Lecture Notes in Computer Science 12308

Founding Editors

Gerhard GoosKarlsruhe Institute of Technology, Karlsruhe, Germany

Juris HartmanisCornell University, Ithaca, NY, USA

Editorial Board Members

Elisa BertinoPurdue University, West Lafayette, IN, USA

Wen GaoPeking University, Beijing, China

Bernhard SteffenTU Dortmund University, Dortmund, Germany

Gerhard WoegingerRWTH Aachen, Aachen, Germany

Moti YungColumbia University, New York, NY, USA

More information about this series at http://www.springer.com/series/7410

Liqun Chen • Ninghui Li •

Kaitai Liang • Steve Schneider (Eds.)

Computer Security –

ESORICS 202025th European Symposiumon Research in Computer Security, ESORICS 2020Guildford, UK, September 14–18, 2020Proceedings, Part I

123

EditorsLiqun ChenUniversity of SurreyGuildford, UK

Ninghui LiPurdue UniversityWest Lafayette, IN, USA

Kaitai LiangDelft University of TechnologyDelft, The Netherlands

Steve SchneiderUniversity of SurreyGuildford, UK

ISSN 0302-9743 ISSN 1611-3349 (electronic)Lecture Notes in Computer ScienceISBN 978-3-030-58950-9 ISBN 978-3-030-58951-6 (eBook)https://doi.org/10.1007/978-3-030-58951-6

LNCS Sublibrary: SL4 – Security and Cryptology

© Springer Nature Switzerland AG 2020This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of thematerial is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,broadcasting, reproduction on microfilms or in any other physical way, and transmission or informationstorage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology nowknown or hereafter developed.The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoes not imply, even in the absence of a specific statement, that such names are exempt from the relevantprotective laws and regulations and therefore free for general use.The publisher, the authors and the editors are safe to assume that the advice and information in this book arebelieved to be true and accurate at the date of publication. Neither the publisher nor the authors or the editorsgive a warranty, expressed or implied, with respect to the material contained herein or for any errors oromissions that may have been made. The publisher remains neutral with regard to jurisdictional claims inpublished maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Switzerland AGThe registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Preface

The two volume set, LNCS 12308 and 12309, contain the papers that were selected forpresentation and publication at the 25th European Symposium on Research in Com-puter Security (ESORICS 2020) which was held together with affiliated workshopsduring the week September 14–18, 2020. Due to the global COVID-19 pandemic, theconference and workshops ran virtually, hosted by the University of Surrey, UK. Theaim of ESORICS is to further research in computer security and privacy by establishinga European forum, bringing together researchers in these areas by promoting theexchange of ideas with system developers and by encouraging links with researchers inrelated fields.

In response to the call for papers, 366 papers were submitted to the conference.These papers were evaluated on the basis of their significance, novelty, and technicalquality. Except for a very small number of papers, each paper was carefully evaluatedby three to five referees and then discussed among the Program Committee. The paperswere reviewed in a single-blind manner. Finally, 72 papers were selected for presen-tation at the conference, yielding an acceptance rate of 19.7%. We were also delightedto welcome invited talks from Aggelos Kiayias, Vadim Lyubashevsky, and RebeccaWright.

Following the reviews two papers were selected for Best Paper Awards and theyshare the 1,000 EUR prize generously provided by Springer: “Pine: Enablingprivacy-preserving deep packet inspection on TLS with rule-hiding and fast connectionestablishment” by Jianting Ning, Xinyi Huang, Geong Sen Poh, Shengmin Xu, JasonLoh, Jian Weng, and Robert H. Deng; and “Automatic generation of source lemmas inTamarin: towards automatic proofs of security protocols” by Véronique Cortier,Stéphanie Delaune, and Jannik Dreier.

The Program Committee consisted of 127 members across 25 countries. There weresubmissions from a total of 1,201 authors across 42 countries, with 24 countriesrepresented among the accepted papers.

ESORICS 2020 would not have been possible without the contributions of the manyvolunteers who freely gave their time and expertise. We would like to thank themembers of the Program Committee and the external reviewers for their substantialwork in evaluating the papers. We would also like to thank the organization/departmentchair, Helen Treharne, the workshop chair, Mark Manulis, and all of the workshopco-chairs, the poster chair, Ioana Boureanu, and the ESORICS Steering Committee. Weare also grateful to Huawei and IBM Research – Haifa, Israel for their sponsorship thatenabled us to support this online event. Finally, we would like to express our thanks tothe authors who submitted papers to ESORICS 2020. They, more than anyone else, arewhat made this conference possible.

