Differences

This shows you the differences between two versions of the page.

--- schedule:start [2014/01/31 11:04]
admin
+++ schedule:start [2016/06/29 09:10] (current)
@@ Line 1: / Line 1: @@
-====== 2014 Schedule ======
+<html><a id="top"></a></html>
+===== Program 2016 =====
+----
+== Monday 20.06 ==
+  * 09:30-10:15: //Coffee & Snacks//
+  * 10:15-11:15: <html><a href="#gligor">Defender's Dilemma</a> &mdash; Virgil Gligor</html>
+  * 11:15-12:15: <html><a href="#shmatikov">Machine Learning and Privacy: Friends or Foes?</a> &mdash; Vitaly Shmatikov <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:shmatikov.pdf">(slides)</a></html>
+  * 12:15-13:30: //Lunch//
+  * 13:30-14:30: <html><a href="#junod">Towards Developer-Proof Cryptography</a> &mdash; Pascal Junod <a href="http://crypto.junod.info/EPFL-SURI-2016_slides.pdf">(slides)</a> </html>
+  * 14:30-15:30: <html><a href="#buchmann">Long-term Security</a> &mdash; Johannes Buchmann</html>
+  * 15:30-15:45: //Coffee & Snacks//
+  * 15:45-16:45: <html><a href="#gisin">How can Quantum Cryptography Contribute to Cyber Security</a> &mdash; Nicolas Gisin <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:gisin.pdf">(slides)</a> </html>
+  * 16:45-17:45: <html><a href="#juels">Exploring the Future of Smart Contracts</a> &mdash; Ari Juels <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:juels.pdf">(slides)</a> </html>
+== Tuesday 21.06 ==
+  * 09:30-10:15: //Coffee & Snacks//
+  * 10:15-11:15: <html><a href="#groth">Efficient Zero-Knowledge Proofs</a> &mdash; Jens Groth <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:groth.pdf">(slides)</a></html>
+  * 11:15-12:15: <html><a href="#capkun">Secure Positioning: From GPS to IoT</a> &mdash; Srdjan Capkun</html>
+  * 12:15-13:30: //Lunch//
+  * 13:30-14:30: <html><a href="#kiayias">Foundations of Blockchain Protocols</a> &mdash; Aggelos Kiayias</html>
+  * 14:30-15:30: <html><a href="#lipmaa">Cryptographically Secure Mix-Nets</a> &mdash; Helger Lipmaa</html>
+  * 15:30-15:45: //Coffee & Snacks//
+  * 15:45-16:45: <html><a href="#sullivan">Forward Secrecy in TLS: A Systematic Study</a> &mdash; Nick Sullivan <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:sullivan.pdf">(slides)</a> </html>
+  * 16:45-17:45: <html><a href="#camenisch">Cryptography for Privacy</a> &mdash; Jan Camenisch <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:camenisch.pdf">(slides)</a> </html>
+  *       Evening: //Social Event//
+== Wednesday 22.06 ==
+  * 09:30-10:15: //Coffee & Snacks//
+  * 10:15-11:15: <html><a href="#eriksson">Tracking Your Every Move: Today and Tomorrow</a> &mdash; Jakob Eriksson <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:eriksson.pdf">(slides)</a> </html>
+  * 11:15-12:15: <html><a href="#aumasson">How to Compute with Secrets and not Die Trying</a> &mdash; Jean-Philippe Aumasson & Luis Merino </html>
+  * 12:15-13:30: //Lunch//
+  * 13:30-14:30: <html><a href="#kreibich">Haystack: A Multi-Purpose Mobile Vantage Point in User Space</a> &mdash; Christian Kreibich <a href="http://icir.org/christian/talks/2016-06-epfl-haystack/talk.pdf">(slides)</a> </html>
+  *   Afternoon: //Free//
+== Thursday 23.06 ==
+  * 09:30-10:15: //Coffee & Snacks//
+  * 10:15-11:15: Free
+  * 11:15-12:15: <html><a href="#cachin">Blockchain, Cryptography, and Consensus</a> &mdash; Christian Cachin</html>
+  * 12:15-13:30: //Lunch//
+  * 13:30-14:30: <html><a href="#vukolic">The Quest for Scalable Blockchain</a> &mdash; Marko Vukolic <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:vukolic.pdf">(slides)</a> </html>
+  * 14:30-15:30: <html><a href="#polian">Hardware Trojans: An Emerging Threat for the Internet of Things</a> &mdash; Ilia Polian <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:polian.pdf">(slides)</a> </html>
+  * 15:30-15:45: //Coffee & Snacks//
+  * 15:45-16:45: <html><a href="#kiyavash">Data Analytic in Anonymized Networks: Is There Hope for Privacy?</a> &mdash; Negar Kiyavash <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:kiyavash.pdf">(slides)</a> </html>
+  * 16:45-17:45: <html><a href="#humbert">Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles</a> &mdash; Mathias Humbert <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:humbert.pdf">(slides)</a> </html>
