Location: darmstadtium, Schlossgraben 1, 64283 Darmstadt

September 9 – 10, 2019

CROSSING Conference on Sustainable Security & Privacy

Welcome to the CROSSING Conference on Sustainable Security & Privacy organized by TU Darmstadt, Germany, on September 9-10, 2019.

The CROSSING Conference on Sustainable Security and Privacy is a high profile conference within the collaborative project CROSSING of German Science Foundation (DFG) organized by Prof. Dr.-Ing. Ahmad-Reza Sadeghi. It targets researchers on all levels interested in sustainable security and privacy. Talks by renowned experts will provide insights into the foundations as well as state-of-the-art solutions. There will be also room for discussions and networking between participants and lecturers.

Today’s information technology (IT) systems are entrusted with multiple high-value assets, but these systems are often unable to remain secure for their entire lifetime. Sustainable Security & Privacy requires anticipating unforeseen future issues and preparing systems for unknown threats.

Eight talks per day will focus on Sustainable Security and Privacy. The Conference takes place in the darmstadtium, Schlossgraben 1, 64283 Darmstadt.


Registration for the Conference is by invitation only.

Note: You do not need to register to the CROSSING Conference if you register to the CROSSING Summer School.

See Accommodation and Venues & Travel for details.


Monday, September 9  
8:00 am - 9:00 am Registration & Welcome
9:00 am – 9:15 am Opening
9:15 am - 10:00 am Ross Anderson, University of Cambridge, UK
The sustainability of safety, security and privacy • Abstract »
Now that we’re putting software and network connections into cars and medical devices, we’ll have to patch vulnerabilities, as we do with phones. But we can’t let vendors stop patching them after three years, as they do with phones. So in May, the EU passed Directive 2019/771 on the sale of goods. This gives consumers the right to software updates for goods with digital elements, for the time period the consumer might reasonably expect. In this talk I’ll describe the background, including a study we did for the European Commission in 2016, and the likely future effects. As sustainable safety, security and privacy become a legal mandate, this will create real tension with existing business models and supply chains. It will also pose a grand challenge for computer scientists. What sort of tools and methodologies should you use to write software for a car that will go on sale in 2023, if you have to support security patches and safety upgrades till 2043?
10:00 am - 10:45 am Dongyan Xu, Purdue University, USA
From Control Model to Control Program: A Cross-Layer Approach to Robotic Vehicle Security • Abstract »
Robotic autonomous vehicles operate in potentially hostile environments and are subject to disturbances, failures, and attacks. The core of a robotic vehicle is its real-time controller, which is responsible for controlling and steering the vehicle to fulfill missions. The controller, together with the physical vehicle, may become legacy systems over time and need to be retrofitted for attack/fault resiliency. In this talk, I will report our recent efforts in vetting and retrofitting robotic vehicle control programs. First, I will present a cross-layer framework for investigating robotic vehicle accidents caused by control model implementation bugs in the control program. Second, I will present a control-guided technique to proactively discover control parameter validation bugs in control program binaries. Finally, I will report our ongoing efforts in retrofitting control programs with reinforcement learning-based attack recovery capability. By presenting these efforts, I would like to advocate a multidisciplinary methodology – spanning cyber, control, and domain physics – for CPS security research.
10:45 am - 11:15 am Coffee break
11:15 am - 12:00 am Michele Mosca, University of Waterloo, Canada
Security in the Quantum Era • Abstract »
While it is too soon to know the full breadth of applications and implications of quantum computation, one thing is known: it will decimate the current public-key cryptography at the foundations of our information and communication systems. What does this mean for legacy systems? What about new systems and tools like blockchains and AI? How close are we to cryptographically relevant quantum computers?
The path to designing and deploying new foundations is long and hard, though progress is being made. Will our cyber systems be ready in time? Will this be part of our technology lifecycle management (and lead to more robust systems), or crisis management (and lead to weaker systems)? What can we do now so we can safely reap the rewards of the quantum era?
12:00 am - 12:45 am Benny Pinkas, Bar Ilan University, Israel
Private Intersection Analytics • Abstract »
Effective data analysis often depends on data that is known to different sources, including private data whose owners cannot disclose. The task at hand is to perform effective analysis of the data while preserving its privacy. This talk will describe efficient cryptographic protocols, some of them based on variants of private set intersection (PSI), that can be applied to perform private analysis of data.
12:45 am - 1:45 pm Lunch
1:45 pm - 2:30 pm Moti Yung, Google Inc.
The Exodus of Secure Computations: From Theory to Core Business Deployment
2:30 pm - 3:15 pm Gene Tsudik, University of California, Irvine, USA
Verified Proofs of Update, Reset and Erasure for Low-End Embedded Systems • Abstract »
Remote Attestation (RA) is a security service that enables a trusted verifier (Vrf) to measure current memory state of an untrusted remote prover (Prv). If correctly implemented, RA allows Vrf to remotely detect if Prv’s memory reflects a compromised state. However, RA by itself offers no means of remedying the situation once Prv is determined to be compromised. In this work we show how a secure RA architecture can be extended to enable important and useful security services for low-end embedded devices. In particular, we extend the formally verified RA architecture, VRASED, to implement provably secure software update, erasure, and systemwide resets. When (serially) composed, these features guarantee to Vrf that a remote Prv has been updated to a functional and malware-free state, and was properly initialized after such process. These services are provably secure against an adversary (represented by malware) that compromises Prv and exerts full control of its software state. Our results demonstrate that such services incur minimal additional overhead, making them practical even for the lowest-end embedded devices.