We hope that you will find the proceedings stimulating and a source of inspirationfor future research.

September 2020 Liqun ChenNinghui Li

Kaitai LiangSteve Schneider

vi Preface

Organization

General Chair

Steve Schneider University of Surrey, UK

Program Chairs

Liqun Chen University of Surrey, UKNinghui Li Purdue University, USA

Steering Committee

Sokratis Katsikas (Chair)Michael BackesJoachim BiskupFrederic CuppensSabrina De Capitani di VimercatiDieter GollmannMirek KutylowskiJavier LopezJean-Jacques QuisquaterPeter Y. A. RyanPierangela SamaratiEinar SnekkenesMichael Waidner

Program Committee

Yousra Aafer University of Waterloo, CanadaMitsuaki Akiyama NTT, JapanCristina Alcaraz UMA, SpainFrederik Armknecht Universität Mannheim, GermanyVijay Atluri Rutgers University, USAErman Ayday Bilkent University, TurkeyAntonio Bianchi Purdue University, USAMarina Blanton University at Buffalo, USACarlo Blundo Università degli Studi di Salerno, ItalyAlvaro Cardenas The University of Texas at Dallas, USABerkay Celik Purdue University, USAAldar C-F. Chan BIS Innovation Hub Centre, Hong Kong, ChinaSze Yiu Chau Purdue University, USA

Rongmao Chen National University of Defense Technology, ChinaYu Chen Shandong University, ChinaSherman S. M. Chow The Chinese University of Hong Kong, Hong Kong,

ChinaMauro Conti University of Padua, ItalyFrédéric Cuppens Polytechnique Montreal, CanadaNora Cuppens-Boulahia Polytechnique Montréal, CanadaMarc Dacier Qatar Computing Research Institute (QCRI), QatarSabrina De Capitani di

VimercatiUniversità degli Studi di Milano, Italy

Hervé Debar Télécom SudParis, FranceStéphanie Delaune University of Rennes, CNRS, IRISA, FranceRoberto Di Pietro Hamad Bin Khalifa University, QatarTassos Dimitriou Kuwait University, KuwaitJosep Domingo-Ferrer Universitat Rovira i Virgili, SpainChangyu Dong Newcastle University, UKWenliang Du Syracuse University, ItalyHaixin Duan Tsinghua University, ChinaFrançois Dupressoir University of Bristol, UKKassem Fawaz University of Wisconsin-Madison, USAJose-Luis Ferrer-Gomila University of the Balearic Islands, SpainSara Foresti DI, Università degli Studi di Milano, ItalyDavid Galindo University of Birmingham, UKDebin Gao Singapore Management University, SingaporeJoaquin Garcia-Alfaro Télécom SudParis, FranceThanassis Giannetsos Technical University of Denmark, DenmarkDieter Gollmann Hamburg University of Technology, GermanyStefanos Gritzalis University of the Aegean, GreeceGuofei Gu Texas A&M University, USAZhongshu Gu IBM Research, USAJinguang Han Queen’s University Belfast, UKFeng Hao University of Warwick, UKJuan Hernández-Serrano Universitat Politècnica de Catalunya, SpainXinyi Huang Fujian Normal University, ChinaSyed Hussain Purdue University, USAShouling Ji Zhejiang University, ChinaGhassan Karame NEC Laboratories Europe, GermanySokratis Katsikas Norwegian University of Science and Technology,

NorwayStefan Katzenbeisser TU Darmstadt, GermanyRyan Ko The University of Queensland, AustraliaSteve Kremer Inria, FranceMarina Krotofil FireEye, USAYonghwi Kwon University of Virginia, USACostas Lambrinoudakis University of Piraeus, GreeceKyu Hyung Lee University of Georgia, USA

viii Organization

Shujun Li University of Kent, UKYingjiu Li Singapore Management University, SingaporeKaitai Liang Delft University of Technology, The NetherlandsHoon Wei Lim Trustwave, SingaporeJoseph Liu Monash University, AustraliaRongxing Lu University of New Brunswick, CanadaXiapu Luo The Hong Kong Polytechnic University, Hong Kong,

ChinaShiqing Ma Rutgers University, USALeandros Maglaras De Montfort University, UKMark Manulis University of Surrey, UKKonstantinos

