

Partial Key Exposure Attacks on CRT-RSA: Better Cryptanalysis to Full Size Encryption Exponents

Atsushi Takayasu (The University of Tokyo), Noboru Kunihiro (The University of Tokyo)

Differential Power Analysis of a McEliece Cryptosystem

Cong Chen (Worcester Polytechnic Institute), Thomas Eisenbarth (Worcester Polytechnic Institute), Ingo von Maurich (Ruhr University Bochum), Rainer Steinwandt (Florida Atlantic University)

10:15 - 10:45


10:45 - 12:00

Side Channel Countermeasures and Tamper Resistance/PUFs

Session Chair: Jianying Zhou

Arithmetic Addition over Boolean Masking, Towards First- and Second-Order Resistance in Hardware

Tobias Schneider (HGI, Ruhr University Bochum), Amir Moradi (HGI, Ruhr University Bochum), Tim Güneysu (HGI, Ruhr University Bochum)

Foundations of Reconfigurable PUFs

Jonas Schneider (Saarland University, CISPA), Dominique Schröder (Saarland University, CISPA)

mrPUF: A Novel Memristive Device Based Physical Unclonable Function

Yansong Gao (The University of Ahdelaide), Damith C. Ranasinghe (The University of Ahdelaide), Said F. Al-Sarawi (The University of Ahdelaide), Omid Kavehei (Royal Melbourne Institute of Technology), Derek Abbott (The University of Ahdelaide)

12:00 - 14:00

Lunch (on your own)

14:00 - 15:40

Leakage Resilience and Pseudorandomness

Session Chair: Tal Malkin

On the XOR of Multiple Random Permutations

Bart Mennink (KU Leuven), Bart Preneel (KU Leuven)

Robust Pseudo-Random Number Generators with Input Secure Against Side-Channel Attacks

Michel Abdalla (ENS, CNRS, INRIA, and PSL), Sonia Belaid (ENS, CNRS, INRIA, PSL, and Thales Communications & Security), David Pointcheval (ENS, CNRS, INRIA, and PSL), Sylvain Ruhault (ENS, CNRS, INRIA, PSL, and Oppida), Damien Vergnaud (ENS, CNRS, INRIA, and PSL)

Leakage-Resilient Cryptography over Large Finite Fields: Theory and Practice

Marcin Andrychowicz (University of Warsaw), Daniel Masny (Ruhr University Bochum), Edoardo Persichetti (Dakota State University)

Secrecy without Perfect Randomness: Cryptography with (Bounded) Weak Sources

Michael Backes (CISPA, Saarland University), Aniket Kate (CISPA, Saarland University), Sebastian Meiser (CISPA, Saarland University), Tim Ruffing (CISPA, Saarland University)

15:40 - 16:00

Wrap Up