https://www.usenix.org/conference/usenixsecurity24/technical-sessions
AUGUST 14–16, 2024
The Challenges of Bringing Cryptography from Research Papers to Products: Results from an Interview Study with Experts[1]Konstantin Fischer, Ruhr University Bochum; Ivana Trummová, Czech Technical University in Prague; Phillip Gajland, Ruhr University Bochum and Max Planck Institute for Security and Privacy; Yasemin Acar, Paderborn University and The George Washington University; Sascha Fahl, CISPA - Helmholtz-Center for Information Security; Angela Sasse, Ruhr University Bochum
Secret Key Exchange
K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures[2]Daniel Collins, Loïs Huguenin-Dumittan, and Ngoc Khanh Nguyen, EPFL; Nicolas Rolin, Spuerkeess; Serge Vaudenay, EPFL
Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments[3]Gabriel Karl Gegenhuber and Florian Holzbauer, University of Vienna; Philipp Émile Frenzel, SBA Research; Edgar Weippl, University of Vienna; Adrian Dabrowski, CISPA Helmholtz Center for Information Security
Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging[4]Karthikeyan Bhargavan, Cryspen; Charlie Jacomme, Université de Lorraine, LORIA, Inria Nancy Grand-Est; Franziskus Kiefer, Cryspen; Rolfe Schmidt, Signal Messenger
SWOOSH: Efficient Lattice-Based Non-Interactive Key Exchange[5]Phillip Gajland, Max Planck Institute for Security and Privacy, Ruhr University Bochum; Bor de Kock, NTNU - Norwegian University of Science and Technology, Trondheim, Norway; Miguel Quaresma, Max Planck Institute for Security and Privacy; Giulio Malavolta, Bocconi University, Max Planck Institute for Security and Privacy; Peter Schwabe, Max Planck Institute for Security and Privacy, Radboud University
Zero-Knowledge Proof
Two Shuffles Make a RAM: Improved Constant Overhead Zero Knowledge RAM[6]Yibin Yang, Georgia Institute of Technology; David Heath, University of Illinois Urbana-Champaign
Notus: Dynamic Proofs of Liabilities from Zero-knowledge RSA Accumulators[7]Jiajun Xin, Arman Haghighi, Xiangan Tian, and Dimitrios Papadopoulos, The Hong Kong University of Science and Technology
Practical Security Analysis of Zero-Knowledge Proof Circuits[8]Hongbo Wen, University of California, Santa Barbara; Jon Stephens, The University of Texas at Austin and Veridise; Yanju Chen, University of California, Santa Barbara; Kostas Ferles, Veridise; Shankara Pailoor, The University of Texas at Austin and Veridise; Kyle Charbonnet, Ethereum Foundation; Isil Dillig, The University of Texas at Austin and Veridise; Yu Feng, University of California, Santa Barbara, and Veridise
Formalizing Soundness Proofs of Linear PCP SNARKs[9]Bolton Bailey and Andrew Miller, University of Illinois at Urbana-Champaign
Fast RS-IOP Multivariate Polynomial Commitments and Verifiable Secret Sharing[10]Zongyang Zhang, Weihan Li, Yanpei Guo, and Kexin Shi, Beihang University; Sherman S. M. Chow, The Chinese University of Hong Kong; Ximeng Liu, Fuzhou University; Jin Dong, Beijing Academy of Blockchain and Edge Computing
Election Eligibility with OpenID: Turning Authentication into Transferable Proof of Eligibility[11]Véronique Cortier, Alexandre Debant, Anselme Goetschmann, and Lucca Hirschi, Université de Lorraine, Inria, CNRS Nancy, France
Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs[12]Sebastian Angel, Eleftherios Ioannidis, and Elizabeth Margolin, University of Pennsylvania; Srinath Setty, Microsoft Research; Jess Woods, University of Pennsylvania
Scalable Zero-knowledge Proofs for Non-linear Functions in Machine Learning[13]Meng Hao, Hanxiao Chen, and Hongwei Li, School of Computer Science and Engineering, University of Electronic Science and Technology of China; Chenkai Weng, Northwestern University; Yuan Zhang and Haomiao Yang, School of Computer Science and Engineering, University of Electronic Science and Technology of China; Tianwei Zhang, Nanyang Technological University
