Selected Publications

Below you find selected publications from the ZISC researchers. For more of our research papers, see the publication listings of the individual ZISC groups: Information Security, System Security, Network Security, Applied Cryptography, and Information Security and Cryptography.

2021

Jacqueline Brendel, Cas Cremers, Dennis Jackson, Mang Zhao.
The Provable Security of Ed25519: Theory and Practice.
IEEE Symposium on Security and Privacy (S&P), 2021.
[PDF]

Tobias Klenze, Christoph Sprenger, David Basin.
Formal Verification of Secure Forwarding Protocols
To appear in: CSF 2021.
[PDF]

Benjamin Rothenberger, Konstantin Taranov, Adrian Perrig, and Torsten Hoefler.
ReDMArk: Bypassing RDMA Security Mechanisms.
USENIX Security Symposium (USENIX Security), 2021.
[PDF]

Jonghoon Kwon, Claude Hähni, Patrick Bamert, and Adrian Perrig.
MONDRIAN: Comprehensive Inter-domain Network Zoning Architecture.
Symposium on Network and Distributed System Security (NDSS), 2021.
[PDF]

2020

Erica Blum, Chen-Da Liu Zhang, Julian Loss.
Always Have a Backup Plan: Fully Secure Synchronous MPC with Asynchronous Fallback.
Advances in Cryptology – CRYPTO 2020.
[PDF]

Hossein Shafagh, Lukas Burkhalter, Sylvia Ratnasamy, Anwar Hithnawi.
Droplet: Decentralized Authorization and Access Control for Encrypted Data Streams.
USENIX Security Symposium (USENIX Security), 2020.
[PDF]

Florian Tramèr, Dan Boneh, Kenneth G. Paterson.
Remote Side-​Channel Attacks on Anonymous Transactions.
USENIX Security Symposium (USENIX Security), 2020.
[PDF]

Mihir Bellare and Igors Stepanovs.
Security under Message-​Derived Keys: Signcryption in iMessage.
Advances in Cryptology – EUROCRYPT 2020.
[PDF]

Mihir Bellare, Hannah Davis, Felix Günther.
Separate Your Domains: NIST PQC KEMs, Oracle Cloning and Read-​Only Indifferentiability.
Advances in Cryptology – EUROCRYPT 2020.
[PDF]

Patrick Leu, Mridula Singh, Marc Roeschlin, Kenneth G. Paterson, Srdjan Capkun.
Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement.
IEEE Symposium on Security and Privacy (S&P), 2020.
[PDF]

Markus Legner, Tobias Klenze, Marc Wyss, Christoph Sprenger, and Adrian Perrig.
EPIC: Every Packet Is Checked in the Data Plane of a Path-Aware Internet.
USENIX Security Symposium (USENIX Security), 2020.
[PDF]

Guillaume Girol, Lucca Hirschi, Ralf Sasse, Dennis Jackson, Cas Cremers, David Basin.
A Spectral Analysis of Noise: A Comprehensive, Automated, Formal Analysis of Diffie-​Hellman Protocols.
USENIX Security Symposium (USENIX Security), 2020.
[PDF]

Karl Wüst, Sinisa Matetic, Silvan Egli, Kari Kostiainen, Srdjan Capkun.
ACE: Asynchronous and Concurrent Execution of Complex Smart Contracts.
ACM Conference on Computer and Communication Security (CCS), 2020.
[PDF]

David Lanzenberger, Ueli Maurer.
Coupling of Random Systems.
Theory of Cryptography — TCC 2020.
[PDF]

Chen-Da Liu Zhang, Ueli Maurer.
Synchronous Constructive Cryptography
Theory of Cryptography — TCC 2020.
[PDF]

David Basin, Sasa Radomirovic, Lara Schmid.
Dispute Resolution in Voting.
IEEE Computer Security Foundations (CSF), 2020.
[PDF]

Laurent Chuat, AbdelRahman Abdou, Ralf Sasse, Christoph Sprenger, David Basin, and Adrian Perrig.
SoK: Delegation and Revocation, the Missing Links in the Web’s Chain of Trust.
IEEE European Symposium on Security and Privacy (EuroS&P), 2020.
[PDF]

Konstantin Taranov, Benjamin Rothenberger, Adrian Perrig, and Torsten Hoefler.
sRDMA: Efficient NIC-based Authentication and Encryption for Remote Direct Memory Access.
USENIX Annual Technical Conference (USENIX ATC), 2020.
[PDF]

Christoph Sprenger, Tobias Klenze, Marco Eilers, Felix A. Wolf, Peter Müller, Martin Clochard, and David Basin
Igloo: Soundly Linking Compositional Refinement and Separation Logic for Distributed System Verification.
Object-oriented Programming, Systems, Languages, and Applications (OOPSLA), 2020.
[PDF]

