Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- posterNovember 2023
Poster: Query-efficient Black-box Attack for Image Forgery Localization via Reinforcement Learning
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3552–3554https://doi.org/10.1145/3576915.3624390Recently, deep learning has been widely used in forensics tools to detect and localize forgery images. However, its susceptibility to adversarial attacks highlights the need for the exploration of anti-forensics research. To achieve this, we introduce an ...
- posterNovember 2023
Poster: Efficient AES-GCM Decryption Under Homomorphic Encryption
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3567–3569https://doi.org/10.1145/3576915.3624377Computation delegation to untrusted third-party while maintaining data confidentiality is possible with homomorphic encryption (HE). However, in many cases, the data was encrypted using another cryptographic scheme such as AES-GCM. Hybrid encryption (...
- research-articleNovember 2023
Amplification by Shuffling without Shuffling
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2292–2305https://doi.org/10.1145/3576915.3623215Motivated by recent developments in the shuffle model of differential privacy, we propose a new approximate shuffling functionality called Alternating Shuffle, and provide a protocol implementing alternating shuffling in a single-server threat model ...
- research-articleNovember 2023
Enhancing OSS Patch Backporting with Semantics
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2366–2380https://doi.org/10.1145/3576915.3623188Keeping open-source software (OSS) up to date is one potential solution to prevent known vulnerabilities. However, it requires frequent and costly testing and may introduce compatibility issues. Consequently, developers often choose to backport security ...
- research-articleNovember 2023
Simplifying Mixed Boolean-Arithmetic Obfuscation by Program Synthesis and Term Rewriting
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2351–2365https://doi.org/10.1145/3576915.3623186Mixed Boolean Arithmetic (MBA) obfuscation transforms a program expression into an equivalent but complex expression that is hard to understand. MBA obfuscation has been popular to protect programs from reverse engineering thanks to its simplicity and ...
-
- research-articleNovember 2023
Concurrent Security of Anonymous Credentials Light, Revisited
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 45–59https://doi.org/10.1145/3576915.3623184We revisit the concurrent security guarantees of the well-known Anonymous Credentials Light (ACL) scheme (Baldimtsi and Lysyanskaya, CCS'13). This scheme was originally proven secure when executed sequentially, and its concurrent security was left as an ...
- research-articleNovember 2023
Batchman and Robin: Batched and Non-batched Branching for Interactive ZK
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1452–1466https://doi.org/10.1145/3576915.3623169Vector Oblivious Linear Evaluation (VOLE) supports fast and scalable interactive Zero-Knowledge (ZK) proofs. Despite recent improvements to VOLE-based ZK, compiling proof statements to a control-flow oblivious form (e.g., a circuit) continues to lead to ...
- research-articleNovember 2023
PyRTFuzz: Detecting Bugs in Python Runtimes via Two-Level Collaborative Fuzzing
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1645–1659https://doi.org/10.1145/3576915.3623166Given the widespread use of Python and its sustaining impact, the security and reliability of the Python runtime system is highly and broadly critical. Yet with real-world bugs in Python runtimes being continuously and increasingly reported, technique/...
- research-articleNovember 2023
Blink: Link Local Differential Privacy in Graph Neural Networks via Bayesian Estimation
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2651–2664https://doi.org/10.1145/3576915.3623165Graph neural networks (GNNs) have gained an increasing amount of popularity due to their superior capability in learning node embeddings for various graph inference tasks, but training them can raise privacy concerns. To address this, we propose using ...
- research-articleNovember 2023
Linear Communication in Malicious Majority MPC
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2173–2187https://doi.org/10.1145/3576915.3623162The SPDZ multiparty computation protocol \citeC:DPSZ12 allows n parties to securely compute arithmetic circuits over a finite field, while tolerating up to n-1 active corruptions. A line of work building upon SPDZ has made considerable improvement to the ...
- research-articleNovember 2023
Concurrent Composition for Interactive Differential Privacy with Adaptive Privacy-Loss Parameters
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1949–1963https://doi.org/10.1145/3576915.3623128In this paper, we study the concurrent composition of interactive mechanisms with adaptively chosen privacy-loss parameters. In this setting, the adversary can interleave queries to existing interactive mechanisms, as well as create new ones. We prove ...
- research-articleNovember 2023
Protecting Intellectual Property of Large Language Model-Based Code Generation APIs via Watermarks
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2336–2350https://doi.org/10.1145/3576915.3623120The rise of large language model-based code generation (LLCG) has enabled various commercial services and APIs. Training LLCG models is often expensive and time-consuming, and the training data are often large-scale and even inaccessible to the public. ...
- research-articleNovember 2023
Ramen: Souper Fast Three-Party Computation for RAM Programs
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 3284–3297https://doi.org/10.1145/3576915.3623115Secure RAM computation allows a number of parties to evaluate a function represented as a random-access machine (RAM) program in a way that reveals nothing about the private inputs of the parties except from what is already revealed by the function ...
- research-articleNovember 2023
Detecting Violations of Differential Privacy for Quantum Algorithms
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2277–2291https://doi.org/10.1145/3576915.3623108Quantum algorithms for solving a wide range of practical problems have been proposed in the last ten years, such as data search and analysis, product recommendation, and credit scoring. The concern about privacy and other ethical issues in quantum ...
- research-articleNovember 2023
Adaptively Secure (Aggregatable) PVSS and Application to Distributed Randomness Beacons
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1791–1804https://doi.org/10.1145/3576915.3623106Publicly Verifiable Secret Sharing (PVSS) is a fundamental primitive that allows to share a secret S among n parties via a publicly verifiable transcript T. Existing (efficient) PVSS are only proven secure against static adversaries who must choose who ...
- research-articleNovember 2023
Verifiable Learning for Robust Tree Ensembles
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1850–1864https://doi.org/10.1145/3576915.3623100Verifying the robustness of machine learning models against evasion attacks at test time is an important research problem. Unfortunately, prior work established that this problem is NP-hard for decision tree ensembles, hence bound to be intractable for ...
- research-articleNovember 2023
Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2695–2709https://doi.org/10.1145/3576915.3623098The complex optimizations supported by modern compilers allow for compiler provenance recovery at many levels. For instance, it is possible to identify the compiler family and optimization level used when building a binary, as well as the individual ...
- research-articleNovember 2023
Recursion over Public-Coin Interactive Proof Systems; Faster Hash Verification
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1422–1436https://doi.org/10.1145/3576915.3623078SNARK is a well-known family of cryptographic tools that is increasingly used in the field of computation integrity at scale. In this area, multiple works have introduced SNARK-friendly cryptographic primitives: hashing, but also encryption and signature ...
- research-articleNovember 2023
Towards Generic MPC Compilers via Variable Instruction Set Architectures (VISAs)
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2516–2530https://doi.org/10.1145/3576915.3616664In MPC, we usually represent programs as circuits. This is a poor fit for programs that use complex control flow, as it is costly to compile control flow to circuits. This motivated prior work to emulate CPUs inside MPC. Emulated CPUs can run complex ...
- research-articleNovember 2023
Formalizing, Verifying and Applying ISA Security Guarantees as Universal Contracts
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2083–2097https://doi.org/10.1145/3576915.3616602Progress has recently been made on specifying instruction set architectures (ISAs) in executable formalisms rather than through prose. However, to date, those formal specifications are limited to the functional aspects of the ISA and do not cover its ...