MarkantonakisRoyal Holloway, University of London, UK

Fabio Martinelli IIT-CNR, ItalyIvan Martinovic University of Oxford, UKSjouke Mauw University of Luxembourg, LuxembourgCatherine Meadows NRL, USAWeizhi Meng Technical University of Denmark, DenmarkChris Mitchell Royal Holloway, University of London, UKTatsuya Mori Waseda University, JapanHaralambos Mouratidis University of Brighton, UKDavid Naccache Ecole normale supérieur, FranceSiaw-Lynn Ng Royal Holloway, University of London, UKJianting Ning Singapore Management University, SingaporeSatoshi Obana Hosei University, JapanMartín Ochoa Universidad del Rosario, ColombiaRolf Oppliger eSECURITY Technologies, SwitzerlandManos Panousis University of Greenwich, UKOlivier Pereira UCLouvain, BelgiumGünther Pernul Universität Regensburg, GermanyJoachim Posegga University of Passau, GermanyIndrajit Ray Colorado State University, USAKui Ren Zhejiang University, ChinaGiovanni Russello The University of Auckland, New ZealandMark Ryan University of Birmingham, UKReihaneh Safavi-Naini University of Calgary, CanadaBrendan Saltaformaggio Georgia Institute of Technology, USAPierangela Samarati Università degli Studi di Milano, ItalyDamien Sauveron XLIM, UMR University of Limoges, CNRS 7252,

FranceEinar Snekkenes Norwegian University of Science and Technology,

NorwayYixin Sun University of Virginia, USAWilly Susilo University of Wollongong, Australia

Organization ix

Pawel Szalachowski SUTD, SingaporeQiang Tang Luxembourg Institute of Science and Technology,

LuxembourgQiang Tang New Jersey Institute of Technology, USAJuan Tapiador Universidad Carlos III de Madrid, SpainDave Jing Tian Purdue University, USANils Ole Tippenhauer CISPA, GermanyHelen Treharne University of Surrey, UKAggeliki Tsohou Ionian University, GreeceLuca Viganò King’s College London, UKMichael Waidner Fraunhofer, GermanyCong Wang City University of Hong Kong, Hong Kong, ChinaLingyu Wang Concordia University, CanadaWeihang Wang SUNY University at Buffalo, USAEdgar Weippl SBA Research, AustriaChristos Xenakis University of Piraeus, GreeceYang Xiang Swinburne University of Technology, AustraliaGuomin Yang University of Wollongong, AustraliaKang Yang State Key Laboratory of Cryptology, ChinaXun Yi RMIT University, AustraliaYu Yu Shanghai Jiao Tong University, ChinaTsz Hon Yuen The University of Hong Kong, Hong Kong, ChinaFengwei Zhang SUSTech, ChinaKehuan Zhang The Chinese University of Hong Kong, Hong Kong,

ChinaYang Zhang CISPA Helmholtz Center for Information Security,

GermanyYuan Zhang Fudan University, ChinaZhenfeng Zhang Chinese Academy of Sciences, ChinaYunlei Zhao Fudan University, ChinaJianying Zhou Singapore University of Technology and Design,

SingaporeSencun Zhu Penn State University, USA

Workshop Chair

Mark Manulis University of Surrey, UK

Poster Chair

Ioana Boureanu University of Surrey, UK

Organization/Department Chair

Helen Treharne University of Surrey, UK

x Organization

Organizing Chair and Publicity Chair

Kaitai Liang Delft University of Technology, The Netherlands

Additional Reviewers

Abbasi, AliAbu-Salma, RubaAhlawat, AmitAhmed, Chuadhry MujeebAhmed, ShimaaAlabdulatif, AbdulatifAlhanahnah, MohannadAliyu, AliyuAlrizah, MshababAnceaume, EmmanuelleAngelogianni, AnnaAnglés-Tafalla, CarlesAparicio Navarro, Francisco JavierArgyriou, AntoniosAsadujjaman, A. S. M.Aschermann, CorneliusAsghar, Muhammad RizwanAvizheh, SepidehBaccarini, AlessandroBacis, EnricoBaek, JoonsangBai, WeihaoBamiloshin, MichaelBarenghi, AlessandroBarrère, MartínBerger, ChristianBhattacherjee, SanjayBlanco-Justicia, AlbertoBlazy, OlivierBolgouras, VaiosBountakas, PanagiotisBrandt, MarkusBursuc, SergiuBöhm, FabianCamacho, PhilippeCardaioli, MatteoCastelblanco, AlejandraCastellanos, John HenryCecconello, Stefano

