【论文速递】USENIX Security '24(密钥交换、零知识证明、安全多方计算、区块链)

文摘   2024-07-21 16:22   美国  
  • https://www.usenix.org/conference/usenixsecurity24/technical-sessions

AUGUST 14–16, 2024


The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts[1]Konstantin Fischer, Ruhr University Bochum; Ivana Trummová, Czech Technical University in Prague; Phillip Gajland, Ruhr University Bochum and Max Planck Institute for Security and Privacy; Yasemin Acar, Paderborn University and The George Washington University; Sascha Fahl, CISPA - Helmholtz-Center for Information Security; Angela Sasse, Ruhr University Bochum

Secret Key Exchange

K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures[2]Daniel Collins, Loïs Huguenin-Dumittan, and Ngoc Khanh Nguyen, EPFL; Nicolas Rolin, Spuerkeess; Serge Vaudenay, EPFL

Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments[3]Gabriel Karl Gegenhuber and Florian Holzbauer, University of Vienna; Philipp Émile Frenzel, SBA Research; Edgar Weippl, University of Vienna; Adrian Dabrowski, CISPA Helmholtz Center for Information Security

Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging[4]Karthikeyan Bhargavan, Cryspen; Charlie Jacomme, Université de Lorraine, LORIA, Inria Nancy Grand-Est; Franziskus Kiefer, Cryspen; Rolfe Schmidt, Signal Messenger

SWOOSH: Efficient Lattice-Based Non-Interactive Key Exchange[5]Phillip Gajland, Max Planck Institute for Security and Privacy, Ruhr University Bochum; Bor de Kock, NTNU - Norwegian University of Science and Technology, Trondheim, Norway; Miguel Quaresma, Max Planck Institute for Security and Privacy; Giulio Malavolta, Bocconi University, Max Planck Institute for Security and Privacy; Peter Schwabe, Max Planck Institute for Security and Privacy, Radboud University

Zero-Knowledge Proof

  • Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM[6]Yibin Yang, Georgia Institute of Technology; David Heath, University of Illinois Urbana-Champaign

  • Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators[7]Jiajun Xin, Arman Haghighi, Xiangan Tian, and Dimitrios Papadopoulos, The Hong Kong University of Science and Technology

  • Practical Security Analysis of Zero-Knowledge Proof Circuits[8]Hongbo Wen, University of California, Santa Barbara; Jon Stephens, The University of Texas at Austin and Veridise; Yanju Chen, University of California, Santa Barbara; Kostas Ferles, Veridise; Shankara Pailoor, The University of Texas at Austin and Veridise; Kyle Charbonnet, Ethereum Foundation; Isil Dillig, The University of Texas at Austin and Veridise; Yu Feng, University of California, Santa Barbara, and Veridise

  • Formalizing Soundness Proofs of Linear PCP SNARKs[9]Bolton Bailey and Andrew Miller, University of Illinois at Urbana-Champaign

  • Fast RS-IOP Multivariate Polynomial Commitments and Verifiable Secret Sharing[10]Zongyang Zhang, Weihan Li, Yanpei Guo, and Kexin Shi, Beihang University; Sherman S. M. Chow, The Chinese University of Hong Kong; Ximeng Liu, Fuzhou University; Jin Dong, Beijing Academy of Blockchain and Edge Computing

  • Election Eligibility with OpenID: Turning Authentication into Transferable Proof of Eligibility[11]Véronique Cortier, Alexandre Debant, Anselme Goetschmann, and Lucca Hirschi, Université de Lorraine, Inria, CNRS Nancy, France

  • Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs[12]Sebastian Angel, Eleftherios Ioannidis, and Elizabeth Margolin, University of Pennsylvania; Srinath Setty, Microsoft Research; Jess Woods, University of Pennsylvania

