糖心TV

Put the latest on top

2026-03-20

• "Improving the Computational Efficiency of Adaptive Audits of IRV Elections" from evote-id 2024
• "Flexible Vote Updating: Lessons Learned from a Lab-Based Study" from FC26 Voting workshop

2026-01-26

• VoiceLive: A Phoneme Localization based Liveness Detection for Voice Authentication on Smartphones" on ACM SIGSAC
• Consultation on e-voting: https://www.gov.uk/government/consultations/make-work-pay-draft-code-of-practice-on-electronic-and-workplace-balloting-for-statutory-union-ballots

2025-10-17

• "Revisiting Silent Coercion" from EVOTEID25
• 鈥淪atIQ: Extensible and Stable Satellite Authentication using Hardware Fingerprinting鈥� from
• ClearMask: Noise-Free and Naturalness-Preserving Protection Against Voice Deepfake Attacks from Aisa CCS'25
• "spKEX: An optimized lattice-based key-exchange" from IACR e-print 2017
• "An Enfficient and Zero-Knowledge Classical Machine Learning Inference Pipeline" from TDSC 2025

2025-09-19

• Two-stage Semi-supervised Speaker Recognition with Gated Label Learning from IJCAI鈥�24
• "Zero-Knowledge Location Privacy via Accurate Floating-Point SNARK" <> published at IEEE S&P 2025
• "Post-Quantum Cryptography for Internet of Things: A Survey on Performance and Optimization"

2025-08-22

• "Blockchain Address Poisoning" from
• "When Audits and Recounts Distract from Election Integrity: The 2020 U.S. Presidential Election in Georgia." <> from evote-ID 2024
• "Sounds Vishy: Automating Vishing Attacks with AI-Powered Systems" from ASIS CCS'25

2025-08-08

• "Analysis of the Telegram Key Exchange" From Eurocrypt '25 <>
• "Voting-Bloc Entropy: A New Metric for DAO Decentralization" from USENIX Security 2025
• 鈥淓veGuard: Defeating Vibration-based Side-Channel Eavesdropping with Audio Adversarial Perturbations鈥� from .
• "SafeSpeech: Robust and Universal Voice Protection Against Malicious Speech Synthesis" from usenix'25

2025-07-11

• "AudioMarkNet: Audio Watermarking for Deepfake Speech Detection from USENIX Security'25

2025-06-27

• 鈥淪calable Self-Tallying e-Voting using Homomorphic Time-Lock Puzzles and zk-SNARKs鈥� from
• Voices to Beats: Enhancing Music Deepfake Detection by Identifying Forgeries in Background from ICASSP'25
• 鈥淗ARMONYCLOAK: Making Music Unlearnable for Generative AI鈥� from .
• "Individual Verifiability and Revoting in the Estonian Internet Voting System", from Voting 22 (FC 22 workshop)

2025-05-30

• PEBASI: A Privacy preserving, Efficient Biometric Authentication Scheme based on Irises鈥� from
• We Leave Deepfake Data Behind in Training Deepfake Detector? from
• Verifiable E-Voting with a Trustless Bulletin Board" from CSF 2025.

2025-05-23

• SPEAKER-INVARIANT TRAINING VIA ADVERSARIAL LEARNING from ICASSP 2018
• "Security Analysis of Master-Password-Protected Password Management Protocols" from IEEE S&P'25
• PITCH: AI-assisted Tagging of Deepfake Audio Calls using Challenge-Response" from ASIACCS 25

2025-02-21

• A Zero-Knowledge PCP Theorem from
• Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device鈥檚 Power LED Captured by Standard Video Cameras from
• "Code voting: when simplicity meets security" from
• Comprehensive Layer-wise Analysis of SSL Models for Audio Deepfake Detection from NAACL Findings 2025

2024-12-13

• CHERI: Hardware-Enabled C/C++ Memory Protection at Scale " from IEEE Security & Privacy, 2024
• "Synthetic ID Card Image Generation for Improving Presentation Attack Detection" from

2024-11-24

• "An overview of decentralized autonomous organizations on the blockchain" from
• "Biometrics-Based Authenticated Key Exchange With Multi-Factor Fuzzy Extractor" from TIFS'24
• "Circumferential Local Ternary Pattern: New and Efficient Feature Descriptors for Anti-Counterfeiting Pattern Identification" from TIFS'22.
• "Belenios: A simple private and verifiable electronic voting system" from Foundations of Security, Protocols, and Equational Reasoning 2019

2024-11-01

• More Simplicity for Trainers, More Opportunity for Attackers: Black-Box Attacks on Speaker Recognition Systems by Inferring Feature Extractor (usenix'24)
  