Chaidos, PyrrosChakra, RanimChandrasekaran, VarunChen, HaixiaChen, LongChen, MinChen, ZhaoChen, ZhigangChengjun LinCiampi, MicheleCicala, FabrizioCostantino, GianpieroCruz, TiagoCui, ShujieDeng, YiDiamantopoulou, VasilikiDietz, MarietheresDivakaran, Dinil MonDong, NaipengDong, ShuaikeDragan, Constantin CatalinDu, MinxinDutta, SabyasachiEichhammer, PhilippEnglbrecht, LudwigEtigowni, SriharshaFarao, AristeidisFaruq, FatmaFdhila, WalidFeng, HanwenFeng, QiFentham, DanielFerreira Torres, ChristofFila, BarbaraFraser, AshleyFu, HaoGaldi, ClementeGangwal, AnkitGao, Wei

Organization xi

Gardham, DanielGarms, LydiaGe, ChunpengGe, HuangyiGeneiatakis, DimitrisGenés-Durán, RafaelGeorgiopoulou, ZafeiroulaGetahun Chekole, EyasuGhosal, AmritaGiamouridis, GeorgeGiorgi, GiacomoGuan, QingxiaoGuo, HuiGuo, KaiwenGuo, YiminGusenbauer, MathiasHaffar, RamiHahn, FlorianHan, YufeiHausmann, ChristianHe, ShuangyuHe, SonglinHe, YingHeftrig, EliasHirschi, LuccaHu, KexinHuang, QiongHurley-Smith, DarrenIadarola, GiacomoJeitner, PhilippJia, DingdingJia, YaoqiJudmayer, AljoshaKalloniatis, ChristosKantzavelou, IoannaKasinathan, PrabhakaranKasra Kermanshahi, ShabnamKasra, ShabnamKelarev, AndreiKhandpur Singh, AshneetKim, JongkilKoay, AbigailKokolakis, SpyrosKosmanos, DimitriosKourai, KenichiKoutroumpouchos, Konstantinos

Koutroumpouchos, NikolaosKoutsos, AdrienKuchta, VeronikaLabani, HasanLai, JianchangLaing, Thalia MayLakshmanan, SudershanLallemand, JosephLan, XiaoLavranou, RenaLee, JehyunLeón, OlgaLi, JieLi, JuanruLi, ShuaigangLi, WenjuanLi, XinyuLi, YannanLi, ZengpengLi, ZhengLi, ZiyiLimniotis, KonstantinosLin, ChaoLin, YanLiu, JiaLiu, JianLiu, WeiranLiu, XiaoningLiu, XueqiaoLiu, ZhenLopez, ChristianLosiouk, EleonoraLu, YuanLuo, JunweiMa, HaoyuMa, HuiMa, Jack P. K.Ma, JinhuaMa, MimiMa, XuechengMai, AlexandraMajumdar, SuryadiptaManjón, Jesús A.Marson, Giorgia AzzurraMartinez, SergioMatousek, Petr

xii Organization

Mercaldo, FrancescoMichailidou, ChristinaMitropoulos, DimitrisMohammadi, FarnazMohammady, MeisamMohammed, AmeerMoreira, JoseMuñoz, Jose L.Mykoniati, MariaNassirzadeh, BehkishNewton, ChristopherNg, Lucien K. L.Ntantogian, ChristoforosÖnen, MelekOnete, CristinaOqaily, AlaaOswald, DavidPapaioannou, ThanosParkinson, SimonPaspatis, IoannisPatsakis, ConstantinosPelosi, GerardoPfeffer, KatharinaPitropakis, NikolaosPoettering, BertramPoh, Geong SenPolato, MirkoPoostindouz, AlirezaPuchta, AlexanderPutz, BenediktPöhls, Henrich C.Qiu, TianRadomirovic, SasaRakotonirina, ItsakaRebollo Monedero, DavidRivera, EstebanRizomiliotis, PanagiotisRomán-García, FernandoSachidananda, VinaySalazar, LuisSalem, AhmedSalman, AmmarSanders, OlivierScarsbrook, JoshuaSchindler, PhilippSchlette, Daniel

Schmidt, CarstenScotti, FabioShahandashti, SiamakShahraki, Ahmad SalehiSharifian, SetarehSharma, VishalSheikhalishahi, MinaShen, SiyuShrishak, KrisSimo, HervaisSiniscalchi, LuisaSlamanig, DanielSmith, ZachSolano, JesúsSong, YongchengSong, ZiruiSoriente, ClaudioSoumelidou, KaterinaSpielvogel, KorbinianStifter, NicholasSun, MenghanSun, YiweiSun, YuanyiTabiban, AzadehTang, DiTang, GuofengTaubmann, BenjaminTengana, LizzyTian, YangguangTrujillo, RolandoTurrin, FedericoVeroni, EleniVielberth, ManfredVollmer, MarcelWang, JiafanWang, QinWang, TianhaoWang, WeiWang, WenhaoWang, YangdeWang, YiWang, YulingWang, ZiyuanWeitkämper, CharlotteWesemeyer, StephanWhitefield, Jorden