+== Friday 24.06 ==
+  * 09:30-10:15: //Coffee & Snacks//
+  * 10:15-11:15: <html><a href="#chorti">Practical Examples of Physical Layer Security Schemes</a> &mdash; Arsenia Chorti <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:chorti.pdf">(slides)</a> </html>
+  * 11:15-12:15: <html><a href="#troncoso">Traffic Analysis: When Encryption is not Enough to Protect Privacy</a> &mdash; Carmela Troncoso <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:troncoso.pdf">(slides)</a> </html>
+  * 12:15-13:30: //Lunch//
+  * //End of SuRI 2016//
+<html><br></html>
+<html><br></html>
+==== Talks ====
+----
+== Monday 20.06 ==
+<html><a id="gligor"></a></html>
+**10:15-11:15: Defender's Dilemma --- Virgil Gligor** <html><a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+Advances in computing and communication technologies have posed persistent
+dilemmas for security defenders over the past half a century, each seemingly
+more daunting than the previous ones. For example, in the late 1960’s and
+’s, a dilemma arose in designing processor protection mechanisms, which
+exhibited significant vulnerabilities in instruction-set architectures (ISAs).
+That is, given the three key processor design objectives, namely performance,
+object-code compatibility, and security of new ISAs, any two objectives are easy
+to meet but meeting all three is very hard. This raised the dilemma of which
+pair of objectives should one meet? Over the years, new hardware production
+models relying on outsourced processor fabrication, system-board manufacturing,
+and distribution posed a new dilemma. Should production be done in-house, where
+one can retain control of security at a higher cost, or outsourced at a low
+production cost but face the possibility of deliberate addition of malicious
+hardware?  The past decade also posed a basic dilemma for commodity software
+markets. Rapid innovation in commodity software, which has been fueled by
+zero-cost of market entry, zero liability for insecure systems, and zero
+regulation, has led to low-cost, no-assurance components. This raises the
+question of whether there ever be a market case for high-assurance secure
+products, given that these will undoubtedly have higher cost?
+Security-unfavorable answers to these above questions suggest a general
+defender’ s dilemma: given that cyber-security is a fundamental problem of
+secondary importance in the Internet, how can a defender ever win against an
+attacker? (A similar dilemma seems to be posed by privacy, despite regulatory
+initiatives taking shape in both Europe and the US.) In this presentation, I
+will give a new example of a defender’s dilemma in the current Internet and
+suggest an approach where the defender can win. Specifically, I will show that
+non-traditional, large-scale link- flooding attacks, which can cause massive
+denial of service as recently experienced by Protonmail in Switzerland, are
+enabled minimum-cost routing -- a fundamentally desirable feature of Internet.
+Although minimum cost routing does not degrade end-point host connectivity
+during ordinary Internet use, it causes routing bottlenecks that can be
+exploited by an adversary to degrade connectivity substantially. The defender’s
+dilemma arises because these bottlenecks cannot be removed for the purpose of
+countering link- flooding attacks since that would also remove a key routing
+feature that reduces communication cost.  The approach one can take is to deter
+an adversary from exploiting a feature that cannot be removed despite the fact
+that is causes an exploitable vulnerability. Although current law does not offer
+effective deterrence against large-scale link-flooding attacks due to lack
+uniform marginal enforcement, technical deterrence appears to work. That is, it
+forces an untenable tradeoff for a cost-sensitive adversary: either the
+adversary must pay an unaffordable price for the attack or be detected using
+low-cost countermeasures. This approach requires higher-cost collaborative
+defenses among ISPs to counter less frequent link-flooding attacks by
+cost-insensitive adversaries.
