Applied Cryptography and Network Security
18th International Conference, ACNS 2020, Rome, Italy, October 19-22, 2020, Proceedings, Part II
Published on 28. August 2020
XIX, 478 pages
978-3-030-57878-7 (ISBN)
Description
This two-volume set of LNCS 12146 and 12147 constitutes the refereed proceedings of the 18th International Conference on Applied Cryptography and Network Security, ACNS 2020, held in Rome, Italy, in October 2020.The conference was held virtually due to the COVID-19 pandemic.
The 46 revised full papers presented were carefully reviewed and selected from 214 submissions. The papers were organized in topical sections named: cryptographic protocols cryptographic primitives, attacks on cryptographic primitives, encryption and signature, blockchain and cryptocurrency, secure multi-party computation, post-quantum cryptography.
More details
Series
Edition
1st ed. 2020
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XIX, 478 p. 360 illus., 53 illus. in color.
File size
17,27 MB
ISBN-13
978-3-030-57878-7 (9783030578787)
DOI
10.1007/978-3-030-57878-7
Schweitzer Classification
Other editions
Additional editions
Mauro Conti | Jianying Zhou | Emiliano Casalicchio
Applied Cryptography and Network Security
18th International Conference, ACNS 2020, Rome, Italy, October 19-22, 2020, Proceedings, Part II
Book
08/2020
Springer
€96.29
Shipment within 7-9 days
Content
- Intro
- Preface
- Organization
- Contents - Part II
- Contents - Part I
- Authentication and Biometrics
- A Breach into the Authentication with Built-in Camera (ABC) Protocol
- 1 Introduction
- 2 Related Work
- 3 Method
- 3.1 ABC Protocol
- 3.2 ABC Protocol Defense Systems
- 3.3 Proposed Attack Scheme
- 4 Experiments
- 4.1 Data Set
- 4.2 Evaluation Details
- 4.3 Results Using Five Images for PRNU Estimation
- 4.4 Results Using One Image for PRNU Estimation
- 5 Discussion
- 5.1 Data Set
- 5.2 Model
- 5.3 Results
- 6 Conclusion
- References
- A Practical System for Privacy-Preserving Video Surveillance
- 1 Introduction
- 2 Related Work
- 2.1 Face Recognition
- 2.2 Privacy-Preserving Video Surveillance
- 3 Tools
- 3.1 OpenFace
- 3.2 Homomorphic Encryption
- 4 Problem Definition and Threat Model
- 5 System Description
- 5.1 Offline Phase
- 5.2 Similarity Score Computation
- 5.3 Similarity Score Obfuscation
- 5.4 Matching
- 6 Security
- 7 Performance Comparison
- 8 Implementation Details
- 9 Experimental Results
- 10 Conclusions
- References
- Biometric-Authenticated Searchable Encryption
- 1 Introduction
- 2 Preliminaries and Building Blocks
- 2.1 Cryptographic Building Blocks
- 2.2 Biometric Sampling and Liveness Assumption
- 3 Biometric-Authenticated Keyword Search: Syntax and Definitions
- 3.1 Syntax of BAKS
- 3.2 Security Definitions
- 4 Construction
- 4.1 Efficiency Analysis and Improvements
- 4.2 Extensions with Multiple Keywords
- 4.3 Biometric Update
- 5 Security Analysis
- 6 Conclusion
- References
- BioLocker: A Practical Biometric Authentication Mechanism Based on 3D Fingervein
- 1 Introduction
- 2 Infrastructure Specification
- 3 Protocols
- 3.1 Access Control Protocols
- 3.2 Enrollment Protocol
- 4 Biometric Algorithms
- 5 Security Analysis
- 6 Implementation Results
- 7 Conclusion
- References
- Privacy and Anonymity
- Accelerating Forward and Backward Private Searchable Encryption Using Trusted Execution
- 1 Introduction
