default search action
29th CCS 2022: Los Angeles, CA, USA
- Heng Yin, Angelos Stavrou, Cas Cremers, Elaine Shi:
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022. ACM 2022, ISBN 978-1-4503-9450-5
Keynote Talks
- Srinivas Devadas, Simon Langowski, Nikola Samardzic, Sacha Servan-Schreiber, Daniel Sánchez:
Designing Hardware for Cryptography and Cryptography for Hardware. 1-4 - Michelle L. Mazurek:
We Are the Experts, and We Are the Problem: The Security Advice Fiasco. 7 - Patrick Drew McDaniel:
Sustainability is a Security Problem. 9-10
Full Papers
- Calvin Abou Haidar, Benoît Libert, Alain Passelègue:
Updatable Public Key Encryption from DCR: Efficient Constructions With Stronger Security. 11-22 - Shubham Agarwal:
Helping or Hindering?: How Browser Extensions Undermine Security. 23-37 - Shweta Agrawal, Elena Kirshanova, Damien Stehlé, Anshu Yadav:
Practical, Round-Optimal Lattice-Based Blind Signatures. 39-53 - Mingrui Ai, Kaiping Xue, Bo Luo, Lutong Chen, Nenghai Yu, Qibin Sun, Feng Wu:
Blacktooth: Breaking through the Defense of Bluetooth in Silence. 55-68 - Joël Alwen, Dominik Hartmann, Eike Kiltz, Marta Mularczyk:
Server-Aided Continuous Group Key Agreement. 69-82 - Basavesh Ammanaghatta Shivakumar, Gilles Barthe, Benjamin Grégoire, Vincent Laporte, Swarn Priya:
Enforcing Fine-grained Constant-time Policies. 83-96 - Yawning Angel, Benjamin Dowling, Andreas Hülsing, Peter Schwabe, Florian Weber:
Post Quantum Noise. 97-109 - Diego F. Aranha, Chuanwei Lin, Claudio Orlandi, Mark Simkin:
Laconic Private Set-Intersection From Pairings. 111-124 - Gilad Asharov, Koki Hamada, Dai Ikarashi, Ryo Kikuchi, Ariel Nof, Benny Pinkas, Katsumi Takahashi, Junichi Tomida:
Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters. 125-138 - Tomer Ashur, Mohammad Mahzoun, Dilara Toprakhisar:
Chaghri - A FHE-friendly Block Cipher. 139-150 - Nuttapong Attrapadung, Hiraku Morita, Kazuma Ohara, Jacob C. N. Schuldt, Tadanori Teruya, Kazunari Tozawa:
Secure Parallel Computation on Privately Partitioned Data and Applications. 151-164 - Lukas Aumayr, Kasra Abbaszadeh, Matteo Maffei:
Thora: Atomic and Privacy-Preserving Multi-Channel Updates. 165-178 - Lukas Aumayr, Sri Aravinda Krishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez, Matteo Maffei:
Sleepy Channels: Bi-directional Payment Channels without Watchtowers. 179-192 - Renas Bacho, Julian Loss:
On the Adaptive Security of the Threshold BLS Signature Scheme. 193-207 - Saikrishna Badrinarayanan, Sourav Das, Gayathri Garimella, Srinivasan Raghuraman, Peter Rindal:
Secret-Shared Joins with Multiplicity from Aggregation Trees. 209-222 - Youngjin Bae, Jung Hee Cheon, Wonhee Cho, Jaehyung Kim, Taekyung Kim:
META-BTS: Bootstrapping Precision Beyond the Limit. 223-234 - Leemon Baird, Pratyay Mukherjee, Rohit Sinha:
i-TiRE: Incremental Timed-Release Encryption or How to use Timed-Release Encryption on Blockchains? 235-248 - Teodora Baluta, Shiqi Shen, S. Hitarth, Shruti Tople, Prateek Saxena:
Membership Inference Attacks and Generalization: A Causal Perspective. 249-262 - Gilles Barthe, Ugo Dal Lago, Giulio Malavolta, Itsaka Rakotonirina:
Tidy: Symbolic Verification of Timed Cryptographic Protocols. 263-276 - Anomadarshi Barua, Yonatan Gizachew Achamyeleh, Mohammad Abdullah Al Faruque:
A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music. 277-291 - Carsten Baum, Robin Jadoul, Emmanuela Orsini, Peter Scholl, Nigel P. Smart:
Feta: Efficient Threshold Designated-Verifier Zero-Knowledge Proofs. 293-306 - James Bell, Adrià Gascón, Badih Ghazi, Ravi Kumar, Pasin Manurangsi, Mariana Raykova, Phillipp Schoppmann:
Distributed, Private, Sparse Histograms in the Two-Server Model. 307-321 - Fabrice Benhamouda, Shai Halevi, Hugo Krawczyk, Alex Miao, Tal Rabin:
Threshold Cryptography as a Service (in the Multiserver and YOSO Models). 323-336 - Alex Berke, Dan Calacci:
Privacy Limitations of Interest-based Advertising on The Web: A Post-mortem Empirical Analysis of Google's FLoC. 337-349 - Lukas Bernhard, Tobias Scharnowski, Moritz Schloegel, Tim Blazytko, Thorsten Holz:
JIT-Picking: Differential Fuzzing of JavaScript Engines. 351-364 - Karthikeyan Bhargavan, Vincent Cheval, Christopher A. Wood:
A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client Hello. 365-379 - Roderick Bloem, Barbara Gigerl, Marc Gourjon, Vedad Hadzic, Stefan Mangard, Robert Primas:
Power Contracts: Provably Complete Power Leakage Models for Processors. 381-395 - Mikael Bougon, Hervé Chabanne, Véronique Cortier, Alexandre Debant, Emmanuelle Dottax, Jannik Dreier, Pierrick Gaudry, Mathieu Turuani:
Themis: An On-Site Voting System with Systematic Cast-as-intended Verification and Partial Accountability. 397-410 - Lara Bruseghini, Daniel Huigens, Kenneth G. Paterson:
Victory by KO: Attacking OpenPGP Using Key Overwriting. 411-423 - Duc Bui, Brian Tang, Kang G. Shin:
Do Opt-Outs Really Opt Me Out? 425-439 - Chengjun Cai, Yichen Zang, Cong Wang, Xiaohua Jia, Qian Wang:
Vizard: A Metadata-hiding Data Analytic System with End-to-End Policy Controls. 441-454 - Matteo Campanelli, Dario Fiore, Semin Han, Jihye Kim, Dimitris Kolonelos, Hyunok Oh:
Succinct Zero-Knowledge Batch Proofs for Set Accumulators. 455-469 - Sílvia Casacuberta, Michael Shoemate, Salil P. Vadhan, Connor Wagaman:
Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It. 471-484 - Libo Chen, Quanpu Cai, Zhenbang Ma, Yanhao Wang, Hong Hu, Minghang Shen, Yue Liu, Shanqing Guo, Haixin Duan, Kaida Jiang, Zhi Xue:
SFuzz: Slice-based Fuzzing for Real-Time Operating Systems. 485-498 - Min Chen, Zhikun Zhang, Tianhao Wang, Michael Backes, Mathias Humbert, Yang Zhang:
Graph Unlearning. 499-513 - Zitai Chen, Sam L. Thomas, Flavio D. Garcia:
MetaEmu: An Architecture Agnostic Rehosting Framework for Automotive Firmware. 515-529 - Wutichai Chongchitmate, Yuval Ishai, Steve Lu, Rafail Ostrovsky:
PSI from Ring-OLE. 531-545 - Yaakov Cohen, Kevin Sam Tharayil, Arie Haenel, Daniel Genkin, Angelos D. Keromytis, Yossi Oren, Yuval Yarom:
HammerScope: Observing DRAM Power Consumption Using Rowhammer. 547-561 - Kelong Cong, Debajyoti Das, Jeongeun Park, Hilder V. L. Pereira:
SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering. 563-577 - Tianshuo Cong, Xinlei He, Yang Zhang:
SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders. 579-593 - Sandro Coretti, Aggelos Kiayias, Cristopher Moore, Alexander Russell:
The Generals' Scuttlebutt: Byzantine-Resilient Gossip Protocols. 595-608 - Geoffroy Couteau, Dahmun Goudarzi, Michael Klooß, Michael Reichle:
Sharp: Short Relaxed Range Proofs. 609-622 - Ana-Maria Cretu, Florimond Houssiau, Antoine Cully, Yves-Alexandre de Montjoye:
QuerySnout: Automating the Discovery of Attribute Inference Attacks against Query-Based Systems. 623-637 - Siwei Cui, Gang Zhao, Yifei Gao, Tien Tavu, Jeff Huang:
VRust: Automated Vulnerability Detection for Solana Smart Contracts. 639-652 - Anders P. K. Dalskov, Daniel Escudero, Ariel Nof:
Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority. 653-666 - Dipanjan Das, Priyanka Bose, Nicola Ruaro, Christopher Kruegel, Giovanni Vigna:
Understanding Security Issues in the NFT Ecosystem. 667-681 - Bernardo David, Bernardo Magri, Christian Matt, Jesper Buus Nielsen, Daniel Tschudi:
GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy. 683-696 - Alex Davidson, Peter Snyder, E. B. Quirk, Joseph Genereux, Benjamin Livshits, Hamed Haddadi:
STAR: Secret Sharing for Private Threshold Aggregation Reporting. 697-710 - Alvise de Faveri Tron, Stefano Longari, Michele Carminati, Mario Polino, Stefano Zanero:
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks. 711-723 - Paola de Perthuis, David Pointcheval:
Two-Client Inner-Product Functional Encryption with an Application to Money-Laundering Detection. 725-737 - Gelei Deng, Guowen Xu, Yuan Zhou, Tianwei Zhang, Yang Liu:
On the (In)Security of Secure ROS2. 739-753 - Jiangyi Deng, Yanjiao Chen, Wenyuan Xu:
FenceSitter: Black-box, Content-Agnostic, and Synchronization-Free Enrollment-Phase Attacks on Speaker Recognition Systems. 755-767 - Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, Fengwei Zhang:
StrongBox: A GPU TEE on Arm Endpoints. 769-783 - Zizhuang Deng, Kai Chen, Guozhu Meng, Xiaodong Zhang, Ke Xu, Yao Cheng:
Understanding Real-world Threats to Deep Learning Models in Android Apps. 785-799 - Karel Dhondt, Victor Le Pochat, Alexios Voulimeneas, Wouter Joosen, Stijn Volckaert:
A Run a Day Won't Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks. 801-814 - Siemen Dhooghe, Aein Rezaei Shahmirzadi, Amir Moradi:
Second-Order Low-Randomness d + 1 Hardware Sharing of the AES. 815-828 - Samuel Dittmer, Yuval Ishai, Steve Lu, Rafail Ostrovsky:
Improving Line-Point Zero Knowledge: Two Multiplications for the Price of One. 829-841 - Christoph Dobraunig, Daniel Kales, Christian Rechberger, Markus Schofnegger, Greg Zaverucha:
Shorter Signatures Based on Tailor-Made Minimalist Symmetric-Key Crypto. 843-857 - Christoph Dobraunig, Bart Mennink, Robert Primas:
Leakage and Tamper Resilient Permutation-Based Cryptography. 859-873 - Priyanka Dodia, Mashael AlSabah, Omar Alrawi, Tao Wang:
Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection. 875-889 - Shaoyong Du, Xin Liu, Guoqing Lai, Xiangyang Luo:
Watch Out for Race Condition Attacks When Using Android External Storage. 891-904 - Rui Duan, Zhe Qu, Shangqing Zhao, Leah Ding, Yao Liu, Zhuo Lu:
Perception-Aware Attack: Creating Adversarial Music via Reverse-Engineering Human Perception. 905-919 - Yue Duan, Xin Zhao, Yu Pan, Shucheng Li, Minghao Li, Fengyuan Xu, Mu Zhang:
Towards Automated Safety Vetting of Smart Contracts in Decentralized Applications. 921-935 - Zeinab El-Rewini, Zhuo Zhang, Yousra Aafer:
Poirot: Probabilistically Recommending Protections for the Android Framework. 937-950 - Daniel Escudero, Vipul Goyal, Antigoni Polychroniadou, Yifan Song:
TurboPack: Honest Majority MPC with Constant Online Communication. 951-964 - Xaver Fabian, Marco Guarnieri, Marco Patrignani:
Automatic Detection of Speculative Execution Combinations. 965-978 - Michael Fahr, Hunter Kippen, Andrew Kwong, Thinh Dang, Jacob Lichtinger, Dana Dachman-Soled, Daniel Genkin, Alexander Nelson, Ray A. Perlner, Arkady Yerukhimovich, Daniel Apon:
When Frodo Flips: End-to-End Key Recovery on FrodoKEM via Rowhammer. 979-993 - Xiaoyu Fan, Kun Chen, Guosai Wang, Mingchun Zhuang, Yi Li, Wei Xu:
NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms. 995-1008 - Juanru Fang, Wei Dong, Ke Yi:
Shifted Inverse: A General Mechanism for Monotonic Functions under User Differential Privacy. 1009-1022 - Jakob Feldtkeller, Jan Richter-Brockmann, Pascal Sasdrich, Tim Güneysu:
CINI MINIS: Domain Isolation for Fault and Combined Security. 1023-1036 - Mia Filic, Kenneth G. Paterson, Anupama Unnikrishnan, Fernando Virdia:
Adversarial Correctness and Privacy for Probabilistic Data Structures. 1037-1050 - Andrea Fioraldi, Dominik Christian Maier, Dongjia Zhang, Davide Balzarotti:
LibAFL: A Framework to Build Modular and Reusable Fuzzers. 1051-1065 - Dario Fiore, Ida Tucker:
Efficient Zero-Knowledge Proofs on Signed Data with Applications to Verifiable Computation on Data Streams. 1067-1080 - Matthias Fitzi, Xuechao Wang, Sreeram Kannan, Aggelos Kiayias, Nikos Leonardos, Pramod Viswanath, Gerui Wang:
Minotaur: Multi-Resource Blockchain Consensus. 1095-1108 - Nils Fleischhacker, Mark Simkin, Zhenfei Zhang:
Squirrel: Efficient Synchronized Multi-Signatures from Lattices. 1109-1123 - Daniel Franzen, Saskia Nuñez von Voigt, Peter Sörries, Florian Tschorsch, Claudia Müller-Birn:
Am I Private and If So, how Many?: Communicating Privacy Guarantees of Differential Privacy with Risk Communication Formats. 1125-1139 - Kelsey R. Fulton, Daniel Votipka, Desiree Abrokwa, Michelle L. Mazurek, Michael Hicks, James Parker:
Understanding the How and the Why: Exploring Secure Development Practices through a Course Competition. 1141-1155 - Yuyou Gan, Yuhao Mao, Xuhong Zhang, Shouling Ji, Yuwen Pu, Meng Han, Jianwei Yin, Ting Wang:
"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution. 1157-1171 - Chaya Ganesh, Bhavana Kanukurthi, Girisha Shankar:
Secure Auctions in the Presence of Rational Adversaries. 1173-1186 - Yingzi Gao, Yuan Lu, Zhenliang Lu, Qiang Tang, Jing Xu, Zhenfeng Zhang:
Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency. 1187-1201 - Sanjam Garg, Abhishek Jain, Zhengzhong Jin, Yinuo Zhang:
Succinct Zero Knowledge for Floating Point Computations. 1203-1216 - Peter Gazi, Ling Ren, Alexander Russell:
Practical Settlement Bounds for Proof-of-Work Blockchains. 1217-1230 - Xinyang Ge, Hsuan-Chi Kuo, Weidong Cui:
Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud. 1231-1242 - Seyedhamed Ghavamnia, Tapti Palit, Michalis Polychronakis:
C2C: Fine-grained Configuration-driven System Call Filtering. 1243-1257 - Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri Aravinda Krishnan Thyagarajan:
Foundations of Coin Mixing Services. 1259-1273 - Vasudev Gohil, Hao Guo, Satwik Patnaik, Jeyavijayan Rajendran:
ATTRITION: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning. 1275-1289 - Gibran Gómez, Pedro Moreno-Sanchez, Juan Caballero:
Watch Your Back: Identifying Cybercrime Financial Relationships in Bitcoin through Back-and-Forth Exploration. 1291-1305 - Floris Gorter, Koen Koning, Herbert Bos, Cristiano Giuffrida:
DangZero: Efficient Use-After-Free Detection via Direct Page Table Access. 1307-1322 - Lorenzo Grassi, Dmitry Khovratovich, Reinhard Lüftenegger, Christian Rechberger, Markus Schofnegger, Roman Walch:
Reinforced Concrete: A Fast Hash Function for Verifiable Computation. 1323-1335 - Tim Güneysu, Philip W. Hodges, Georg Land, Mike Ounsworth, Douglas Stebila, Greg Zaverucha:
Proof-of-Possession for KEM Certificates using Verifiable Generation. 1337-1351 - Hanqing Guo, Yuanda Wang, Nikolay Ivanov, Li Xiao, Qiben Yan:
SPECPATCH: Human-In-The-Loop Adversarial Audio Spectrogram Patch Attack on Speech Recognition. 1353-1366 - Zayd Hammoudeh, Daniel Lowd:
Identifying a Training-Set Attack's Target Using Renormalized Influence Estimation. 1367-1381 - Xiao Han, Junjie Xiong, Wenbo Shen, Zhuo Lu, Yao Liu:
Location Heartbleeding: The Rise of Wi-Fi Spoofing Attack Via Geolocation API. 1383-1397 - Keitaro Hashimoto, Shuichi Katsumata, Thomas Prest:
How to Hide MetaData in MLS-Like Secure Group Messaging: Simple, Modular, and Post-Quantum. 1399-1412 - Tomas Hlavacek, Philipp Jeitner, Donika Mirdita, Haya Schulmann, Michael Waidner:
Behind the Scenes of RPKI. 1413-1426 - Hai Huang, Zhikun Zhang, Yun Shen, Michael Backes, Qi Li, Yang Zhang:
On the Privacy Risks of Cell-Based NAS Architectures. 1427-1441 - Nicolas Huber, Ralf Küsters, Toomas Krips, Julian Liedtke, Johannes Müller, Daniel Rausch, Pascal Reisert, Andreas Vogt:
Kryvos: Publicly Tally-Hiding Verifiable E-Voting. 1443-1457 - Thomas Humphries, Rasoul Akhavan Mahdavi, Shannon Veitch, Florian Kerschbaum:
Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics. 1459-1472 - Jaewon Hur, Suhwan Song, Sunwoo Kim, Byoungyoung Lee:
SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities. 1473-1487 - Ahmad Ibrahim, Hamed Nemati, Till Schlüter, Nils Ole Tippenhauer, Christian Rossow:
Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels. 1489-1503 - Jacob Imola, Takao Murakami, Kamalika Chaudhuri:
Differentially Private Triangle and 4-Cycle Counting in the Shuffle Model. 1505-1519 - Akira Ito, Rei Ueno, Naofumi Homma:
On the Success Rate of Side-Channel Attacks on Masked Implementations: Information-Theoretical Bounds and Their Practical Usage. 1521-1535 - Arthur Selle Jacobs, Roman Beltiukov, Walter Willinger, Ronaldo A. Ferreira, Arpit Gupta, Lisandro Z. Granville:
AI/ML for Network Security: The Emperor has no Clothes. 1537-1551 - Louis Jannett, Vladislav Mladenov, Christian Mainka, Jörg Schwenk:
DISTINCT: Identity Theft using In-Browser Communications in Dual-Window Single Sign-On. 1553-1567 - Bargav Jayaraman, David Evans:
Are Attribute Inference Attacks Just Imputation? 1569-1582 - Ke Jiang, Yuyan Bao, Shuai Wang, Zhibo Liu, Tianwei Zhang:
Cache Refinement Type for Side-Channel Detection of Cryptographic Software. 1583-1597 - Zhiyuan Jiang, Shuitao Gan, Adrian Herrera, Flavio Toffalini, Lucio Romerio, Chaojing Tang, Manuel Egele, Chao Zhang, Mathias Payer:
Evocatio: Conjuring Bug Capabilities from a Single PoC. 1599-1613 - Xin Jin, Sunil Manandhar, Kaushal Kafle, Zhiqiang Lin, Adwait Nadkarni:
Understanding IoT Security from a Market-Scale Perspective. 1615-1629 - Xin Jin, Kexin Pei, Jun Yeon Won, Zhiqiang Lin:
SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings. 1631-1645 - Ze Jin, Luyi Xing, Yiwei Fang, Yan Jia, Bin Yuan, Qixu Liu:
P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies. 1647-1661 - Nikola Jovanovic, Marc Fischer, Samuel Steffen, Martin T. Vechev:
Private and Reliable Neural Network Inference. 1663-1677 - Changhun Jung, Sian Kim, Rhongho Jang, David Mohaisen, DaeHun Nyang:
A Scalable and Dynamic ACL System for In-Network Defense. 1679-1693 - Wooseok Kang, Byoungho Son, Kihong Heo:
TRACER: Signature-based Static Analysis for Detecting Recurring Vulnerabilities. 1695-1708