+//Bio:// Virgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the
+University of California at Berkeley. He taught at the University of Maryland
+between 1976 and 2007, and is currently a Professor of ECE at Carnegie Mellon
+University. Between 2007 and 2015 he was the co-Director of CyLab. Over the past
+forty years, his research interests ranged from access control mechanisms,
+penetration analysis, and denial-of- service protection, to cryptographic
+protocols and applied cryptography. Gligor was an editorial board member of
+several ACM and IEEE journals and the Editor in Chief of the IEEE Transactions
+on Dependable and Secure Computing. He received the 2006 National Information
+Systems Security Award jointly given by NIST and NSA, the 2011 Outstanding
+Innovation Award of the ACM SIG on Security Audit and Control, and the 2013
+Technical Achievement Award of the IEEE Computer Society.
+<html><br></html>
+<html><a id="shmatikov"></a></html>
+**11:15-12:15: Machine Learning and Privacy: Friends or Foes? --- Vitaly Shmatikov** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:shmatikov.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+Machine learning is eating the world. Modern machine learning methods,
+especially deep learning based on artificial neural networks, rely on the
+training data collected from millions of users to achieve unprecedented accuracy
+and enable powerful AI-based services.
+In this talk, I will discuss the complex relationship between machine learning
+and digital privacy. This includes new threats, such as adversarial use of
+machine learning to recover hidden user data, and new benefits, such as
+privacy-preserving machine learning that protects the confidentiality of
+training data while constructing accurate models.
+<html><br></html>
+<html><a id="junod"></a></html>
+**13:30-14:30: Towards Developer-Proof Cryptography --- Pascal Junod** <html> <a href="http://crypto.junod.info/EPFL-SURI-2016_slides.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+Forty years after the publication of Diffie and Hellman seminal paper,
+cryptographic technologies have become ubiquitous and are used by millions of
+people on a daily basis. However, the quality and security of most
+cryptographic implementations are often horrifyingly bad. In this talk, we will
+demonstrate that a vast majority of cryptographic APIs are designed in such a
+way that they significantly increase the likelihood of misuse by software
+developers. A list of requirements leading to better crypto APIs will also be
+discussed.
+//Bio:// Pascal holds a MSc in computer science from ETH Zurich and a PhD in
+cryptography from EPF Lausanne.  He is currently a professor of information
+security at the University of Applied Sciences and Arts Western Switzerland,
+where he teaches industrial cryptography, software reverse engineering and
+software protection. He is also a co-founder of the startup strong.codes, which
+is active in the domain of software protection. Before that, he has been
+employed as an applied cryptographer in the Pay-TV industry, designing and
+analyzing secure broadcasting systems.
+His current research interests are applied cryptography, automated software
+reverse engineering as well as software protection.
+<html><br></html>
+<html><a id="buchmann"></a></html>
+**14:30-15:30: Long-term Security --- Johannes Buchmann** <html><a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+With increasing digitization, the amount of data that require long-term
+protection increases rapidly. Examples are medical data, electronic land
+registers, and classified information. However, much of the security technology
+used today appears to be inappropriate for the task of long-term protection.
+This is particularly true for cryptography. Keys chosen today will be too short
+in the future or they may be leaked over time. New attacks may be discovered
+that threaten cryptographic schemes which are now considered to be secure. In
+this talk a new framework is presented that allows for long-term integrity and
+confidentiality protection. It uses a combination of cryptographic techniques
+with quantum key distribution. We discuss the concept and its security and
+present a prototype implementation. This is joint work of researchers at TU
+Darmstadt and NICT, Tokyo.
