CCS

Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by ...

This work presents a hashing-based algorithm for Private Set Intersection (PSI) in the honest-but-curious setting. The protocol is generic, modular and provides both asymptotic and concrete efficiency improvements over existing PSI protocols. If each ...

Several important lines of research have been geared toward the ability to search on encrypted data. Techniques such as Symmetric Searchable Encryption (SSE), Private Information Retrieval (PIR), Oblivious RAM (ORAM) and more have been introduced to ...

We present a new 4-move special honest-verifier zero-knowledge proof of knowledge system for proving that a vector of Pedersen commitments opens to a so-called "one-hot'' vector (i.e., to a vector from the standard orthonormal basis) from Zpn. The need ...

Zero-knowledge proofs are an essential building block in many privacy-preserving systems. However, implementing these proofs is tedious and error-prone. In this paper, we present zksk, a well-documented Python library for defining and computing sigma ...

In this paper, we describe Mobile CoWPI, a deployable, end-to-end secure mobile group messaging application with proofs of security. Mobile CoWPI allows dynamic groups of users to participate in, join, and leave private, authenticated conversations ...

IMSI catchers threaten the privacy of mobile phone users by identifying and tracking them. Commercial IMSI catcher products exploit vulnerabilities in cellular network security standards to lure nearby mobile devices. Commercial IMSI catcher's technical ...

Certificate Transparency (CT) is a recent initiative to log all publicly available certificates, thereby adding an extra layer of accountability and auditability to certificate authorities. Unbeknownst to most users and website administrators, CT logs ...

Due to its hereditary nature, genomic data is not only linked to its owner but to that of close relatives as well. As a result, its sensitivity does not really degrade over time; in fact, the relevance of a genomic sequence is likely to be longer than ...

Recent spectacular advances in genome sequencing coupled with greatly reduced storage and computation costs, make genomic testing increasingly accessible to individuals. Today one can easily get his/her DNA digitized by a sequencing lab and store the ...

Widespread deployment of Intelligent Infrastructure and the Internet of Things creates vast troves of passively-generated data. These data enable new ubiquitous computing applications---such as location-based services---while posing new privacy threats. ...

To avoid identity theft or impersonation in biometric authentication schemes, fingerprint data is typically stored locally, e.g., in a trusted hardware module, in a single device that is used for user enrollment and authentication. Local storage, ...

Traditionally, the payment required for parking in regulated areas has been made through parking meters. In the last years, several applications which allow to perform these payments using a mobile device have appeared.

In this paper we propose a ...

Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications ...

Sandboxing is a way to deliberately restrict applications accessing resources that they do not need to function properly. Sandboxing is intended to limit the effect of potential exploits and to mitigate overreach to personal data. Since June 1, 2012, ...

With the increased proliferation of social media in the modern age, education on the potential dangers facing consumers in social media has not kept commensurate pace. Conventional education methods and standards have not proved to be effective in ...

While the effectiveness of nudges in influencing user behavior has been documented within the literature, most prior work in the privacy field has focused on 'one-size-fits-all' interventions. Recent behavioral research has identified the potential of ...

Machine Learning as a Service (MLaaS) is a growing paradigm in the Machine Learning (ML) landscape. More and more ML models are being uploaded to the cloud and made accessible from all over the world. Creating good ML models, however, can be expensive ...

As a decentralized cryptocurrency, Bitcoin has been in market for around a decade. Bitcoin transactions are thought to be pseudo-anonymous, however, there were many attempts to deanonymize these transactions making use of public data. Escrow services ...