- 2 Related Work
- 3 Background
- 3.1 Intel SGX
- 3.2 Dynamic Searchable Symmetric Encryption
- 4 Our Proposed Schemes
- 4.1 System Overview
- 4.2 Assumptions and Threat Models
- 4.3 Design Intuition
- 4.4 SGX-SE1 Construction
- 4.5 SGX-SE2 Construction
- 4.6 Security Analysis
- 5 Implementation and Evaluation
- 5.1 Performance Evaluation on the Synthesis Dataset
- 5.2 Performance Evaluation on the Enron Dataset
- 6 Conclusion
- References
- Cluster-Based Anonymization of Knowledge Graphs
- 1 Introduction
- 2 Anonymizing Knowledge Graphs
- 2.1 Adversary Background Knowledge
- 2.2 Anonymity of Knowledge Graphs
- 3 Information Loss Metrics
- 3.1 Attribute and Degree Information Loss
- 3.2 The Attribute Truthfulness Information Loss
- 4 Cluster-Based Knowledge Graph Anonymization
- 4.1 Users' Points Generation
- 4.2 Clusters Generation
- 4.3 Knowledge Graph Generalization
- 5 Experiments
- 5.1 Data Sets
- 5.2 Evaluating Users' Points
- 5.3 Tuning CKGA
- 5.4 Evaluating the Truthfulness of Anonymized KGs
- 5.5 Comparative Analysis
- 6 Conclusion
- References
- Same Point Composable and Nonmalleable Obfuscated Point Functions
- 1 Introduction
- 1.1 Our Contribution
- 2 Preliminaries
- 3 A Composable Nonmalleable Point Function
- 4 Nonmalleable Digital Lockers
- 4.1 Detecting Tampering over key
- References
- A Concise Bounded Anonymous Broadcast Yielding Combinatorial Trace-and-Revoke Schemes
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Techniques
- 2 Preliminaries
- 2.1 Trace and Revoke Systems
- 2.2 Anonymous Broadcast Encryption
- 2.3 Lattice and k-LWE Problem
- 2.4 Projective Sampling
- 3 Anonymous Broadcast Encryption for Bounded Universe
- 4 Trace and Revoke System from AnoBEB and Robust IPP Codes
- 4.1 Robust IPP Codes
- 4.2 Construction of a TR Scheme
- 5 Discussion and Conclusion
- References
- Secure Communication
- Multi-Device for Signal
- 1 Introduction
- 1.1 Context
- 1.2 Existing Solutions
- 1.3 The Signal Protocol
- 1.4 Our Contributions
- 1.5 PFS, Revocation and Out-of-Order Messages
- 2 Ratcheted Dynamic Multicast (RDM)
- 2.1 RDM Security Model
- 2.2 RDM Construction
- 3 Multi-Device Signal
- 3.1 Security Model
- 4 Related Work
- 5 Conclusion
- References
- On the Cryptographic Deniability of the Signal Protocol
- 1 Introduction
- 1.1 The Case of Signal
- 1.2 Our Contribution
- 1.3 Related Work
- 2 Preliminaries
- 3 Implicitly Authenticated Key Exchange
- 4 Deniable Key Exchange
- 5 Deniable Sessions
- 6 Negative Examples
- 6.1 When MQV Is Provably Non-deniable
- 6.2 Does the Random Oracle Help?
- 7 A Characterization for Non-deniability
- 7.1 Bad Sampler
- 7.2 Equivalence Between Bad Sampling and Incrimination
- 8 Deniability Proof
- 8.1 The Case of MQV
- 8.2 The Case of HMQV and 3DH
- 9 3DH vs Signal
- 10 On the Need to Extract the Long-Term Private Keys
- References
- Security Analysis
- Powerless Security
- 1 Introduction
- 2 Related Work
- 3 Architecture
- 3.1 Roles, Passwords and Keys
- 3.2 NMK Key Management
- 3.3 MAC Frames
- 3.4 MAC Layer Encryption
- 3.5 PHY Level Encryption
- 4 Attacker Model
- 5 Attacks
- 5.1 Attack 1: Breaking UKE (Pairing Button)
- 5.2 Attack 2: Offline Dictionary Attack on NPW/NMK
- 5.3 Attack 3: DAK Derived from MAC Address
- 6 Evaluation
- 6.1 Attack 1 (UKE)
- 6.2 Attack 2 (NPW)
- 6.3 Attack 3 (DAK)
- 7 Countermeasures
- 7.1 Attack 1 (UKE)