+<html><br></html>
+<html><a id="gisin"></a></html>
+**15:45-16:45: How can Quantum Cryptography Contribute to Cyber Security --- Nicolas Gisin** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:gisin.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+Quantum physics is a natural source of entropy: randomness out of (almost)
+nothing! Moreover, the same random event can manifest itself at several
+locations. Hence quantum physics is a natural building block for cryptography,
+i.e. it offers Quantum Key Distribution.
+<html><br></html>
+<html><a id="juels"></a></html>
+**16:45-17:45: Exploring the Future of Smart Contracts --- Ari Juels** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:juels.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+Smart contracts are programs that execute autonomously atop a blockchain.
+Ethereum, for example, is a well known smart contract system based on a
+decentralized blockchain resembling Bitcoin’s. Smart contracts promise to give
+rise to a broad range of applications in finance, insurance, and rights
+management, but their success will require solutions to a number of technical
+challenges. In this talk I’ll enumerate the most important of these challenges
+and discuss exploration of solutions and applications in the Initiative for
+CryptoCurrencies and Contracts (IC3). Among other topics, I’ll present the Town
+Crier authenticated data feed system, recent work mapping existing elements of
+contract law onto smart contracts, and applications ranging from flight
+insurance to bug-bounty marketplaces.
+<html><a href="#top">back to top</a><br><br></html>
+== Tuesday 21.06 ==
+<html><a id="groth"></a></html>
+**10:15-11:15: Efficient Zero-Knowledge Proofs --- Jens Groth** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:groth.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/serge.vaudenay">(SV)</a></html>
+Zero-knowledge proofs enable a prover to convince the verifier that a statement
+is true without revealing anything else. Zero-knowledge proofs are useful to
+guarantee a party is following a protocol honestly, yet at the same time
+protecting the confidentiality of the party's private data. Applications include
+voting, mix-nets, verifiable outsourced computation, ring and group signatures,
+virtual currencies, and multi-party computation. In the first part of the talk
+we will introduce zero-knowledge proofs and applications. In the second part we
+will put the emphasis on non-interactive zero-knowledge proofs and present a new
+construction from EUROCRYPT 2016 with very small proofs consisting of only 3
+group elements each.
+<html><br></html>
+<html><a id="capkun"></a></html>
+**11:15-12:15: Secure Positioning: From GPS to IoT --- Srdjan Capkun** <html><a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+In this talk I will review security issues in today’s navigation and close-range
+positioning systems. I will discuss why GNS systems like GPS are hard to fully
+secure and will present novel solutions that can be used to improve the
+robustness of GNS systems to attacks. I will then show how a different design of
+a positioning system can enable secure positioning, but also that this requires
+solving a set of relevant physical- and logical- layer challenges. Finally, I
+will present a fully integrated IR UWB secure distance measurement (distance
+bounding) system that solves these challenges and enables secure distance
+measurement and secure positioning in IoT applications.
+<html><br></html>
+<html><a id="kiayias"></a></html>
+**13:30-14:30: Foundations of Blockchain Protocols --- Aggelos Kiayias** <html><a style="font-size:65%;" href="https://people.epfl.ch/serge.vaudenay">(SV)</a></html>
+The rise of bitcoin and other cryptocurrencies puts forth a wealth of
+interesting problems in distributed systems  and cryptography that relate to
+building decentralized systems. In this talk, we discuss what is the exact
+problem that the bitcoin protocol solves and then go on to investigate  whether
+and in what ways the protocol can be improved. The protocol itself will be
+abstracted in a simple algorithmic form, termed as the bitcoin backbone, and
+subsequently provable properties like chain quality, common prefix and chain
+growth will be detailed. The concept of a robust transaction ledger will be
+defined, as captured by two basic properties, persistence and liveness.
+Alternatives to the main protocol such as GHOST will be overviewed as well as
+the relation of the defined properties and protocols to the consensus problem.
+<html><br></html>
+<html><a id="lipmaa"></a></html>
+**14:30-15:30: Cryptographically Secure Mix-Nets --- Helger Lipmaa** <html><a style="font-size:65%;" href="https://people.epfl.ch/serge.vaudenay">(SV)</a></html>
+TBA.