Jonghoon Kwon, Taeho Lee, Claude Hähni, and Adrian Perrig.
SVLAN: Secure & Scalable Network Virtualization.
Symposium on Network and Distributed System Security (NDSS), 2020.
[PDF]

Vasilios Mavroudis, Karl Wüst, Aritra Dhar, Kari Kostiainen, Srdjan Capkun.
Snappy: Fast On-​chain Payments with Practical Collaterals.
Symposium on Network and Distributed System Security (NDSS), 2020.
[PDF]

Aritra Dhar, Enis Ulqinaku, Kari Kostiainen, Srdjan Capkin
ProtectIOn: Root-​of-Trust for IO in Compromised Platforms
Symposium on Network and Distributed System Security (NDSS), 2020.
[PDF]

Benjamin Rothenberger, Dominik Roos, Markus Legner, and Adrian Perrig.
PISKES: Pragmatic Internet-Scale Key-Establishment System.
ACM Asia Conference on Computer and Communications Security (ASIACCS), 2020.
[PDF]

2019

Sinisa Matetic, Karl Wuest, Moritz Schneider, Kari Kostiainen, Ghassan Karame, Srdjan Capkun.
BITE: Bitcoin Lightweight Client Privacy using Trusted Execution.
USENIX Security Symposium (USENIX Security), 2019.
[PDF]

Mridula Singh, Patrick Leu, AbdelRahman Abdou, Srdjan Capkun.
UWB-​ED: Distance Enlargement Attack Detection in Ultra-​Wideband.
USENIX Security Symposium (USENIX Security), 2019.
[PDF]

Sven Hammann, Sasa Radomirovic, Ralf Sasse, and David Basin.
User Account Access Graphs.
ACM Conference on Computer and Communications Security (CCS), 2019.
[PDF]

Dennis Jackson, Cas Cremers, Katriel Cohn-​Gordon, Ralf Sasse.
Seems Legit: Automated Analysis of Subtle Attacks on Protocols that Use Signatures.
ACM Conference on Computer and Communications Security (CCS), 2019.
[PDF]

Damien Desfontaines, Andreas Lochbihler, and David Basin.
Cardinality Estimators do not Preserve Privacy.
Proceedings on Privacy Enhancing Technologies (PoPets), 2019.
[PDF]

Pavlos Nikolopoulos, Christos Pappas, Katerina Argyraki, and Adrian Perrig.
Retroactive Packet Sampling for Traffic Receipts.
In Proceedings of the ACM Conference on Measurement and Analysis of Computing Systems (SIGMETRICS), 2019.
[PDF]

Daniel Jost, Ueli Maurer, and Marta Mularczyk.
A Unified and Composable Take on Ratcheting.
Theory of Cryptography — TCC 2019, LNCS, Springer International Publishing, vol. 11891, pp. 180–210, Dec 2019.
[PDF]

Fabio Banfi, Ueli Maurer, Christopher Portmann, and Jiamin Zhu.
Composable and Finite Computational Security of Quantum Message Transmission.
Theory of Cryptography – TCC 2019, LNCS, Springer, vol. 11891, pp. 282–311, Dec 2019.
[PDF]

Piet De Vaere, and Adrian Perrig.
Liam: An Architectural Framework for Decentralized IoT Networks.
In Proceedings of the International Conference on Mobile Ad Hoc and Sensor Systems (MASS), 2019.
[PDF]

Jorden Whitefield, Liqun Chen, Ralf Sasse, Steve Schneider, Helen Treharne, Stephan Wesemeyer.
A Symbolic Analysis of ECC-​based Direct Anonymous Attestation.
IEEE European Symposium on Security and Privacy (EuroS&P), 2019.
[PDF]

David Sommer, Aritra Dhar, Esfandiar Mohammadi, Daniel Ronzani, and Srdjan Capkun.
Deniable Upload and Download via Passive Participation.
USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2019.
[PDF]

Christos Pappas, Taeho Lee, Raphael M. Reischuk, Pawel Szalachowski, and Adrian Perrig.
Network Transparency for Better Internet Security.
IEEE/ACM Transactions on Networking, 27 (5) 2019.
[PDF]

2018

Rio Lavigne and Chen-Da Liu-Zhang and Ueli Maurer and Tal Moran and Marta Mularczyk and Daniel Tschudi
Topology-Hiding Computation Beyond Semi-Honest Adversaries
Theory of Cryptography Conference, TCC 2018, pp. 3-35, Springer, 2018.
[PDF]

Hubert Ritzdorf, Karl Wüst, Arthur Gervais, Guillaume Felley, Srdjan Capkun.
TLS-N: Non-repudiation over TLS Enablign Ubiquitous Content Signing.
Symposium on Network and Distributed System Security (NDSS), 2018.
[PDF]