Organization xiii

Wiyaja, DimazWong, Donald P. H.Wong, Harry W. H.Wong, Jin-MannWu, ChenWu, GeWu, LeiWuest, KarlXie, GuoyangXinlei, HeXu, FenghaoXu, JiaXu, JiayunXu, KeXu, ShengminXu, YanhongXue, MinhuiYamada, ShotaYang, BohanYang, LinYang, RupengYang, S. J.Yang, WenjieYang, Xu

Yang, XuechaoYang, ZhichaoYevseyeva, IrynaYi, PingYin, LingyuanYing, JasonYu, ZuoxiaYuan, Lun-PinYuan, XingliangZhang, BingshengZhang, FanZhang, KeZhang, MengyuanZhang, YanjunZhang, ZhikunZhang, ZongyangZhao, YongjunZhong, ZhiqiangZhou, YutongZhu, FeiZiaur, RahmanZobernig, LukasZuo, Cong

xiv Organization

Keynotes

Decentralising Informationand Communications Technology:

Paradigm Shift or Cypherpunk Reverie?

Aggelos Kiayias

University of Edinburgh and IOHK, UK

Abstract. In the last decade, decentralisation emerged as a much anticipateddevelopment in the greater space of information and communications technol-ogy. Venerated by some and disparaged by others, blockchain technologybecame a familiar term, springing up in a wide array of expected and some timesunexpected contexts. With the peak of the hype behind us, in this talk I lookback, distilling what have we learned about the science and engineering ofbuilding secure and reliable systems, then I overview the present state of the artand finally I delve into the future, appraising this technology in its potential toimpact the way we design and deploy information and communications tech-nology services.

Lattices and Zero-Knowledge

Vadim Lyubashevsky

IBM Research - Zurich, Switzerland

Abstract. Building cryptography based on the presumed hardness of latticeproblems over polynomial rings is one of the most promising approaches forachieving security against quantum attackers. One of the reasons for the pop-ularity of lattice-based encryption and signatures in the ongoing NIST stan-dardization process is that they are significantly faster than all otherpost-quantum, and even many classical, schemes. This talk will discuss theprogress in constructions of more advanced lattice-based cryptographic primi-tives. In particular, I will describe recent work on zero-knowledge proofs whichleads to the most efficient post-quantum constructions for certain statements.

Accountability in Computing

Rebecca N. Wright

Barnard College, New York, USA

Abstract. Accountability is used often in describing computer-security mech-anisms that complement preventive security, but it lacks a precise, agreed-upondefinition. We argue for the need for accountability in computing in a variety ofsettings, and categorize some of the many ways in which this term is used. Weidentify a temporal spectrum onto which we may place different notions ofaccountability to facilitate their comparison, including prevention, detection,evidence, judgment, and punishment. We formalize our view in a utility-theo-retic way and then use this to reason about accountability in computing systems.We also survey mechanisms providing various senses of accountability as wellas other approaches to reasoning about accountability-related properties.This is joint work with Joan Feigenbaum and Aaron Jaggard.

Contents – Part I

Database and Web Security

Pine: Enabling Privacy-Preserving Deep Packet Inspection on TLSwith Rule-Hiding and Fast Connection Establishment . . . . . . . . . . . . . . . . . 3

Jianting Ning, Xinyi Huang, Geong Sen Poh, Shengmin Xu,Jia-Chng Loh, Jian Weng, and Robert H. Deng

Bulwark: Holistic and Verified Security Monitoring of Web Protocols . . . . . . 23Lorenzo Veronese, Stefano Calzavara, and Luca Compagna

A Practical Model for Collaborative Databases: Securely Mixing,Searching and Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Shweta Agrawal, Rachit Garg, Nishant Kumar, and Manoj Prabhakaran

System Security I

Deduplication-Friendly Watermarking for Multimedia Datain Public Clouds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Weijing You, Bo Chen, Limin Liu, and Jiwu Jing

DANTE: A Framework for Mining and Monitoring Darknet Traffic . . . . . . . 88Dvir Cohen, Yisroel Mirsky, Manuel Kamp, Tobias Martin,Yuval Elovici, Rami Puzis, and Asaf Shabtai

Efficient Quantification of Profile Matching Risk in Social Networks UsingBelief Propagation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Anisa Halimi and Erman Ayday