• ZeroFake: Zero-Shot Detection of Fake Images Generated and Edited by Text-to-Image Generation Models鈥� from ACM Conference on Computer and Communications Security (CCS'24).
• PipeZK: Accelerating Zero-Knowledge Proof with a Pipelined Architecture", 2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA)
  
• DAO voting mechanism resistant to whale and collusion problems" from Frontiers in Blockchain '24
• ElectAnon: A Blockchain-based, Anonymous, Robust and Scalable Ranked-choice Voting Protocol (DLT'23)

2024-10-18

• NeutronNova: Folding everything that reduces to zero-check (ePrint 2024)
• PLUME: An ECDSA Nullifier Scheme for Unique Pseudonymity within Zero Knowledge Proofs (IACR e-Print 2022)
• Why Do Competitive Markets Converge to First-Price Auctions? (ACM WWW 2020)
  

2024-08-22

• A Succinct Range Proof for Polynomial-based Vector Commitment ()
• SOAP: A Social Authentication Protocol ()
• SoK: Attacks on DAOs ()
• Waveform Boundary Detection for Partially Spoofed Audio ()
• DeVoS: Deniable Yet Verifiable Vote Updating ()

2024-08-09

• Non-interactive Zero-Knowledge Arguments for Voting ()
• Analyzing Voting Power in Decentralized Governance: Who controls DAOs? ()
• Securing Liveness Detection for Voice Authentication via Pop Noises ()

2024-06-28

• Dual-decoder-based Robust Audio Watermarking Against Desynchronization and Replay Attacks ()
• Bulletproofs++: Next Generation Confidential Transactions via Reciprocal Set Membership Arguments ()
• Unveiling Vulnerabilities in DAO: A Comprehensive Security Analysis and Protective Framework ()
• Optimal and Near-Optimal Mechanism Design with Interdependent Values ()

2024-06-14

• HyperNova: Recursive arguments for customizable constraint systems ()
• Lossless Data Hiding in NTRU Cryptosystem by Polynomial Encoding and Modulation ()
• No Transaction Fees? No Problem! Achieving Fairness in Transaction Fee Mechanism Design (AAMS'24)
• Investigating Voter Perceptions of Printed Physical Audit Trails for Online Voting ()

2024-05-17

• Nova: Recursive Zero-Knowledge Arguments from Folding Schemes ()
• Insight into voting in DAOs: conceptual analysis and a proposal for evaluation framework ()
• Masked Relation Learning for DeepFake Detection ()
• Transaction Fee Mechanism Design with Active Block Producers ()
• Injection Attacks Against End-to-End Encrypted Applications ()

2024-05-03

• Protostar: Generic Efficient Accumulation/Folding for Special-sound Protocols" ()
• DeAR: A Deep-learning-based Audio Re-recording Resilient Watermarking ()
• Price Manipulability in First-Price Auctions ()
• Faster coercion-resistant e-voting by encrypted sorting ()
• SAVER: SNARK-compatible Verifiable Encryption ()

2024-04-05

• Unlocking the lookup singularity with Lasso ()
• Blockchain Price vs. Quantity Controls ()
• TI2Net: Temporal Identity Inconsistency Network for Deepfake Detection ()
• Thwarting Last-Minute Voter Coercion ()

2024-02-23

• Black-Box Dataset Ownership Verification via Backdoor Watermarking ()
• LegoSNARK: Modular Design and Composition of Succinct Zero-Knowledge Proofs ()
• Scan, Shuffle, Rescan: Two-Prover Election Audits With Untrusted Scanners ()
• Sphinx-in-the-Head: Group Signatures from Symmetric Primitives ()
• One-shot signatures and applications to hybrid quantum/classical authentication (Presentation slides by MD)

2024-01-26

• Domain Generalization via Aggregation and Separation for Audio Deepfake Detection" ()
• Evaluating the Security Posture of Real-World FIDO2 Deployments ()
• Demystifying DeFi MEV Activities in Flashbots Bundle ()
• Sigma Protocols from Verifiable Secret Sharing and Their Applications ()

2024-01-12

• ECLIPSE: Enhanced Compiling Method for Pedersen-Committed zkSNARK Engines ()
• AntiFake: Using Adversarial Audio to Prevent Unauthorized Speech Synthesis ()
• Ou: Automating the Parallelization of Zero-Knowledge Protocols ()
• Why I Can鈥檛 Authenticate — Understanding the Low Adoption of Authentication Ceremonies with Autoethnography ()

2023-08-11

• Estimating Approximate Incentive Compatibility ()
• Coercion-Resistant Cast-as-Intended Verifiability for Computationally Limited Voters ()
• Multi-Factor Credential Hashing for Asymmetric Brute-Force Attack Resistance ()

2023-07-28

• Short Paper: Privacy Preserving Decentralized Netting ( workshop from FC'22)
• Private Internet Voting on Untrusted Voting Devices ( workshop from FC'23)
• Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings ()
• FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones ()