Hao Wu, Hsu-Chun Hsiao, Daniele E. Asoni, Simon Scherrer, Adrian Perrig, Yih-Chun Hu.
CLEF: Limiting the Damage Caused by Large Flows in the Internet Core.
International Conference on Cryptology and Network Security (CANS), 2018.
[PDF]

David Basin, Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, Ralf Sasse, Vincent Stettler.
A Formal Analysis of 5G Authentication.
ACM Conference on Computer and Communications Security (CCS), 2018.
[PDF]

Sebastian Meiser, Esfandiar Mohammadi.
Tight on Budget? Tight Bounds for r-Fold Approximate Differential Privacy.
ACM Conference on Computer and Communications Security (CCS), 2018.
[PDF]

Christian Badertscher, Peter Gaži, Aggelos Kiayias, Alexander Russel, and Vassilis Zikas.
Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability.
ACM Conference on Computer and Communications Security (CCS), 2018.
[PDF]

Taeho Lee, Christos Pappas, Pawel Szalachowski and Adrian Perrig.
Towards Sustainable Evolution for the TLS Public-Key Infrastructure.
ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2018.
[PDF]

Sinisa Matetic, Moritz Schneider, Andrew Miller, Ari Juels, Srdjan Capkun.
DelegaTEE: Brokered Delegation Using Trusted Execution Environments.
USENIX Security Symposium 2018 (USENIX Security), pages 1387 – 1403, 2018.
[PDF]

Chen Chen, Daniele E. Asoni, Adrian Perrig, David Barrera, George Danezis, Carmela Troncoso.
TARANET: Traffic-Analysis Resistant Anonymity at the Network Layer.
IEEE European Symposium on Security and Privacy (EuroS&P), 2018.
[PDF]

Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, Aniket Kate.
Anonymity Trilemma: Strong Anonymity, Low Bandwidth Overhead, Low Latency—Choose Two.
IEEE Symposium on Security and Privacy (S&P), pages 170 – 188, IEEE, 2018.
[PDF]

C. Badertscher, J. Garay, U. Maurer, D. Tschudi, V. Zikas.
But Why Does it Work? A Rational Protocol Design Treatment of Bitcoin.
Advances in Cryptology – EUROCRYPT 2018 – Proceedings, Part II, pp. 34-65, 2018.
[PDF]

Vadim Lyubashevsky and Gregor Seiler.
Short, Invertible Elements in Partially Splitting Cyclotomic Rings and Applications to Lattice-Based Zero-Knowledge Proofs.
Advances in Cryptology — EUROCRYPT 2018 (EUROCRYPT), 2018.
[PDF]

2017

Stephanos Matsumoto, Raphael M. Reischuk.
IKP: Turning a PKI Around with Decentralized Automated Incentives
IEEE Symposium on Security and Privacy (S&P) 2017.
[PDF]

Chen Chen, Adrian Perrig.
PHI: Path-Hidden Lightweight Anonymity Protocol at Network Layer
Privacy Enhancing Technologies (PoPETs), 2017.
[PDF]

Christopher Portmann.
Quantum Authentication with Key Recycling.
Advances in Cryptology – EUROCRYPT 2017 – Proceedings, Part III, pp. 339-368, 2017.
[PDF]

C. Badertscher, U. Maurer, D. Tschudi, V. Zikas.
Bitcoin as a Transaction Ledger: A Composable Treatment.
Advances in Cryptology – CRYPTO 2017 – Proceedings, Part I, pp. 324-356, 2017.
[PDF]

2016

T. Lee, C. Pappas, D. Barrera, P. Szalachowski, A. Perrig.
Source Accountability with Domain-brokered Privacy
ACM Conference on Emerging Networking Experiments and Technologies (CoNEXT), 2016
[PDF, DOI]

S. Matsumoto, S. Steffen, A. Perrig.
CASTLE: CA Signing in a TouchLess Environment
Annual Computer Security Applications Conference (ACSAC), 2016.
[PDF]

David Basin, Cas Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, Pawel Szalachowski.
Design, Analysis, and Implementation of ARPKI: an Attack-Resilient Public Key Infrastructure.
IEEE Transactions on Dependable and Secure Computing (TDSC), 2016.
[PDF, DOI]

A. Gervais, G. O. Karame, K. Wüst, V. Glykantzis, H. Ritzdorf, S. Capkun.
On the Security and Performance of Proof of Work Blockchains.
ACM Conference on Computer and Communication Security (CCS) 2016.
[PDF, DOI, presentation, press]

B. Bichsel, V. Raychev, P. Tsankov, M. Vechev.
Statistical Deobfuscation of Android Applications.
ACM Conference on Computer and Communication Security (CCS) 2016.
[PDF, DOI, presentation, website]