- 7.2 Attack 2 (NPW)
- 7.3 Attack 3 (DAK)
- 8 Additional Findings
- 8.1 Firmware Modification
- 8.2 NMK Change via CSRF
- 9 Future Work
- 10 Conclusion
- References
- Watching the Weak Link into Your Home: An Inspection and Monitoring Toolkit for TR-069 *6pt
- 1 Introduction
- 2 Preliminaries
- 2.1 TR-069 Goals
- 2.2 TR-069 Protocol
- 3 TR-069 Inspection
- 3.1 Man-In-The-Middle Attacks
- 3.2 Client Reconfiguration
- 3.3 Emulated Clients
- 3.4 Comparison of Inspection Methods
- 4 TR-069 Honeyclient
- 4.1 Analysis of Open-Source TR-069 Servers
- 5 TR-069 Infrastructure Monitoring
- 5.1 Distributed Monitoring System
- 5.2 Real-World Measurement Study
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- The Naked Sun: Malicious Cooperation Between Benign-Looking Processes
- 1 Introduction
- 2 Behavioral Ransomware Detection
- 3 Evading Behavioral Detectors
- 3.1 Process Splitting
- 3.2 Functional Splitting
- 3.3 Mimicry
- 4 Features Discussion
- 4.1 Write Entropy
- 4.2 File Overwrite
- 4.3 Read/Write/Open/Create/Close Operations
- 4.4 File Similarity
- 5 Implementation: The Cerberus Prototype
- 6 Evaluation
- 6.1 Dataset and Experimental Setup
- 6.2 Trace-Based Evaluation
- 6.3 Cerberus Evaluation
- 6.4 Evaluation Against Malwarebytes Anti-ransomware
- 7 Countermeasures
- 8 Related Work
- 9 Conclusions
- References
- Intrusion Detection
- Quality Evaluation of Cyber Threat Intelligence Feeds
- 1 Introduction
- 2 Related Work
- 3 Quality Criteria for Threat Intelligence
- 4 Datasets
- 4.1 Anonymization
- 5 Quality Evaluation of Feeds
- 5.1 Timeliness
- 5.2 Sensitivity
- 5.3 Originality
- 5.4 Impact
- 6 Discussion
- 6.1 Adoption of Intelligence Feeds
- 6.2 Do We Have Enough Coverage?
- 7 Conclusions
- References
- Game Theory-Based Approach for Defense Against APTs
- 1 Introduction
- 2 Preliminaries
- 2.1 Opinion Dynamics
- 2.2 Game Theory: Related Work
- 3 The Game: Attack and Defense Models
- 3.1 The Board: Proposed Network Architecture
- 3.2 Rules and Scoring System
- 3.3 Attacker Model: Succession of APT Stages
- 3.4 Defender Model: Detection and Response
- 4 Experimental Simulations and Discussions
- 5 Conclusions
- A Instantiation of , and Values
- B Example of Game Instance with Defender Victory
- C Correctness Proof of TI&TO
- References
- Software and System Security
- MemShield: GPU-Assisted Software Memory Encryption
- 1 Introduction
- 2 Related Works
- 3 Design Overview
- 3.1 Design Limitations
- 4 Implementation Details
- 4.1 Memory Area Registration
- 4.2 Page Fault Handling
- 4.3 Sliding Window Management
- 4.4 GPU Encryption
- 4.5 Prototype Limitations
- 5 Security Analysis
- 6 Performance Evaluation
- 7 Conclusions
- References
- Super Root: A New Stealthy Rooting Technique on ARM Devices
- 1 Introduction
- 2 Background
- 3 Traditional Root Attack
- 3.1 Procedure of Traditional Root
- 3.2 Root Detection Methods
- 4 Super Root Attack
- 4.1 Super Root Prerequisites
- 4.2 Super Root Steps
- 4.3 Advantages of Super Root Attack
- 5 Super Root Attack Examples
- 5.1 VMI-Based Binder Transaction Attack
- 5.2 VMI-Based Keylogger Attack
- 6 Implementation
- 6.1 VMI-Based Binder Transaction Attack
- 6.2 VMI-Based Keylogger Attack
- 7 Evaluation
- 7.1 Micro-evaluation
- 7.2 Macro-evaluation
- 7.3 Target Devices
- 7.4 Root Detection
- 7.5 Countermeasures of Super Root Attack
- 8 Related Work