2023-07-14

• Decentralized Privacy-Preserving Netting Protocol on Blockchain for Payment Systems []

2023-06-30

• Deepfake CAPTCHA: A Method for Preventing Fake Calls [ASIACCS'23]
• Lattice Signature with Efficient Protocols, Application to Anonymous Credentials [CRYPTO'23]

2023-03-24

• How to take over kindle with an e-book [Other venues]
• Puncturable Signature: A Generic Construction and Instantiations [ESORICS'22]

2023-03-10

• Combating Robocalls with Phone Virtual Assistant Mediated Interaction - [USENIX Security'23]
• VoteXX : A Solution to Improper Influence in Voter-Verifiable Elections [E-vote-ID'22]

2023-02-10

• Groove: Flexible Metadata-Private Messaging - [USENIX OSDI'22]
• IoT goes nuclear: creating a Zigbee chain reaction [IEEE S&P'17]
• Device Fingerprinting with Peripheral Timestamps [IEEE S&P'22]
• Modern EMV and NFC cardholder verification issues The Cryptogram Confusion Attack []
• Constructing and Deconstructing Intentional Weaknesses in Symmetric Ciphers []

2023-01-27

2023-01-20

• • on hackMD

2023-01-13

• • on hackMD
• 
  
  • on hackMD

2023-01-6

• • on hackMD

2022-07-29

• (2nd day)
  • Cellular Security: Why is it Difficult?
  • RecIPE: Revisiting the Evaluation of Memory Error Defenses
  • Mixed Certificate Chains for the Transition to Post-Quantum Authentication in TLS 1.3
  • DPaSE: Distributed Password-Authenticated Symmetric-Key Encryption, or How to Get Many Keys from One Password

2022-07-15

• ASIACCS'22 (1st day)

2022-05-22

• • WatchAuth: User Authentication and Intent Recognition in Mobile Payments using a Smartwatch
  • HyperLogLog: Exponentially Bad in Adversarial Settings
  • SIERRA: Ranking Anomalous Activities in Enterprise Networks
  • aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA
  • SoK: Privacy-Preserving Computing in the Blockchain Era

2022-05-06

• (any day):
  • This Sneaky Piggy Went to the Android AD Market.
  • Wireless Charging Power Side-Channel Attacks
  • With a Little Help from My Friends: Constructing Practical Anonymous Credentials
  • United We Stand: Collaborative Detection and Mitigation of Amplification DDoS Attacks at Scale

2022-04-08

• (day 3)

2022-03-25

• (day 2)

2022-03-11

• (day 1)

2022-02-25

• :
  • What Peer Announcements Tell Us About the Size of the Bitcoin P2P Network;
  • India's "Aadhaar" Biometric ID: Structure, Security, and Vulnerabilities;
  • ABSNFT: Securitization and Repurchase Scheme for Non-Fungible Tokens Based on Game Theoretical Analysis;
  • A Centrality Analysis of the Lightning Network;
  • Analysis and Probing of Parallel Channels in the Lightning Network

2022-01-28

2022-01-14

2021-12-17

• Cryptocurrency and De-Fi

2021-12-03

• Cryptocurrency and De-Fi

2021-11-19

• Cryptocurrency and De-Fi

2021-08-27

• (Chapter 8: Economics)

2021-08-13

• (Chapter 22: Phones)

2021-07-30

• (Chapter 4: Protocols)

2021-07-16

• (Chapter 2: Who is the opponent)

2021-07-02

• (Chapter 1: What's security engineering)

2021-06-18

• (session 9-13)
• 1) A Decentralized and Encrypted National Gun Registry; 2) Epochal Signatures for Deniable Group Chats; 3) The EMV Standard: Break, Fix, Verify; 4) SoK: Security and Privacy in the Age of Commercial Drones; 5) Breaking the Specification: PDF Certification; 6) BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures

2021-05-28

• (session 5-8)
• 1) On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols; 2) Cross-Domain Access Control Encryption -- Arbitrary-policy, Constant-size, Efficient; 3) Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More); 4) SoK: Computer-Aided Cryptography; 5) Lightweight Techniques for Private Heavy Hitters

2021-05-07

• (session 1-4)
• Papers read: 1) merkle^2: A Low-Latency Transparency Log System; 2) High-Frequency Trading on Decentralized On-Chain Exchanges; 3) Is Private Learning Possible with Instance Encoding? 4) Using Selective Memoization to DefeatRegular Expression Denial of Service (ReDoS); 5) Doing good by fighting fraud: Ethical anti-fraud systems for mobile payments

2021-04-16

• ()
• Papers read: 1) Protocols for Checking Compromised Credentials; 2) too much crypto; 3) Challenges and Cryptographic Solutions with Payment-Channel Networks; 4) Are Certificate Thumbprints Unique?; 5) First chosen prefix collision on SHA 1; 6) Dragonblood: Analyzing the DragonflyHandshake of WPA3 and EAP-pwd

2021-03-26

• Papers read: 1) use direct anonymous attestation for mobile phone authentication; 2) privacy-preserving query of breached passwords; 3) detect money laundering by using MPC; 4) decetralized oracles for TLS; 5) IETF MLS standard; 6) symmetric key based threshold encryption; 7) attacking Moscow Internet voting system.