  • Scalable Zero-knowledge Proofs for Non-linear Functions in Machine Learning[13]Meng Hao, Hanxiao Chen, and Hongwei Li, School of Computer Science and Engineering, University of Electronic Science and Technology of China; Chenkai Weng, Northwestern University; Yuan Zhang and Haomiao Yang, School of Computer Science and Engineering, University of Electronic Science and Technology of China; Tianwei Zhang, Nanyang Technological University

  • ZKSMT: A VM for Proving SMT Theorems in Zero Knowledge[14]Daniel Luick, John C. Kolesar, and Timos Antonopoulos, Yale University; William R. Harris and James Parker, Galois, Inc.; Ruzica Piskac, Yale University; Eran Tromer, Boston University; Xiao Wang and Ning Luo, Northwestern University

  • SoK: What don't we know? Understanding Security Vulnerabilities in SNARKs[15]Stefanos Chaliasos, Imperial College London; Jens Ernstberger, Technical University of Munich; David Theodore, Ethereum Foundation; David Wong, zkSecurity; Mohammad Jahanara, Scroll Foundation; Benjamin Livshits, Imperial College London

Multi-Party Computation

  • Scalable Multi-Party Computation Protocols for Machine Learning in the Honest-Majority Setting[16]Fengrun Liu, University of Science and Technology of China & Shanghai Qi Zhi Institute; Xiang Xie, Shanghai Qi Zhi Institute & PADO Labs; Yu Yu, Shanghai Jiao Tong University & State Key Laboratory of Cryptology

  • Lightweight Authentication of Web Data via Garble-Then-Prove[17]Xiang Xie, PADO Labs; Kang Yang, State Key Laboratory of Cryptology; Xiao Wang, Northwestern University; Yu Yu, Shanghai Jiao Tong University and Shanghai Qi Zhi Institute

  • Holding Secrets Accountable: Auditing Privacy-Preserving Machine Learning[18]Hidde Lycklama, ETH Zurich; Alexander Viand, Intel; Nicolas Küchler, ETH Zurich; Christian Knabenhans, EPFL; Anwar Hithnawi, ETH Zurich

  • Secure Account Recovery for a Privacy-Preserving Web Service[19]Ryan Little, Boston University; Lucy Qin, Georgetown University; Mayank Varia, Boston University

Blockchain

  • Mempool Privacy via Batched Threshold Encryption: Attacks and Defenses[20]Arka Rai Choudhuri, NTT Research; Sanjam Garg, Julien Piet, and Guru-Vamsi Policharla, University of California, Berkeley

  • Speculative Denial-of-Service Attacks In Ethereum[21]Aviv Yaish, The Hebrew University; Kaihua Qin and Liyi Zhou, Imperial College London, UC Berkeley RDI; Aviv Zohar, The Hebrew University; Arthur Gervais, University College London, UC Berkeley RDI

  • GuideEnricher: Protecting the Anonymity of Ethereum Mixing Service Users with Deep Reinforcement Learning[22]Ravindu De Silva, University of California, Santa Barbara; Wenbo Guo, Purdue University; Nicola Ruaro, Ilya Grishchenko, Christopher Kruegel, and Giovanni Vigna, University of California, Santa Barbara

  • All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts[23]Tianle Sun, Huazhong University of Science and Technology; Ningyu He, Peking University; Jiang Xiao, Huazhong University of Science and Technology; Yinliang Yue, Zhongguancun Laboratory; Xiapu Luo, The Hong Kong Polytechnic University; Haoyu Wang, Huazhong University of Science and Technology

  • Using My Functions Should Follow My Checks: Understanding and Detecting Insecure OpenZeppelin Code in Smart Contracts[24]Han Liu, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing; Daoyuan Wu, The Hong Kong University of Science and Technology; Yuqiang Sun, Nanyang Technological University; Haijun Wang, Xi'an Jiaotong University; Kaixuan Li, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing; Yang Liu, Nanyang Technological University; Yixiang Chen, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing

  • zkCross: A Novel Architecture for Cross-Chain Privacy-Preserving Auditing[25]Yihao Guo, Minghui Xu, Xiuzhen Cheng, and Dongxiao Yu, Shandong University; Wangjie Qiu, Beihang University; Gang Qu, University of Maryland; Weibing Wang and Mingming Song, Cloud Inspur Information Technology Co., Ltd.