ZKSMT: A VM for Proving SMT Theorems in Zero Knowledge[14]Daniel Luick, John C. Kolesar, and Timos Antonopoulos, Yale University; William R. Harris and James Parker, Galois, Inc.; Ruzica Piskac, Yale University; Eran Tromer, Boston University; Xiao Wang and Ning Luo, Northwestern University
SoK: What don't we know? Understanding Security Vulnerabilities in SNARKs[15]Stefanos Chaliasos, Imperial College London; Jens Ernstberger, Technical University of Munich; David Theodore, Ethereum Foundation; David Wong, zkSecurity; Mohammad Jahanara, Scroll Foundation; Benjamin Livshits, Imperial College London
Multi-Party Computation
Scalable Multi-Party Computation Protocols for Machine Learning in the Honest-Majority Setting[16]Fengrun Liu, University of Science and Technology of China & Shanghai Qi Zhi Institute; Xiang Xie, Shanghai Qi Zhi Institute & PADO Labs; Yu Yu, Shanghai Jiao Tong University & State Key Laboratory of Cryptology
Lightweight Authentication of Web Data via Garble-Then-Prove[17]Xiang Xie, PADO Labs; Kang Yang, State Key Laboratory of Cryptology; Xiao Wang, Northwestern University; Yu Yu, Shanghai Jiao Tong University and Shanghai Qi Zhi Institute
Holding Secrets Accountable: Auditing Privacy-Preserving Machine Learning[18]Hidde Lycklama, ETH Zurich; Alexander Viand, Intel; Nicolas Küchler, ETH Zurich; Christian Knabenhans, EPFL; Anwar Hithnawi, ETH Zurich
Secure Account Recovery for a Privacy-Preserving Web Service[19]Ryan Little, Boston University; Lucy Qin, Georgetown University; Mayank Varia, Boston University
Blockchain
Mempool Privacy via Batched Threshold Encryption: Attacks and Defenses[20]Arka Rai Choudhuri, NTT Research; Sanjam Garg, Julien Piet, and Guru-Vamsi Policharla, University of California, Berkeley
Speculative Denial-of-Service Attacks In Ethereum[21]Aviv Yaish, The Hebrew University; Kaihua Qin and Liyi Zhou, Imperial College London, UC Berkeley RDI; Aviv Zohar, The Hebrew University; Arthur Gervais, University College London, UC Berkeley RDI
GuideEnricher: Protecting the Anonymity of Ethereum Mixing Service Users with Deep Reinforcement Learning[22]Ravindu De Silva, University of California, Santa Barbara; Wenbo Guo, Purdue University; Nicola Ruaro, Ilya Grishchenko, Christopher Kruegel, and Giovanni Vigna, University of California, Santa Barbara
All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts[23]Tianle Sun, Huazhong University of Science and Technology; Ningyu He, Peking University; Jiang Xiao, Huazhong University of Science and Technology; Yinliang Yue, Zhongguancun Laboratory; Xiapu Luo, The Hong Kong Polytechnic University; Haoyu Wang, Huazhong University of Science and Technology
Using My Functions Should Follow My Checks: Understanding and Detecting Insecure OpenZeppelin Code in Smart Contracts[24]Han Liu, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing; Daoyuan Wu, The Hong Kong University of Science and Technology; Yuqiang Sun, Nanyang Technological University; Haijun Wang, Xi'an Jiaotong University; Kaixuan Li, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing; Yang Liu, Nanyang Technological University; Yixiang Chen, East China Normal University, Shanghai Key Laboratory of Trustworthy Computing
zkCross: A Novel Architecture for Cross-Chain Privacy-Preserving Auditing[25]Yihao Guo, Minghui Xu, Xiuzhen Cheng, and Dongxiao Yu, Shandong University; Wangjie Qiu, Beihang University; Gang Qu, University of Maryland; Weibing Wang and Mingming Song, Cloud Inspur Information Technology Co., Ltd.