2021-03-05

• (session 7-9)
• Highlights: 1) fault injection attack against SGX; 2) automatically verifying Ethereum smart contracts; 3) analyzing the maritime wireless communication; 4) extracting data from cars for privacy analysis; 5) covert channel attacks against FPGA through power supply unit; 6) attack on SDN

2021-02-26

• (session 4-6)
• Highlights: 1) transparent ZKP (no trusted setup); 2) user study on ballot marking devices; 3) uncovering hidden inputs in apps; 4) stealth partitioning attack; 5) light client for transaction verification on mobile phones; 6) analysis of Style/Swiss e-voting

2021-02-19

• (session 1-3)
• Highlights: 1) Bluetooth impersonation attacks; 2) de-anonymization attacks against Bluetooth; 3) network cache attacks; 4) auto-detection of bystanders; 5) analysis of 4 and 6-digit PINs for smartphones

2021-02-05

• Highlights: 1) 2FA based on trust zone; 2) 2-party set operation with DP; 3) detecting malicious DNS behavior; 4) biometric backdoor by manipulating template updates.

2021-01-22

• Highlights: 1) breaking Bridgefy (private group messaging); 2) abuse of Covid notification to influence US election; 3) attack threshold wallet; 4) automatically patching code for power leakage; 5) analysing Yubico protocol (W3C).

2020-12-11

• Highlights: detecting malicious extension by analyzing updates; safely truncating MAC by keeping a state in continuous authentication; IoT pairing helped by a smartwatch (proposed an encoding scheme for fuzzy commitment; is it secure?); analyzing phone messages from fake base stations; hardened password storage by using a rate-limiting third party and secret sharing; DNS cache attack based on divide-and-conquer, hence 2 x 2^16 instead of 2^32.

2020-06-19

• (session 10)
• Highlights: dynamic proactive secret sharing; 7-year review of Let's Encrypt; two-party PSI; domain-impersonation in TLS; verifiable secret sharing with share recovery

2020-06-05

• (session 9)
• Highlights: apply adversarial ML to defeat Ad blocker; SPHINCS+ post-quantum signature; Geneva censorship evasion strategy

2020-05-22

• (session 8)
• Highlights: active attacks against zcash and subliminal channels; transforming malicious Javascript into benign undetectable forms; new ZKP (zkay) for smart contracts; graph-based detection of insiders in an enterprise; automated analysis of PHP (Malmax); cache-based DoS attacks

2020-05-15

• (session 7)
• Highlights: attack on BLE "just work" pairing based on fingerprinting UUID; 2/3 honest-majority for malicious adversaries; new ZKP to prevent substitution of public keys in (PKI-based) E2E messaging; applying double-spending-tracing in e-cash to the credential system.

2020-05-01

• (session 6)
• Highlights: the use of hand vibration for authentication (Velody); a method to distinguish spoofed voice generated by speakers; reducing the linear O(n) complexity for verifying the certificate transparency proofs; a "probabilistic" method to test if a password is in a compromised dataset; a protocol to check if a username/password is within a compromised database.

2020-04-24

• (session 5)
• Highlights: the flaw of Linux control group permission; the flaw in AMD software (backward) update; the use of n-shot learning for website fingerprinting (learning more with less data); fingerprinting a computing device based on hardware discrepancies in the CPU (use LibXtract to extract features automatically)

2020-04-17

• (session 4)
• Highlights: a method to reduce collateral (amount on hold in the payment channel); a method (Erlay) to improve broadcast efficiency of bitcoin transactions; combining power adjustment with mining attack; three-party MPC (symmetric key based)

2020-03-13

• (session 3)
• Highlights: post-quantum privacy for blockchain based on lattice; hot/code wallets for bitcoin; formal tools to verify the correctness of Helios code (no error found, so the verifier is right?)

2020-02-28

• (session 2)
• Highlights: side-channel attack to extract ECDSA from TrustZone; info leakage for database search based on the frequency; traceback for E2E encryption based on using the message as the key; compromise router to amplify cryptojacking; feeding noise to prevent adversarial ML; testing PCI DSS compliance (good presentations).

2020-02-21

• (session 1)

2019-10-6

2019-09-13

• IEEE TIFS:

2019-09-06

• IEEE S&P 2019:

Previous