  • Pixel+ and Pixel++: Compact and Efficient Forward-Secure Multi-Signatures for PoS Blockchain Consensus[26]Jianghong Wei, State Key Laboratory of Integrated Service Networks (ISN), Xidian University, and State Key Laboratory of Mathematical Engineering and Advanced Computing; Guohua Tian, State Key Laboratory of Integrated Service Networks (ISN), Xidian University; Ding Wang, College of Cyber Science, Nankai University; Fuchun Guo and Willy Susilo, School of Computing and Information Technology, University of Wollongong; Xiaofeng Chen, State Key Laboratory of Integrated Service Networks (ISN), Xidian University

  • Max Attestation Matters: Making Honest Parties Lose Their Incentives in Ethereum PoS[27]Mingfei Zhang, Shandong University; Rujia Li and Sisi Duan, Tsinghua University

  • Sprints: Intermittent Blockchain PoW Mining[28]Michael Mirkin, Technion; Lulu Zhou, Yale University; Ittay Eyal, Technion; Fan Zhang, Yale University

参考资料
[1]

: https://www.usenix.org/conference/usenixsecurity24/presentation/fischer

[2]

: https://www.usenix.org/conference/usenixsecurity24/presentation/collins

[3]

: https://www.usenix.org/conference/usenixsecurity24/presentation/gegenhuber

[4]

: https://www.usenix.org/conference/usenixsecurity24/presentation/bhargavan

[5]

: https://www.usenix.org/conference/usenixsecurity24/presentation/gajland

[6]

: https://www.usenix.org/conference/usenixsecurity24/presentation/yang-yibin

[7]

: https://www.usenix.org/conference/usenixsecurity24/presentation/xin

[8]

: https://www.usenix.org/conference/usenixsecurity24/presentation/wen

[9]

: https://www.usenix.org/conference/usenixsecurity24/presentation/bailey

[10]

: https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-zongyang

[11]

: https://www.usenix.org/conference/usenixsecurity24/presentation/cortier

[12]

: https://www.usenix.org/conference/usenixsecurity24/presentation/angel

[13]

: https://www.usenix.org/conference/usenixsecurity24/presentation/hao-meng-scalable

[14]

: https://www.usenix.org/conference/usenixsecurity24/presentation/luick

[15]

: https://www.usenix.org/conference/usenixsecurity24/presentation/chaliasos

[16]

: https://www.usenix.org/conference/usenixsecurity24/presentation/liu-fengrun

[17]

: https://www.usenix.org/conference/usenixsecurity24/presentation/xie-xiang

[18]

: https://www.usenix.org/conference/usenixsecurity24/presentation/lycklama

[19]

: https://www.usenix.org/conference/usenixsecurity24/presentation/little

[20]

: https://www.usenix.org/conference/usenixsecurity24/presentation/choudhuri

[21]

: https://www.usenix.org/conference/usenixsecurity24/presentation/yaish

[22]

: https://www.usenix.org/conference/usenixsecurity24/presentation/de-silva

[23]

: https://www.usenix.org/conference/usenixsecurity24/presentation/sun-tianle

[24]

: https://www.usenix.org/conference/usenixsecurity24/presentation/liu-han

[25]

: https://www.usenix.org/conference/usenixsecurity24/presentation/guo-yihao

[26]

: https://www.usenix.org/conference/usenixsecurity24/presentation/wei-jianghong

[27]

: https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-mingfei

[28]

: https://www.usenix.org/conference/usenixsecurity24/presentation/mirkin


XPTY
寓形宇内复几时,曷不委心任去留?胡为乎遑遑欲何之?富贵非吾愿,帝乡不可期。怀良辰以孤往,或植杖而耘耔。登东皋以舒啸,临清流而赋诗。
 最新文章