Pixel+ and Pixel++: Compact and Efficient Forward-Secure Multi-Signatures for PoS Blockchain Consensus[26]Jianghong Wei, State Key Laboratory of Integrated Service Networks (ISN), Xidian University, and State Key Laboratory of Mathematical Engineering and Advanced Computing; Guohua Tian, State Key Laboratory of Integrated Service Networks (ISN), Xidian University; Ding Wang, College of Cyber Science, Nankai University; Fuchun Guo and Willy Susilo, School of Computing and Information Technology, University of Wollongong; Xiaofeng Chen, State Key Laboratory of Integrated Service Networks (ISN), Xidian University
Max Attestation Matters: Making Honest Parties Lose Their Incentives in Ethereum PoS[27]Mingfei Zhang, Shandong University; Rujia Li and Sisi Duan, Tsinghua University
Sprints: Intermittent Blockchain PoW Mining[28]Michael Mirkin, Technion; Lulu Zhou, Yale University; Ittay Eyal, Technion; Fan Zhang, Yale University
: https://www.usenix.org/conference/usenixsecurity24/presentation/fischer
[2]: https://www.usenix.org/conference/usenixsecurity24/presentation/collins
[3]: https://www.usenix.org/conference/usenixsecurity24/presentation/gegenhuber
[4]: https://www.usenix.org/conference/usenixsecurity24/presentation/bhargavan
[5]: https://www.usenix.org/conference/usenixsecurity24/presentation/gajland
[6]: https://www.usenix.org/conference/usenixsecurity24/presentation/yang-yibin
[7]: https://www.usenix.org/conference/usenixsecurity24/presentation/xin
[8]: https://www.usenix.org/conference/usenixsecurity24/presentation/wen
[9]: https://www.usenix.org/conference/usenixsecurity24/presentation/bailey
[10]: https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-zongyang
[11]: https://www.usenix.org/conference/usenixsecurity24/presentation/cortier
[12]: https://www.usenix.org/conference/usenixsecurity24/presentation/angel
[13]: https://www.usenix.org/conference/usenixsecurity24/presentation/hao-meng-scalable
[14]: https://www.usenix.org/conference/usenixsecurity24/presentation/luick
[15]: https://www.usenix.org/conference/usenixsecurity24/presentation/chaliasos
[16]: https://www.usenix.org/conference/usenixsecurity24/presentation/liu-fengrun
[17]: https://www.usenix.org/conference/usenixsecurity24/presentation/xie-xiang
[18]: https://www.usenix.org/conference/usenixsecurity24/presentation/lycklama
[19]: https://www.usenix.org/conference/usenixsecurity24/presentation/little
[20]: https://www.usenix.org/conference/usenixsecurity24/presentation/choudhuri
[21]: https://www.usenix.org/conference/usenixsecurity24/presentation/yaish
[22]: https://www.usenix.org/conference/usenixsecurity24/presentation/de-silva
[23]: https://www.usenix.org/conference/usenixsecurity24/presentation/sun-tianle
[24]: https://www.usenix.org/conference/usenixsecurity24/presentation/liu-han
[25]: https://www.usenix.org/conference/usenixsecurity24/presentation/guo-yihao
[26]: https://www.usenix.org/conference/usenixsecurity24/presentation/wei-jianghong
[27]: https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-mingfei
[28]: https://www.usenix.org/conference/usenixsecurity24/presentation/mirkin
【免责声明】市场有风险,投资需谨慎。本文不构成投资建议,用户应考虑本文中的任何意见、观点或结论是否符合其特定状况。据此投资,责任自负。
