Computer security - ESORICS 2022 . Part I : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others]
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Computer security - ESORICS 2022 . Part I : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others]
|
| Pubblicazione: | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| ©2022 | |
| Descrizione fisica: | 1 online resource (749 pages) |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer networks - Security measures |
| Computer security | |
| Persona (resp. second.): | AtluriVijayalakshmi |
| Nota di contenuto: | Intro -- Preface -- Organization -- Keynotes -- Cyber Resilience: An Agenda for the Future of Cyberspace Security -- Lessons Learned from Building and Attacking Secure Computing Systems -- A Perspective on IoT Security -- Contents - Part I -- Contents - Part II -- Contents - Part III -- Blockchain Security -- A Blockchain-Based Long-Term Time-Stamping Scheme -- 1 Introduction -- 2 Related Works -- 3 Preliminaries -- 4 Definitions of a BLTTS Scheme -- 4.1 Scheme Definition -- 4.2 Security Model -- 5 The Proposed BLTTS Scheme -- 5.1 Proposed BLTTS Scheme with Three Solutions -- 5.2 Solutions Comparison -- 6 Security Analysis -- 7 Implementations -- 8 Conclusions -- A Implementations -- References -- Post-Quantum Verifiable Random Function from Symmetric Primitives in PoS Blockchain -- 1 Introduction -- 1.1 Verifiable Random Function (VRF) -- 1.2 VRFs in the Blockchain -- 1.3 Our Contributions -- 1.4 Our Approach -- 2 Verifiable Random Function (VRF) -- 3 SL-VRF: Stateless Verifiable Random Function from PRF and NIZK -- 3.1 SL-VRF from PRF+NIZK Construction -- 4 X-VRF: Verifiable Random Function from XMSS -- 4.1 X-VRF from XMSS Construction -- 4.2 X-VRF Security Analysis -- 5 Implementation and Evaluation -- 5.1 VRF Proof Sizes -- 5.2 Memory Requirements -- 5.3 VRF Computation Efficiency -- 6 Integration to Algorand -- 6.1 Performance Estimation -- 6.2 Dual Key Scheduling -- 6.3 X-VRF Instances -- 6.4 Comparison with Current State-of-the-art and Final Remarks -- A Appendix -- A.1 Proof of Lemma 1 -- A.2 Proof of Theorem 1 -- A.3 XMSS Signature Scheme -- References -- Opportunistic Algorithmic Double-Spending: -- 1 Introduction -- 1.1 Related Work -- 1.2 Paper Structure -- 2 What is Algorithmic Double-Spending? -- 3 System Model and Assumptions -- 4 Semantic Malleability of Bitcoin and Cardano -- 5 Semantic Malleability in Ethereum. |
| 5.1 How to Construct an OpAl Fork Oracle in Ethereum -- 5.2 Proof of Concept OpAl Attack Contract -- 5.3 Cost Overhead of PoC Attack in Ethereum -- 6 Empirical Analysis of Ethereum Transaction Traces -- 7 Mitigation Strategies Against OpAl -- 7.1 Can Blockchains Be Characterized as State Machines? -- 8 Conclusion -- References -- Zero-History Confidential Chains with Zero-Knowledge Contracts: A New Normal for Decentralized Ledgers? -- 1 Introduction -- 2 Preliminaries -- 3 Zero-History Confidential Chains -- 4 Implementation and Experiments -- References -- Secure Hierarchical Deterministic Wallet Supporting Stealth Address -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Related Work -- 1.3 Outline -- 2 Definitions of HDWSA -- 2.1 Notations of Hierarchy -- 2.2 Algorithm Definition -- 2.3 Security Models -- 3 Our Construction -- 3.1 Preliminaries -- 3.2 Construction -- 3.3 Security Analysis -- 4 Implementation -- References -- Zero-Knowledge Age Restriction for GNU Taler -- 1 Introduction -- 2 Age Restriction -- 2.1 Signatures -- 2.2 Achieving Unlinkability -- 2.3 Requirements Imposed on the Functions (1)-(5) -- 3 Instantiation with ECDSA -- 4 Proofs of the Security Properties -- 5 Background: GNU Taler -- 6 Integration into GNU Taler -- 7 Implementation and Benchmarks -- 8 Discussion -- 9 Related Work -- 10 Conclusion -- A Edx25519 -- References -- Privacy -- Privacy Leakage in Privacy-Preserving Neural Network Inference*-6pt -- 1 Introduction -- 1.1 Privacy Concerns in Machine Learning -- 1.2 MPC for PPML -- 1.3 SCSDF Framework for Neural Network Inference -- 2 The SCSDF Framework and Its Security Flaws -- 2.1 Overview -- 2.2 Concrete DReLU Protocol -- 2.3 Security Flaws in Formal Simulation -- 2.4 Privacy Leakage in Concrete Protocols -- 3 Experimental Evaluation on Privacy Leakage -- 3.1 Basic Setup -- 3.2 Probability Density Analysis. | |
| 3.3 Privacy Leakage in ReLU -- 3.4 Privacy Leakage in Sigmoid -- 4 Countermeasure -- 4.1 Add Permutation -- 4.2 Relax Mask Restrictions -- 4.3 Experimental Evaluation of Countermeasures -- 5 Conclusion -- A Preliminary -- A.1 Neural Network -- A.2 Fixed-Point Number -- A.3 Addictive Secret Sharing -- A.4 Threat Model -- References -- Enhancing User Privacy in Mobile Devices Through Prediction of Privacy Preferences -- 1 Introduction -- 2 Related Work -- 3 Permission Decisions in Context -- 3.1 The Dataset -- 3.2 Exploratory Analysis -- 4 Predicting Privacy Decisions -- 4.1 Global Prediction -- 4.2 Personalized Prediction -- 5 Limitations and Future Work -- 6 Conclusion -- A Grant Rate -- B Information Gain -- References -- One Vote Is Enough for Analysing Privacy -- 1 Introduction -- 2 Modelling Security Protocols -- 2.1 Messages -- 2.2 Processes -- 2.3 Equivalences -- 3 Modelling the General BPRIV Notion -- 3.1 Modelling E-Voting Protocols -- 3.2 A Symbolic Definition of BPRIV -- 3.3 Auxiliary Properties -- 4 Reduction -- 4.1 Reduction to One Honest Voter -- 4.2 Bounding the Number of Dishonest Voters -- 4.3 Main Result -- 5 Dealing with Revoting -- 6 Applications and Case Studies -- 7 Conclusion -- Appendix A Some Counting Functions -- A.1 Some 1-Bounded Counting Functions -- A.2 Single Transferable Vote -- References -- Local Differential Privacy for Federated Learning*-6pt -- 1 Introduction -- 2 Background -- 2.1 Federated Learning -- 2.2 Local Differential Privacy -- 2.3 Randomized Aggregatable Privacy-Preserving Ordinal Response (RAPPOR) -- 2.4 Optimized Unary Encoding -- 2.5 Postprocessing Invariance/Robustness and Composition -- 3 Our Approach -- 3.1 Generating a Fully Trained CNN Using the Local Private Data -- 3.2 Generating Flattened 1-D Vectors of Inputs and Randomizing Them to Enforce DP. | |
| 3.3 Conducting Federated Learning over Randomized Data -- 4 Results and Discussion -- 4.1 LDPFL Architectural Configurations and Datasets Used During the Experiments -- 4.2 Conducting Experiments on LDPFL -- 4.3 LDPFL Model Performance -- 5 Related Work -- 6 Conclusion -- References -- XSPIR: Efficient Symmetrically Private Information Retrieval from Ring-LWE -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries and Background -- 2.1 (Symmetrically) Private Information Retrieval -- 2.2 Homomorphic Encryption -- 3 Main Construction -- 3.1 PIR from Homomorphic