+<html><br></html>
+<html><a id="sullivan"></a></html>
+**15:45-16:45: Forward Secrecy in TLS: A Systematic Study --- Nick Sullivan** <html><a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:sullivan.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+Perfect Forward Secrecy (PFS) was a concept first introduced by Günther in 1990
+to describe a property of key exchange protocols like Diffie-Hellman: past key
+exchanges are secure against future attackers. In Transport Layer Security
+protocol (TLS), the ciphersuites for which certificate private key compromise
+does not allow an attacker to retroactively decrypt previously recorded
+connections are said to be PFS. However, a close examination of how keys are
+managed in real-world TLS deployments show that PFS is not a strong enough
+guarantee to ensure secrecy of past (or future) communications in all
+scenarios. In this talk we describe a more specific set of security guarantees
+afforded to TLS during both stateless and stateless session resumption in TLS
+.2, and explore the improvements to forward security in the upcoming TLS 1.3.
+//Bio:// Nick Sullivan is a leading cryptography and security technologist. At
+CloudFlare, a top Internet performance and security company, Nick is
+responsible for overseeing all cryptographic products and strategy. Prior to
+joining CloudFlare, he was a digital rights management pioneer, helping build
+and secure Apple’s multi-billion dollar iTunes store. He is the author of more
+than a dozen computer security patents and holds an MSc in Cryptography.
+<html><br></html>
+<html><a id="camenisch"></a></html>
+**16:45-17:45: Cryptography for Privacy --- Jan Camenisch** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:camenisch.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+The amount of personal information that is collected, stored, and processed
+continues to increase daily, making our lives ever easier. At the same time, it
+becomes increasingly hard to protect personal information, putting ourselves at
+risk. In this talk we discuss a number of cryptographic mechanisms that can
+provide all the benefits of a digital world while strong cryptographic
+protection.
+<html><a href="#top">back to top</a><br><br></html>
+== Wednesday 22.06 ==
+<html><a id="eriksson"></a></html>
+**10:15-11:15: Tracking Your Every Move - Today and Tomorrow --- Jakob Eriksson** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:eriksson.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+Not too long ago, tracking the movements of individuals was an obscure activity
+largely reserved for detective novels and the occasional creepy stalker.
+Lately, however, massive-scale continuous location surveillance has quietly
+become a fact of life, pursued by organizations as diverse as Google, Amazon,
+the Drug Enforcement Agency, and the Department of Transportation, not to
+mention cyber-criminals, jealous spouses and helicopter parents. An equally
+wide range of technologies is used for this virtual stakeout job, including
+spyware on your laptop and mobile devices, roadside radio receivers (Wi-Fi,
+Bluetooth and more), license plate reading devices, face-recognizing
+surveillance cameras, RFID tags and readers, and more.
+In this talk, we will review some of the more pervasive people-tracking methods
+in use today, together with some of their more (or less) well-known uses. We'll
+then put on a pair of decidedly rose-colored glasses, and try to see what good
+our Orwellian future may bring, and what challenges lie ahead, beyond the
+quaint notion of protecting your location privacy.
+//Bio:// Jakob Eriksson is an Associate Professor of Computer Science at the
+University of Illinois at Chicago. Prior to that, he did a two year stint at
+MIT CSAIL as a postdoc, received his Ph.D. at UC Riverside, and his
+undergraduate degree at the Royal Institute of Technology (KTH) in Stockholm,
+Sweden. His research interests include mobile computing, operating systems, and
+computer vision.
+<html><br></html>
+<html><a id="aumasson"></a></html>
+**11:15-12:15: How to Compute with Secrets and not Die Trying --- Jean-Philippe Aumasson & Luis Merino** <html><a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+In this presentation we give an introduction to a recent trusted computing
+implementation, followed by our assessment of the cryptographic mechanisms
+behind it.