Network Security I

Anonymity Preserving Byzantine Vector Consensus . . . . . . . . . . . . . . . . . . 133Christian Cachin, Daniel Collins, Tyler Crain, and Vincent Gramoli

CANSentry: Securing CAN-Based Cyber-Physical Systems against Denialand Spoofing Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Abdulmalik Humayed, Fengjun Li, Jingqiang Lin, and Bo Luo

Distributed Detection of APTs: Consensus vs. Clustering . . . . . . . . . . . . . . . 174Juan E. Rubio, Cristina Alcaraz, Ruben Rios, Rodrigo Roman,and Javier Lopez

Designing Reverse Firewalls for the Real World . . . . . . . . . . . . . . . . . . . . . 193Angèle Bossuat, Xavier Bultel, Pierre-Alain Fouque, Cristina Onete,and Thyla van der Merwe

Software Security

Follow the Blue Bird: A Study on Threat Data Published on Twitter . . . . . . . 217Fernando Alves, Ambrose Andongabo, Ilir Gashi, Pedro M. Ferreira,and Alysson Bessani

Dynamic and Secure Memory Transformation in Userspace . . . . . . . . . . . . . 237Robert Lyerly, Xiaoguang Wang, and Binoy Ravindran

Understanding the Security Risks of Docker Hub . . . . . . . . . . . . . . . . . . . . 257Peiyu Liu, Shouling Ji, Lirong Fu, Kangjie Lu, Xuhong Zhang,Wei-Han Lee, Tao Lu, Wenzhi Chen, and Raheem Beyah

DE-auth of the Blue! Transparent De-authentication Using BluetoothLow Energy Beacon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

Mauro Conti, Pier Paolo Tricomi, and Gene Tsudik

Similarity of Binaries Across Optimization Levels and Obfuscation . . . . . . . . 295Jianguo Jiang, Gengwang Li, Min Yu, Gang Li, Chao Liu, Zhiqiang Lv,Bin Lv, and Weiqing Huang

HART: Hardware-Assisted Kernel Module Tracing on Arm . . . . . . . . . . . . . 316Yunlan Du, Zhenyu Ning, Jun Xu, Zhilong Wang, Yueh-Hsun Lin,Fengwei Zhang, Xinyu Xing, and Bing Mao

Zipper Stack: Shadow Stacks Without Shadow . . . . . . . . . . . . . . . . . . . . . . 338Jinfeng Li, Liwei Chen, Qizhen Xu, Linan Tian, Gang Shi, Kai Chen,and Dan Meng

Restructured Cloning Vulnerability Detection Based on Function SemanticReserving and Reiteration Screening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359

Weipeng Jiang, Bin Wu, Xingxin Yu, Rui Xue, and Zhengmin Yu

LegIoT: Ledgered Trust Management Platform for IoT . . . . . . . . . . . . . . . . 377Jens Neureither, Alexandra Dmitrienko, David Koisser,Ferdinand Brasser, and Ahmad-Reza Sadeghi

Machine Learning Security

PrivColl: Practical Privacy-Preserving Collaborative Machine Learning . . . . . 399Yanjun Zhang, Guangdong Bai, Xue Li, Caitlin Curtis, Chen Chen,and Ryan K. L. Ko

xxii Contents – Part I

An Efficient 3-Party Framework for Privacy-Preserving NeuralNetwork Inference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419

Liyan Shen, Xiaojun Chen, Jinqiao Shi, Ye Dong, and Binxing Fang

Deep Learning Side-Channel Analysis on Large-Scale Traces . . . . . . . . . . . . 440Loïc Masure, Nicolas Belleville, Eleonora Cagli,Marie-Angela Cornélie, Damien Couroussé, Cécile Dumas,and Laurent Maingault

Towards Poisoning the Neural Collaborative Filtering-BasedRecommender Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461

Yihe Zhang, Jiadong Lou, Li Chen, Xu Yuan, Jin Li, Tom Johnsten,and Nian-Feng Tzeng

Data Poisoning Attacks Against Federated Learning Systems . . . . . . . . . . . . 480Vale Tolpegin, Stacey Truex, Mehmet Emre Gursoy, and Ling Liu

Interpretable Probabilistic Password Strength Meters via Deep Learning. . . . . 502Dario Pasquini, Giuseppe Ateniese, and Massimo Bernaschi

Polisma - A Framework for Learning Attribute-Based AccessControl Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523

Amani Abu Jabal, Elisa Bertino, Jorge Lobo, Mark Law,Alessandra Russo, Seraphin Calo, and Dinesh Verma

A Framework for Evaluating Client Privacy Leakagesin Federated Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545

