Schedule

October 21

Applied Cryptography (Paterson)

Andreas Pfefferle
[2] Inference Attacks on Property-Preserving Encrypted Databases

Konstantinos Andrikopoulos
[3] Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

Alina Tyukhova
[4] Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution

October 28

System Security (Capkun)

Dino Bollinger
[11] RIDL: Rogue In-Flight Data Load

Dylan Wolff
[13]  PAC it up: Towards Pointer Integrity using ARM Pointer Authentication

November 4

Applied Cryptography (Paterson)

Tiago Kieleger
[5] Dragonblood: A Security Analysis of WPA3's SAE Handshake

Selma Steinhoff
[6] CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers

November 11

System Security (Capkun)

Sarah Kamp
[15]  Fidelius: Protecting User Secrets from Compromised Browsers

Fabio Streun
[16] Clickjacking: Attacks and Defenses

Sheila Zingg
[17] Tap ’n Ghost: A Compilation of Novel AttackTechniques against Smartphone Touchscreens

November 18

Applied Cryptography (Paterson)

Robertas Maleckas
[7] A Systematic Analysis of the Juniper Dual EC Incident

Aurelia Autem
[8] Mobile Private Contact Discovery at Scale

Elisa Guerrant
[10] Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage.

November 25

System Security (Capkun)

Filip Meier
[18] Security of GPS/INS based On-road Location Tracking Systems

Sven Gnap
[19] Hiding in Plain Signal: Physical Signal Overshadowing Attack on LTE

December 2

Network Security (Perrig)

Roland Meier
[21] On the Feasibility of Rerouting-Based DDoS Defenses

Simon Erni
[23] Privacy-Preserving Dynamic Learning of Tor Network Traffic

December 9

Network Security (Perrig)

Tarek Jost
[24] The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR

Florian Moser
[25] Bamboozling Certificate Authorities with BGP

Christian Knabenhans
[22] Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate

December 16

Network Security (Perrig)

Cyrill Krähenbühl
[26] Rethinking Access Control and Authentication for the Home Internet of Things (IoT)

Livio Sgier
[28] Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path