+<html><br></html>
+<html><a id="kreibich"></a></html>
+**13:30-14:30: Haystack: A Multi-Purpose Mobile Vantage Point in User Space --- Christian Kreibich** <html> <a href="http://icir.org/christian/talks/2016-06-epfl-haystack/talk.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/katerina.argyraki">(KA)</a></html>
+Despite our growing reliance on mobile phones for a wide range of daily tasks,
+their operation remains largely opaque. In this talk I will introduce Haystack,
+a platform that leverages the VPN API on mobile devices to create a mobile
+measurement platform that operates exclusively on the device, providing full
+access to the device’s network traffic and local context without requiring root
+access. I will present the design of Haystack and its implementation in an
+Android app available in the Google Play store. Using data collected from 450
+users of the app, I will exemplify Haystack’s ability to provide meaningful
+insights about protocol usage, its ability to identify security and privacy
+concerns of mobile apps, and to characterize mobile traffic performance. I will
+conclude with an outlook on our plans for Haystack's future and potential
+avenues for collaboration.
+<html><a href="#top">back to top</a><br><br></html>
+== Thursday 23.06 ==
+<html><a id="cachin"></a></html>
+**11:15-12:15: Blockchain, Cryptography, and Consensus --- Christian Cachin** <html><a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+A blockchain is a public ledger for recording transactions, maintained by many
+nodes without central authority through a distributed cryptographic protocol.
+All nodes validate the information to be appended to the blockchain, and a
+consensus protocol ensures that the nodes agree on a unique order in which
+entries are appended. Distributed protocols tolerating faults and adversarial
+attacks, coupled with cryptographic tools are needed for this. The recent
+interest in blockchains has revived research on consensus protocols, ranging
+from the proof-of-work method in Bitcoin's "mining" protocol to classical
+Byzantine agreement.
+IBM is actively involved the development of a blockchain for the enterprise. In
+this context an industry-wide collaborative effort, the Hyperledger Project,
+has been established in early 2016 to develop an open-source blockchain. Being
+one of the key partners in Hyperledger, IBM has already contributed code for
+running an enterprise blockchain fabric.
+This talk will present an overview of blockchain concepts, the cryptographic
+building blocks and consensus mechanisms, and discuss current efforts in the
+Hyperledger Project.
+<html><br></html>
+<html><a id="vukolic"></a></html>
+**13:30-14:30: The Quest for Scalable Blockchain --- Marko Vukolic** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:vukolic.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/rachid.guerraoui">(RG)</a></html>
+Bitcoin cryptocurrency demonstrated the utility of global consensus across
+thousands of nodes, changing the world of digital transactions forever. In the
+early days of Bitcoin, the performance of its probabilistic proof-of-work (PoW)
+based consensus fabric, also known as blockchain, was not a major issue.
+The situation today is radically different and the poor performance scalability
+of early PoW blockchains no longer makes sense. Specifically, the trend of
+modern cryptocurrency platforms, such as Ethereum, is to support execution of
+arbitrary distributed applications on blockchain fabric, needing much better
+performance. This approach, however, makes cryptocurrency platforms step away
+from their original purpose and enter the domain of the classical state-machine
+replication, and in particular its Byzantine fault-tolerant (BFT) variants.
+In this talk, we contrast PoW-based blockchains to those based on BFT
+state-machine replication, focusing on their scalability limits. We also discuss
+recent proposals to overcoming these scalability limits and outline key
+outstanding open problems in the quest for the "ultimate" blockchain fabric(s).
+We further reflect on our practical experiences in building the Hyperledger
+open-source blockchain fabric.
+//Bio:// Dr. Marko Vukolic is a Research Staff Member at IBM Research - Zurich.
+Previously, he was a faculty at EURECOM and a visiting faculty at ETH Zurich.
+He received his PhD in distributed systems from EPFL in 2008 and his
+engineering degree in telecommunications from University of Belgrade in 2001.
+Dr. Vukolic is currently a steering committee member of Eurosys, was a PC
+co-chair of the SOFSEM 2011 conference, and a member of numerous program
+committees of major conferences. His research was awarded Eurosys 2010 Best
+Paper Award and the IBM Outstanding Technical Achievement Award. His research
+interests lie in the broad area of distributed algorithms and systems,
+including fault-tolerance, blockchain and distributed ledgers, cloud computing
+security and distributed storage.
