Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- posterOctober 2018
Practical and Privacy-Aware Truth Discovery in Mobile Crowd Sensing Systems
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 2312–2314https://doi.org/10.1145/3243734.3278529We design a Practical and Privacy-Aware Truth Discovery (PPATD) approach in mobile crowd sensing systems, which supports users to go offline at any time while still achieving practical efficiency under working process. More notably, our PPATD is the ...
- posterOctober 2018
Off-Path Attacks Against PKI
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 2213–2215https://doi.org/10.1145/3243734.3278516The security of Internet-based applications fundamentally relies on the trustworthiness of Certificate Authorities (CAs). We practically demonstrate for the first time that even a very weak attacker, namely, an off-path attacker, can effectively subvert ...
- research-articleOctober 2018
Fast Multiparty Threshold ECDSA with Fast Trustless Setup
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 1179–1194https://doi.org/10.1145/3243734.3243859A threshold signature scheme enables distributed signing among n players such that any subgroup of size $t+1$ can sign, whereas any group with t or fewer players cannot. While there exist previous threshold schemes for the ECDSA signature scheme, we are ...
- research-articleOctober 2018
New Constructions for Forward and Backward Private Symmetric Searchable Encryption
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 1038–1055https://doi.org/10.1145/3243734.3243833We study the problem of dynamic symmetric searchable encryption. In that setting, it is crucial to minimize the information revealed to the server as a result of update operations (insertions and deletions). Two relevant privacy properties have been ...
- research-articleOctober 2018
Release the Kraken: New KRACKs in the 802.11 Standard
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 299–314https://doi.org/10.1145/3243734.3243807We improve key reinstallation attacks (KRACKs) against 802.11 by generalizing known attacks, systematically analyzing all handshakes, bypassing 802.11's official countermeasure, auditing (flawed) patches, and enhancing attacks using implementation-...
- research-articleOctober 2018
AIM-SDN: Attacking Information Mismanagement in SDN-datastores
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 664–676https://doi.org/10.1145/3243734.3243799Network Management is a critical process for an enterprise to configure and monitor the network devices using cost effective methods. It is imperative for it to be robust and free from adversarial or accidental security flaws. With the advent of cloud ...
- research-articleOctober 2018
Secure Opportunistic Multipath Key Exchange
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 2077–2094https://doi.org/10.1145/3243734.3243791The security of today's widely used communication security protocols is based on trust in Certificate Authorities (CAs). However, the real security of this approach is debatable, since certificate handling is tedious and many recent attacks have ...
- research-articleOctober 2018
Domain Validation++ For MitM-Resilient PKI
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 2060–2076https://doi.org/10.1145/3243734.3243790The security of Internet-based applications fundamentally relies on the trustworthiness of Certificate Authorities (CAs). We practically demonstrate for the first time that even a weak off-path attacker can effectively subvert the trustworthiness of ...
- research-articleOctober 2018
Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 1397–1414https://doi.org/10.1145/3243734.3243775Today, about 10% of TLS connections are still using CBC-mode cipher suites, despite a long history of attacks and the availability of better options (e.g. AES-GCM). In this work, we present three new types of attack against four popular fully patched ...
- research-articleOctober 2018
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 1802–1819https://doi.org/10.1145/3243734.3243747In the past few years secure messaging has become mainstream, with over a billion active users of end-to-end encryption protocols such as Signal. The Signal Protocol provides a strong property called post-compromise security to its users. However, it ...
- research-articleOctober 2018
The Gap Game
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityPages 713–728https://doi.org/10.1145/3243734.3243737Blockchain-based cryptocurrencies secure a decentralized consensus protocol by incentives. The protocol participants, called miners, generate (mine) a series of blocks, each containing monetary transactions created by system users. As incentive for ...