M. Backes, R. Kuennemann, E. Mohammadi.
Computational Soundness for Dalvik Bytecode.
ACM Conference on Computer and Communication Security (CCS) 2016.
[PDF, DOI, presentation]

David Basin, Sasa Radomirovic, and Lara Schmid.
Modeling Human Errors in Security Protocols.
IEEE Computer Security Foundations Symposium (CSF), 2016.
[PDF, DOI]

Petar Tsankov, Mohammad Torabi Dashti, David Basin.
Access Control Synthesis for Physical Spaces.
IEEE Computer Security Foundations Symposium (CSF), 2016.
[PDF, DOI]

D.-Y. Yu, A. Ranganathan, R. J. Masti, C. Soriente, S. Capkun.
SALVE: Server Authentication with Location VErification.
ACM Conference on Mobile Computing and Networking (MobiCom) 2016.
[PDF, DOI, presentation]

A. Ranganathan, H. Olafsdottir, S. Capkun.
SPREE: A Spoofing Resistant GPS Receiver.
ACM Conference on Mobile Computing and Networking (MobiCom) 2016.
[PDF, DOI, teaser video]

D. Moser, P. Leu, V. Lenders, A. Ranganathan, F. Ricciato, S. Capkun.
Investigation of Multi-device Location Spoofing Attacks on Air Traffic Control and Possible Countermeasures.
ACM Conference on Mobile Computing and Networking (MobiCom) 2016.
[PDF, DOI, teaser video]

Martin Hirt, Ueli Maurer, Daniel Tschudi, and Vassilis Zikas.
Network-Hiding Communication and Applications to Multi-Party Protocols.
Advances in Cryptology (CRYPTO), 2016.
[PDF, DOI, presentation]

N. Karapanos, A. Filios, R. A. Popa, S. Capkun.
Verena: End-to-End Integrity Protection for Web Applications.
IEEE Symposium on Security and Privacy (S&P) 2016.
[PDF, DOI]

C. Basescu, Y.-H. Lin, H. Zhang, A. Perrig.
High-Speed Inter-domain Fault Localization.
IEEE Symposium on Security and Privacy (S&P) 2016.
[PDF, DOI]

O. Bachem, M. Lucic, H. Hassani, A. Krause.
Approximate K-Means++ in Sublinear Time.
Conference on Artificial Intelligence (AAAI), 2016.
[PDF]

Claudio Marforio, Ramya Jayaram Masti, Claudio Soriente, Kari Kostiainen, Srdjan Capkun.
Evaluation of Personalized Security Indicators as an Anti-Phishing Mechanism for Smartphone Applications.
SIGCHI Conference on Human Factors in Computing Systems (CHI), 2016.
[PDF, DOI, teaser video]

Cristina Basescu, Raphael M. Reischuk, Pawel Szalachowski, Adrian Perrig, Yao Zhang, Hsu-Chun Hsiao, Ayumu Kubota, Jumpei Urakawa.
SIBRA: Scalable Internet Bandwidth Reservation Architecture.
Symposium on Network and Distributed System Security (NDSS), 2016.
[PDF]

2015

M. Lucic, M. I. Ohannessian, A. Karbasi, A. Krause
Tradeoffs for Space, Time, Data and Risk in Unsupervised Learning
International Conference on Artificial Intelligence and Statistics (AISTATS), 2015
[PDF]

M. Lucic, O. Bachem, A. Krause
Strong Coresets for Hard and Soft Bregman Clustering with Applications to Exponential Family Mixtures
Technical report arXiv, 2015
[PDF]

O. Bachem, M. Lucic, A. Krause
Coresets for Nonparametric Estimation – the Case of DP-Means
International Conference on Machine Learning (ICML), 2015
[PDF]

Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, Srdjan Capkun
Tampering with the Delivery of Blocks and Transactions in Bitcoin
ACM Conference on Computer and Communication Security (CCS), 2015
[PDF]

G. Demay, P. Gaži, U. Maurer, and B. Tackmann
Query-Complexity Amplification for Random Oracles
International Conference on Information Theoretic Security, 2015
[PDF]

Claudio Soriente, Ghassan O. Karame, Hubert Ritzdorf, Srdjan Marinovic, Srdjan Capkun
Commune: Shared Ownership in an Agnostic Cloud
Symposium on Access control Models and Technologies (SACMAT) 2015,
[PDF]

Carlos Cotrini, Thilo Weghorn, David Basin, and Manuel Clavel
Analyzing First-order Role Based Access Control
IEEE Computer Security Foundations Symposium (CSF), 2015
[PDF]

Stephanos Matsumoto, Raphael M. Reischuk
Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS
NDSS Workshop on Security of Emerging Networking Technologies (SENT), 2015
[PDF]

Michael Backes, Manuel Barbosa, Dario Fiore, Raphael M. Reischuk
ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data
IEEE Symposium on Security and Privacy (S&P), 2015
[PDF]