Wenqi Wei, Ling Liu, Margaret Loper, Ka-Ho Chow,Mehmet Emre Gursoy, Stacey Truex, and Yanzhao Wu

Network Security II

An Accountable Access Control Scheme for Hierarchical Content in NamedData Networks with Revocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569

Nazatul Haque Sultan, Vijay Varadharajan, Seyit Camtepe,and Surya Nepal

PGC: Decentralized Confidential Payment System with Auditability . . . . . . . 591Yu Chen, Xuecheng Ma, Cong Tang, and Man Ho Au

Secure Cloud Auditing with Efficient Ownership Transfer . . . . . . . . . . . . . . 611Jun Shen, Fuchun Guo, Xiaofeng Chen, and Willy Susilo

Privacy

Encrypt-to-Self: Securely Outsourcing Storage . . . . . . . . . . . . . . . . . . . . . . 635Jeroen Pijnenburg and Bertram Poettering

Contents – Part I xxiii

PGLP: Customizable and Rigorous Location Privacy ThroughPolicy Graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655

Yang Cao, Yonghui Xiao, Shun Takagi, Li Xiong, Masatoshi Yoshikawa,Yilin Shen, Jinfei Liu, Hongxia Jin, and Xiaofeng Xu

Where Are You Bob? Privacy-Preserving Proximity Testingwith a Napping Party. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677

Ivan Oleynikov, Elena Pagnin, and Andrei Sabelfeld

Password and Policy

Distributed PCFG Password Cracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701Radek Hranický, Lukáš Zobal, Ondřej Ryšavý, Dušan Kolář,and Dávid Mikuš

Your PIN Sounds Good! Augmentation of PIN Guessing Strategiesvia Audio Leakage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 720

Matteo Cardaioli, Mauro Conti, Kiran Balagani, and Paolo Gasti

GDPR – Challenges for Reconciling Legal Rules with Technical Reality . . . . 736Mirosław Kutyłowski, Anna Lauks-Dutka, and Moti Yung

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757

xxiv Contents – Part I

Contents – Part II

Formal Modelling

Automatic Generation of Sources Lemmas in TAMARIN: Towards AutomaticProofs of Security Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Véronique Cortier, Stéphanie Delaune, and Jannik Dreier

When Is a Test Not a Proof? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Eleanor McMurtry, Olivier Pereira, and Vanessa Teague

Hardware Fingerprinting for the ARINC 429 Avionic Bus . . . . . . . . . . . . . . 42Nimrod Gilboa-Markevich and Avishai Wool

Applied Cryptography I

Semantic Definition of Anonymity in Identity-Based Encryption and ItsRelation to Indistinguishability-Based Definition . . . . . . . . . . . . . . . . . . . . . 65

Goichiro Hanaoka, Misaki Komatsu, Kazuma Ohara, Yusuke Sakai,and Shota Yamada

SHECS-PIR: Somewhat Homomorphic Encryption-Based Compactand Scalable Private Information Retrieval . . . . . . . . . . . . . . . . . . . . . . . . . 86

Jeongeun Park and Mehdi Tibouchi

Puncturable Encryption: A Generic Construction from Delegatable FullyKey-Homomorphic Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Willy Susilo, Dung Hoang Duong, Huy Quoc Le, and Josef Pieprzyk

Analyzing Attacks

Linear Attack on Round-Reduced DES Using Deep Learning . . . . . . . . . . . . 131Botao Hou, Yongqiang Li, Haoyue Zhao, and Bin Wu

Detection by Attack: Detecting Adversarial Samplesby Undercover Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Qifei Zhou, Rong Zhang, Bo Wu, Weiping Li, and Tong Mo

Big Enough to Care Not Enough to Scare! Crawling to AttackRecommender Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

Fabio Aiolli, Mauro Conti, Stjepan Picek, and Mirko Polato

Active Re-identification Attacks on Periodically Released DynamicSocial Graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Xihui Chen, Ema Këpuska, Sjouke Mauw, and Yunior Ramírez-Cruz

System Security II

Fooling Primality Tests on Smartcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209Vladimir Sedlacek, Jan Jancar, and Petr Svenda

An Optimizing Protocol Transformation for Constructor Finite VariantTheories in Maude-NPA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

Damián Aparicio-Sánchez, Santiago Escobar, Raúl Gutiérrez,and Julia Sapiña

On the Privacy Risks of Compromised Trigger-Action Platforms . . . . . . . . . 251Yu-Hsi Chiang, Hsu-Chun Hsiao, Chia-Mu Yu,and Tiffany Hyun-Jin Kim