Encryption -- 3.2 XSPIR: Adding Data Privacy -- 3.3 Security -- 4 Implementation and Evaluation -- 4.1 Parameter Choices -- 4.2 Experimental Comparisons -- 4.3 Comparison to 1-out-of-n OT -- References -- Scaling up GAEN Pseudorandom Processes: Preparing for a More Extensive Pandemic -- 1 Introduction -- 1.1 Contributions -- 2 Background and Notations -- 3 Dice and Splice: Fast Elimination of Irrelevant Keys -- 3.1 For d=2 -- 3.2 For General d2 -- 3.3 Performance Analysis -- 3.4 Simulation Study -- 4 The Forest from the PRF-tree: Elastic Adaptation of TEK Period -- 4.1 The Elastic-key Protocol -- 4.2 Combining ``Forest from the PRF-Tree'' with ``Dice and Splice'' Techniques -- 4.3 The Cost-Privacy Trade-off of the Elastic Key GAEN -- 4.4 Simulation Study -- A Pseudo-Codes -- References -- Crypto -- Generic Construction of Trace-and-Revoke Inner Product Functional Encryption -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Related Work -- 1.4 Organization -- 2 Preliminaries -- 3 Trace-and-Revoke Inner-Product Functional Encryption -- 4 Generic Construction of Trace-and-Revoke IPFE -- 4.1 Adaptive Security -- 4.2 Public Black-box Traceability -- 5 Trace-and-Revoke IPFE from LWE, DDH and DCR. | |
| 5.1 Trace-and-Revoke IPFE from LWE and DCR -- 5.2 Trace-and-Revoke IPFE from DDH -- 6 Conclusion -- References -- Spatial Encryption Revisited: From Delegatable Multiple Inner Product Encryption and More -- 1 Introduction -- 1.1 Our Motivations -- 1.2 Contributions -- 1.3 Overview of Our Results -- 2 Preliminaries -- 2.1 Framework of Spatial Encryption -- 2.2 Lattices, Gaussians, Trapdoors, Lattice Evaluations for Inner Product Functions -- 3 Delegatable Multiple Inner Product Encryption -- 4 Generic SE Construction from DMIPE -- 5 Lattice-Based DMIPE Construction -- 5.1 Correctness and Security -- 6 Constructing DMIPE from SE -- 7 Allow-/Deny-List Encryption from Spatial Encryption -- 7.1 Framework of ADE -- 7.2 Transforming sADE and iADE to SE -- 8 Conclusions and Future Works -- References -- Public Key Authenticated Encryption with Keyword Search from LWE -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 2 Preliminaries -- 3 System and Security Models of PAEKS -- 3.1 System Model of PAEKS -- 3.2 Security Model of PAEKS -- 4 Analysis of Liu et al. ch15asiaccs2022 and Emura ch15cryptoeprint:2022:072 -- 5 Our First PAEKS Scheme -- 5.1 Correctness and Parameter Selection -- 5.2 Security Proof -- 6 Our Second PAEKS Scheme -- 6.1 Correctness and Parameter Selection -- 6.2 Security Proof -- 7 Comparison -- 8 Conclusion -- References -- An Efficient Query Recovery Attack Against a Graph Encryption Scheme -- 1 Introduction -- 1.1 Prior and Related Work -- 2 Preliminaries -- 2.1 Graph Isomorphisms -- 2.2 Canonical Names -- 2.3 Threat Model and Assumptions -- 3 The GKT Graph Encryption Scheme -- 3.1 GKT Scheme Overview -- 3.2 Leakage of the GKT Scheme -- 3.3 Implications of Leakage -- 4 Query Recovery -- 4.1 Formalising Query Recovery Attacks -- 4.2 Technical Results -- 4.3 Overview of the Query Recovery Attack. | |
| 4.4 Computing the Path Names. | |
| Titolo autorizzato: | Computer security - ESORICS 2022 |
| ISBN: | 3-031-17140-3 |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 996490355703316 |
| Lo trovi qui: | Univ. di Salerno |
| Opac: | Controlla la disponibilità qui |
Serie:
Lecture notes in computer science.