- 8.1 Traditional Root and Root Detection
- 8.2 Hypervisor-Based Rootkits
- 9 Conclusion
- References
- Towards Automated Augmentation and Instrumentation of Legacy Cryptographic Executables
- 1 Introduction
- 2 Related Work
- 3 Overview of the ALICE Framework
- 4 Design Details of ALICE
- 4.1 Identifying Cryptographic Primitives (Hash Functions)
- 4.2 Scoping Changes
- 4.3 Augmenting and Rewriting Changes
- 5 Experimental Evaluation
- 5.1 Experimental Setup
- 5.2 Evaluation Results: Cryptographic Libraries
- 5.3 Evaluation Results: Real-World Binaries
- 6 Limitations and Future Work
- 7 Conclusion
- References
- Web Security
- When TLS Meets Proxy on Mobile
- 1 Introduction
- 2 Background
- 2.1 TLS Interception
- 2.2 HTTP Tunneling
- 3 Scopes and Methodologies
- 3.1 Selection of Proxy-Based Mobile Browsers
- 3.2 Test Environment
- 3.3 Identification and Classification of Proxy
- 3.4 Security Evaluations
- 4 Findings
- 4.1 Commercial CA Certificate Issuance Policy
- 4.2 Maintaining Strength of Certificate Parameters
- 4.3 Mirroring TLS Version and Strength of Cipher Suites
- 4.4 Validation of Proxy Certificates
- 4.5 Avoiding Weak Cipher Suites
- 4.6 Validation of Server's Certificate Chain
- 4.7 Avoiding Weak TLS Versions
- 5 Discussions
- 5.1 Browsers with No/Broken TLS
- 5.2 Leniency in Certificate Validation
- 5.3 Weak Cipher Suites, TLS Versions and RSA Parameters
- 5.4 Asymmetry of TI Browsers
- 5.5 Limitations
- 6 Related Work
- 7 Conclusion
- References
- Human Factors in Homograph Attack Recognition
- 1 Introduction
- 2 Related Work
- 2.1 Disabling the Automatic IDN Conversion
- 2.2 Detecting Homographs
- 2.3 Brand Familiarity and Security Backgrounds in Computer Security
- 3 Procedure
- 3.1 Demographics
- 3.2 Brand Familiarity
- 3.3 Security Backgrounds
- 3.4 Homograph Recognition
- 4 Methodology
- 4.1 Domain Grouping
- 4.2 Lucky Answers and Neutral Answers
- 4.3 Model
- 4.4 Consistency of Integration and Separation Plans
- 5 Experiment
- 5.1 Participant Population
- 5.2 Cronbach's Alpha () Measurement
- 5.3 Result for Group 1
- 5.4 Result for Group 2
- 5.5 Result for Group 3
- 6 Discussion
- 6.1 Before and After Homograph Explanation/Education
- 6.2 Future Work and Challenges
- 7 Conclusions
- A Appendix: Security Behavior
- B Appendix: Security Knowledge
- C Appendix: Security Self-Confidence
- D Appendix: Ability of Homograph Recognition
- E Appendix: Homograph Explanation
- References
- Publicly Evaluatable Perceptual Hashing
- 1 Introduction
- 1.1 Background and Motivation
- 1.2 Our Contribution
- 2 Technical Preliminaries
- 2.1 Public Key Encryption
- 2.2 Fully Homomorphic Encryption
- 2.3 Paillier Encryption
- 2.4 Proofs of Knowledge
- 3 Perceptual Hashing
- 3.1 Private-Key Perceptual Hash Definition
- 3.2 Public-Key Perceptual Hash Definition
- 3.3 The Construction of Public-Key PHash from Private-Key Phash
- 4 An Efficient Construction
- 4.1 Outline of the Algorithm
- 4.2 Evaluation on an Encrypted Key
- 5 Implementation and Analysis
- 5.1 Parameter Settings
- 5.2 Optimizations
- 5.3 Analysis and Benchmarks
- 6 Remarks
- 7 Conclusions
- References
- TrollThrottle-Raising the Cost of Astroturfing
- 1 Introduction
- 2 TrollThrottle
- 3 Protocol Definition
- 4 Practical Implementation
- 5 Evaluation
- 6 Limitations
- 7 Related Work
- 8 Conclusion
- References
- Author Index