Plenty of Phish in the Sea: Analyzing Potential Pre-attack Surfaces . . . . . . . . 272Tobias Urban, Matteo Große-Kampmann, Dennis Tatang,Thorsten Holz, and Norbert Pohlmann

Post-quantum Cryptography

Towards Post-Quantum Security for Cyber-Physical Systems:Integrating PQC into Industrial M2M Communication . . . . . . . . . . . . . . . . . 295

Sebastian Paul and Patrik Scheible

CSH: A Post-quantum Secret Handshake Scheme from Coding Theory . . . . . 317Zhuoran Zhang, Fangguo Zhang, and Haibo Tian

A Verifiable and Practical Lattice-Based Decryption Mix Netwith External Auditing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

Xavier Boyen, Thomas Haines, and Johannes Müller

A Lattice-Based Key-Insulated and Privacy-Preserving SignatureScheme with Publicly Derived Public Key . . . . . . . . . . . . . . . . . . . . . . . . . 357

Wenling Liu, Zhen Liu, Khoa Nguyen, Guomin Yang, and Yu Yu

Post-Quantum Adaptor Signatures and Payment Channel Networks . . . . . . . . 378Muhammed F. Esgin, Oğuzhan Ersoy, and Zekeriya Erkin

Security Analysis

Linear-Complexity Private Function Evaluation is Practical . . . . . . . . . . . . . 401Marco Holz, Ágnes Kiss, Deevashwer Rathee, and Thomas Schneider

xxvi Contents – Part II

Certifying Decision Trees Against Evasion Attacks by Program Analysis . . . . 421Stefano Calzavara, Pietro Ferrara, and Claudio Lucchese

They Might NOT Be Giants Crafting Black-Box Adversarial ExamplesUsing Particle Swarm Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439

Rayan Mosli, Matthew Wright, Bo Yuan, and Yin Pan

Understanding Object Detection Through an Adversarial Lens . . . . . . . . . . . 460Ka-Ho Chow, Ling Liu, Mehmet Emre Gursoy, Stacey Truex,Wenqi Wei, and Yanzhao Wu

Applied Cryptography II

Signatures with Tight Multi-user Security from Search Assumptions . . . . . . . 485Jiaxin Pan and Magnus Ringerud

Biased RSA Private Keys: Origin Attribution of GCD-Factorable Keys . . . . . 505Adam Janovsky, Matus Nemec, Petr Svenda, Peter Sekan,and Vashek Matyas

MAC-in-the-Box: Verifying a Minimalistic Hardware Designfor MAC Computation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525

Robert Küennemann and Hamed Nemati

Evaluating the Effectiveness of Heuristic Worst-Case Noise Analysisin FHE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546

Anamaria Costache, Kim Laine, and Rachel Player

Blockchain I

How to Model the Bribery Attack: A Practical Quantification Methodin Blockchain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569

Hanyi Sun, Na Ruan, and Chunhua Su

Updatable Blockchains. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590Michele Ciampi, Nikos Karayannidis, Aggelos Kiayias,and Dionysis Zindros

PrivacyGuard: Enforcing Private Data Usage Control with Blockchainand Attested Off-Chain Contract Execution . . . . . . . . . . . . . . . . . . . . . . . . 610

Yang Xiao, Ning Zhang, Jin Li, Wenjing Lou, and Y. Thomas Hou

Contents – Part II xxvii

Applied Cryptography III

Identity-Based Authenticated Encryption with Identity Confidentiality . . . . . . 633Yunlei Zhao

Securing DNSSEC Keys via Threshold ECDSA from Generic MPC . . . . . . . 654Anders Dalskov, Claudio Orlandi, Marcel Keller, Kris Shrishak,and Haya Shulman

On Private Information Retrieval Supporting Range Queries . . . . . . . . . . . . . 674Junichiro Hayata, Jacob C. N. Schuldt, Goichiro Hanaoka,and Kanta Matsuura

Blockchain II

2-hop Blockchain: Combining Proof-of-Work and Proof-of-Stake Securely. . . 697Tuyet Duong, Lei Fan, Jonathan Katz, Phuc Thai,and Hong-Sheng Zhou

Generic Superlight Client for Permissionless Blockchains. . . . . . . . . . . . . . . 713Yuan Lu, Qiang Tang, and Guiling Wang

LNBot: A Covert Hybrid Botnet on Bitcoin Lightning Network for Funand Profit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734

Ahmet Kurt, Enes Erdin, Mumin Cebe, Kemal Akkaya,and A. Selcuk Uluagac

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757

xxviii Contents – Part II