Computer Security - ESORICS 2020

The two volume set, LNCS 12308 + 12309, constitutes the proceedings of the 25th European Symposium on Research in Computer Security, ESORICS 2020, which was held in September 2020. The conference was planned to take place in Guildford, UK. Due to the COVID-19 pandemic, the conference changed to an online format.

The total of 72 full papers included in these proceedings was carefully reviewed and selected from 366 submissions. The papers were organized in topical sections named: database and Web security; system security; network security; software security; machine learning security; privacy; formal modelling; applied cryptography; analyzing attacks; post-quantum cryptogrphy; security analysis; and blockchain.

Inhalt

Formal Modelling.- Automatic generation of source lemmas in Tamarin: towards automatic proofs of security protocols.- When is a test not a proof.- Hardware Fingerprinting for the ARINC 429 Avionic Bus.- Applied Cryptography.- Semantic Definition of Anonymity in Identity-Based Encryption and Its Relation to Indistinguishability-based Definition.- SHECS-PIR: Somewhat Homomorphic Encryption-based Compact and Scalable Private Information Retrieval.- Puncturable Encryption: A Generic Construction from Delegatable Fully Key-Homomorphic Encryption.- Analyzing Attacks.- Linear Attack on Round-Reduced DES Using Deep Learning.- Detection by Attack: Detecting Adversarial Samples by Undercover Attack.- Big Enough to Care Not Enough to Scare! Crawling to Attack Recommender Systems.- Active Re-identification Attacks on Periodically Released Dynamic Social Graphs.- System Security.- Fooling primality tests on smartcards.- An Optimizing Protocol Transformation for Constructor Finite Variant Theories in Maude-NPA.- On the Privacy Risks of Compromised Trigger-Action Platforms.- Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces.- Post-Quantum Cryptography.- Towards Post-Quantum Security for Cyber-Physical Systems: Integrating PQC into Industrial M2M Communication.- CSH: A Post-quantum Secret Handshake Scheme from Coding Theory.- A Verifiable and Practical Lattice-Based Decryption Mix Net with External Auditing.- A Lattice-Based Key-Insulated and Privacy-Preserving Signature Scheme with Publicly Derived Public Key.- Post-Quantum Adaptor Signatures and Payment Channel Networks.- Security Analysis.- Linear-Complexity Private Function Evaluation is Practical.- Certifying Decision Trees Against Evasion Attacks by Program Analysis.- They Might NOT Be Giants: Crafting Black-Box Adversarial Examples Using Particle Swarm Optimization.- Understanding Object Detection Through An Adversarial Lens.- Applied Cryptography.- Signatures with Tight Multi-User Security from Search Assumptions.- Biased RSA private keys: Origin attribution of GCD-factorable keys.- MAC-in-the-Box: Verifying a Minimalistic Hardware Design for MAC Computation.- Evaluating the e ectiveness of heuristic worst-case noise analysis in FHE.- Blockchain.- How to Model the Bribery Attack: A Practical Quanti cation Method in Blockchain.- Updatable Blockchains.- PrivacyGuard: Enforcing Private Data Usage Control with Blockchain and Off-chain Contract Execution.- Applied Cryptography.- Identity-Based Authenticated Encryption with Identity Confidentiality.- Securing DNSSEC Keys via Threshold ECDSA From Generic MPC.- On Private Information Retrieval Supporting Range Queries.- Blockchain.- 2-hop Blockchain: Combining Proof-of-Work and Proof-of-Stake Securely.- Generic Superlight Client for Permissionless Blockchains.- LNBot: A Covert Hybrid Botnet on Bitcoin Lightning Network for Fun and Profit.