+<html><br></html>
+<html><a id="polian"></a></html>
+**14:30-15:30: Hardware Trojans: An Emerging Threat for the Internet of Things --- Ilia Polian**  <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:polian.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/bryan.ford">(BAF)</a></html>
+Historically, IT security concentrated on attack scenarios targeting software
+and communication networks, but more recently, the system hardware moved into
+the focus of attackers. Hardware-related threats are relevant even for
+extremely software-dominated systems, which still contain some amount of
+hardware on which the software runs; compromising this hardware makes the
+entire system vulnerable. Even worse, many software-centric security solutions
+rely on a hardware-based root of trust which stores secret keys and provides
+essential security functions; successful attacks on such root-of-trust blocks
+renders the entire security concept ineffective. With the emergence of
+paradigms like cyberphysical systems, internet of things, or Industrie 4.0 that
+connect the physical world, IT systems and global connectivity, hardware blocks
+are at risk to become the Achille’s heel of entire infrastructures.
+The presentation will focus on one emerging attack scenario: Hardware Trojans.
+These are malicious modification of system hardware with the purpose to gain
+control over its functionality and, e.g., be able to deactivate the affected
+block at the attacker’s will (“kill switch”), or establish a side-channel to
+access confidential data processed by the device (“backdoor”). Hardware Trojans
+may be planted by an external foundry who manufactures the integrated circuit,
+by a rogue in-house designer, by an external provider of intellectual property
+blocks integrated into the design, or even by an electronic design automation
+tool. Even though hard evidence of their occurrence in actual systems is largely
+lacking, hardware Trojans are receiving substantial attention by academia and by
+governmental agencies. The presentation will discuss the feasibility of such
+attacks, recapitulate early proof-of-concept demonstrations, and explain novel,
+more sophisticated Trojans on all levels. It will also discuss the capability of
+various kinds of countermeasures, from silicon measurements and runtime
+monitoring to formal methods, to detect the presence of Trojans and/or prevent
+the attacks when they happen.
+<html><br></html>
+<html><a id="kiyavash"></a></html>
+**15:45-16:45: Data Analytic in Anonymized Networks: Is There Hope for Privacy? --- Negar Kiyavash** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:kiyavash.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+The proliferation of online social networks has helped in generating large
+amounts of graph data which has immense value for data analytics. Network
+operators, like Facebook, often share this data with researchers or third party
+organizations, which helps both the entities generate revenues and improve
+their services. As this data is shared with third party organizations, the
+concern of user privacy becomes pertinent. Hence, it becomes essential to
+balance utility and privacy while releasing such data. Advances in graph
+matching and the resulting recent attacks on graph datasets paints a grim
+picture.  We discuss the feasibility of privacy preserving data analytics in
+anonymized networks and provide an answer to the question “Does there exist a
+regime where the network cannot be deanonymized, yet data analytics can be
+performed?."
+//Bio:// Negar Kiyavash is Willett Faculty Scholar and an Associate of Center for
+Advance Study at the University of Illinois at Urbana-Champaign. She is a joint
+Associate Professor of Industrial and Enterprise Engineering and Electrical and
+Computer Engineering. She is also affiliated with the Coordinated Science
+Laboratory (CSL) and the Information Trust Institute. She received her Ph.D.
+degree in electrical and computer engineering from the University of Illinois at
+Urbana-Champaign in 2006.  Her research interests are in design and analysis of
+algorithms for network inference and security. She is a recipient of National
+Science Foundation's CAREER and The Air Force Office of Scientific Research
+Young Investigator awards, and the Illinois College of Engineering Dean's Award
+for Excellence in Research.
