Abstract: In the first part of the talk, we will discuss the vision, possible applications, and the economic power behind the phenomenon of cryptocurrencies and distributed ledgers. Then, based on your basic knowledge of Bitcoin, we will have a look at current technical limitations of the approach and approaches to overcome these. We will have
Abstract: When can you trust the software running on your computer? To answer this question, it is not enough to reason about the state of an individual host — we must also understand if real-world adversaries can invalidate the assumptions behind our methods for establishing trust in software components. In this talk I will
Abstract: A well-known and recurring Internet security concern is supporting HTTPS for the privacy and integrity of data in end-to-end communications. However, many studies have shown that HTTPS adoption rate remains low nowadays and websites often fail to correctly configure HTTPS. In this talk, I will present two of our recent studies that investigate the
Abstract: Physically Unclonable Functions (PUFs) are commonly used in cryptography to identify devices based on the uniqueness of their physical microstructures. DRAM-based PUFs have numerous advantages over PUF designs that exploit alternative substrates: DRAM is a major component of many modern systems, and a DRAM-based PUF can generate many unique identifiers. However, none of the
Abstract: Secure multi-party computation (MPC) allows n distrusting parties to jointly compute a function of their inputs while revealing nothing but the output of the function. At TCC 15, Moran et al. [1] introduced “Topology-Hiding MPC”. Here, one considers MPC over an incomplete network, where the network topology, in itself, is considered sensitive information. The
Abstract: Privacy guarantees of a privacy-enhancing system have to be robust against thousands of observations for many realistic application scenarios, such as anonymous communication systems, privacy-enhancing database queries, or privacy-enhancing machine-learning methods. The notion of r-fold Approximate Differential Privacy (ADP) offers a well-established framework with clear privacy bounds and with composition theorems that capture how
Abstract: Primary considerations for enterprise customers who want to leverage apublic cloud are data security and the effort involved in migratingexisting applications. But how do enterprise customers use cloud? How dothey evaluate a cloud vendor¹s security capabilities? How do they securetheir resources in the cloud? What are the pillars of a trusted enterprisecloud? In this
Abstract: IP address spoofing allows large-scale Distributed Denial of Service (DDoS) reflection attacks. In these attacks, an adversary sends the initial packet of a communication protocol to a reflector, without performing a full handshake. An efficient first-packet authentication system can mitigate such attacks. This work presents the design, implementation, analysis, and experimental evaluation of PISKES,
Abstract: Bitcoin is perhaps the most prominent example of a distributed cryptographic protocol that is extensively used in everyday life. In this talk, we present a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as a ledger functionality in the universal composability (UC) model of Canetti. Unlike
Abstract: Anonymous communication networks (ACNs) are basic building blocks for obtaining or exchanging data in a privacy-preserving manner. ACNs suffer from a bootstrapping problem: having few users leads to a small anonymity set, which renders the ACN unattractive. We propose a system, CoverUp, that tackles the bootstrapping problem for ACNs. The key idea is to draw