+<html><br></html>
+<html><a id="humbert"></a></html>
+**16:45-17:45: Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles --- Mathias Humbert** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:humbert.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+The decreasing cost of molecular profiling tests, such as DNA sequencing, and
+the consequent increasing availability of biological data are revolutionizing
+medicine, but at the same time create novel privacy risks. The research
+community has already proposed a plethora of methods for protecting genomic
+data against these risks. However, the privacy risks stemming from epigenetics,
+which bridges the gap between the genome and our health characteristics, have
+been largely overlooked so far, even though epigenetic data is no less privacy
+sensitive. In this talk, I will first provide some background on epigenetics,
+notably how it relates to the human health ecosystem.  I will then show how
+personal miRNA expression data, despite their variability, can be successfully
+tracked over time. I will also present two mechanisms for mitigating the
+linkability threat: (i) hiding a subset of disease-irrelevant miRNA
+expressions, and (ii) probabilistically sanitizing the miRNA expression
+profiles. I will conclude by presenting open challenges related to miRNA
+expression data and, more generally, epigenetic privacy.
+<html><a href="#top">back to top</a><br><br></html>
+== Friday 24.06 ==
+<html><a id="chorti"></a></html>
+**10:15-11:15: Practical Examples of Physical Layer Security Schemes --- Arsenia Chorti** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:chorti.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/serge.vaudenay">(SV)</a></html>
+The security and integrity of communication systems, and especially wireless
+networks, is a matter of increasing importance, affecting government, industry,
+commerce and the privacy and financial security of us all. In next generation
+wireless systems (5G) the overhead and latency imposed by cryptography is
+expected to increase, while at the same time requiring simpler and less
+energy-intensive wireless nodes.  On the other hand, it was shown by Shannon,
+in 1949 (and further developed by Wyner in 1975), that unconditionally secure
+communication is possible. Specifically Wyner showed that for the wiretap
+channel, in which the eavesdropper (“Eve”) has a poorer channel than the
+legitimate receiver (“Bob”), the sender (“Alice”) can transmit confidential
+data to Bob irrespective of Eve’s computational power. This concept, known as
+physical layer security (PLS), has attracted significant attention in recent
+years. However the concept has until now very largely been information
+theoretic, and work in the area has not adequately addressed practical issues
+which could give users sufficient confidence to put the methods into operation.
+In this talk we discuss two practical PLS schemes that could find use in future
+generations of heterogeneous wireless networks (5G and beyond). In particular,
+we will first discuss an explicit encoder construction with guaranteed secrecy
+for wireless network coding schemes with untrusted relays. The proposed encoder
+is built around simple M-QAM modulators and could find use in secure
+device-to-device communications. Secondly, we will review a simple scheme for
+the generation of symmetric keys of guaranteed entropy from shared randomness
+and we will discuss the robustness of such schemes to denial of service attacks
+in the form of jamming.
+//Bio:// Dr Arsenia Chorti joined the School of Computer Science and Electronic
+Engineering of the University of Essex in October 2013 as a Lecturer. She
+obtained her PhD from Imperial College London and has served as a Senior
+Lecturer at Middlesex University between 2008 and 2010. From 2010 to 2013 she
+was as a Marie Curie International Outgoing Fellow (MC-IOF) at Princeton
+University where she currently holds a Visiting Researcher status. Her research
+interests include, among others, physical layer security, physical layer network
+coding, signal processing for communications. She is a member of the IEEE and of
+the IEEE ComSoc Signal Processing, Communications and Electronics Technical
+Committee (SPCE TC).
+<html><br></html>
+<html><a id="troncoso"></a></html>
+**11:15-12:15: Traffic Analysis - When Encryption is not Enough to Protect Privacy --- Carmela Troncoso** <html> <a href="https://suri.epfl.ch/lib/exe/fetch.php?media=slides:2016:troncoso.pdf">(slides)</a> <a style="font-size:65%;" href="https://people.epfl.ch/jean-pierre.hubaux">(JPH)</a></html>
+Intuitively, privacy is associated to the confidentiality of content.  Yet, the
+meta data associated with this content it, e.g., the sender, the receiver, the
+time and length of messages, in itself may reveal private information. Using
+anonymous communication systems as running example, this talk will provide an
+overview of traffic analysis approaches. We will show how these techniques can
+be used to extract information from secure systems in which information is
+encrypted.
+<html><br></html>
+<html><a href="#top">back to top</a><br><br></html>
-<memento memento='IC' filter='suri2014' />