3:15 pm - 3:45 pm Coffee break
3:45 pm - 4:30 pm Srdjan Capkun, ETH Zürich, Switzerland
Secure Positioning: From GPS to IoT • Abstract »
In this talk I will review security issues in today’s navigation and close-range positioning systems. I will discuss why GNS systems like GPS are hard to fully secure and will present novel solutions that can be used to improve the robustness of GNS systems to attacks. I will then show how a different design of a positioning system can enable secure positioning, but also that this requires solving a set of relevant physical- and logical- layer challenges. I will present a design and implementation of a fully integrated IR UWB secure distance measurement (distance bounding) system that solves these challenges and enables secure distance measurement and secure positioning in IoT applications. Finally, I will place these efforts in the context of an upcoming IEEE 802.15.4z secure distance measurement standard.
4:30 pm - 5:15 pm Nele Mentens, KU Leuven, Belgium
Cryptographic agility in future-proof coprocessors • Abstract »
Cryptographers are continuously coming up with novel algorithms to thwart newly discovered theoretical or physical vulnerabilities, potentially leading to new standards. Therefore, it is indispensable to enable cryptographic agility, i.e., to implement mechanisms that allow cryptographic software or hardware implementations to be updated after deployment. In software and configurable hardware, implementing cryptographic agility is straightforward. It is a challenge, however, to enable this feature in dedicated hardware coprocessors. And the challenge becomes even bigger when the coprocessor needs to be updatable with algorithms that have not yet been invented. Nevertheless, many applications need the resource and energy efficiency of ASIC coprocessors, which creates a tension between efficiency and agility. This talk gives an overview of hardware architectures that address the challenge of cryptographic agility with the aim of outperforming cryptographic software and FPGA implementations.
5:15 pm - 6:00 pm George Danezis, University College London, UK
The Libra Blockchain
Tuesday, September 10  
8:00 am – 9:00 am Registration & Welcome
9:00 am – 9:45 am Engin Kirda, North Eastern University, USA
Using AI to Detect Advanced Threats – Done Right • Abstract »
As every researcher knows, using AI in security products is the latest craze. The security industry is now promising us that AI will solve all security problems, and will save the world. In this talk, I will put on my both academic and industrial hats on (as a professor and the co-founder of a security company) and will discuss how we use ML techniques at Lastline to detect breaches and advanced threats. I will also talk about the common pitfalls and shortcomings of a lot of industrial solutions in the field.
9:45 am – 10:30 am Mathias Payer, EPFL, Switzerland
Fuzzing Low-level Code • Abstract »
In an eternal war in memory, state corruption plagues systems since the dawn of computing. Despite the rise of strong mitigations such as stack cookies, ASLR, DEP, or most recently Control-Flow Integrity, exploits are still prevalent as none of these defenses offers complete protection. This situation calls for program testing techniques that discover reachable vulnerabilities before the attacker. Finding and fixing bugs is the only way to protect against all exploitation.
We develop fuzzing techniques that follow an adversarial approach, focusing on the exposed attack surface and exploring potentially reachable vulnerabilities.
In this talk we will discuss two aspects of fuzzing hard to reach code: (i) learning what code is exposed to attacker-controlled input and (ii) testing drivers that interact with exposed peripherals.
First, we assess the threat surface by characterizing the potential computational power that a vulnerability gives. In a multi-step process we follow the flow of information an synthesize potential attacker payloads to learn how exposed certain code sequences are. Second, by providing a custom-tailored emulation environment we create mock Trojan devices that allow fuzzing the peripheral/driver interface. In these projects we develop new techniques to test different kinds of hard to reach code and exposed large amounts of vulnerabilities.
10:30 am – 11:00 am Coffee break
11:00 am – 11:45 am Rosario Cammarota & Anand Rajan, Intel Corporation
Security for Emerging Paradigms & Private AI Systems • Abstract »
This talk will provide an overview of the key security research challenges and opportunities for a set of important emerging paradigms (e.g. IoT, 5G, Blockchain, AI, PQC). The remainder of the talk will then focus on Private AI Systems.
Advances in users’ data privacy laws create pressures and pain points for both service users and service providers. On the one hand, the user wants (or would feel comfortable if) its data can be processed without being exposed to the service providers. For this, cryptographic technologies such as homomorphic encryption, masking, multi-party computation, to name a few, can be used to protect users’ data. On the other hand, a service provider wants to keep its service’s secret sauce (the AI models) secured and private from the cloud infrastructure and possible threats emanating from it. For this, technologies such as trusted execution can be used to protect the service providers’ AI models. Deploying AI systems in a scenario where a service provider, the cloud infrastructure and a service user are distinct and mutually distrusted entities is a problem that has received little attention in the past. In this talk, we cover possible AI system profiles to address this problem, their advantages, and limitations.
11:45 am – 12:30 am Farinaz Koushanfar, University of California, San Diego, USA
Privacy-preserving Machine Learning
12:30 am – 1:30 pm Lunch
1:30 pm – 2:15 pm Yossi Oren, Ben-Gurion University of the Negev, Israel
Side Channel Attacks and Human Secrets
2:15 pm – 3:00 pm Yongdae Kim, KAIST, South Korea
LTE Hacking
3:00 pm – 3:30 pm Coffee break
3:30 pm – 4:15 pm Lejla Batina, Radboud University, Netherlands
SCA strikes back: attacking neural networks via physical leakage… and the other way around • Abstract »
Recently, the potential of machine and consequently deep learning on side-channel analysis was discovered and confirmed even on protected cryptographic implementations. The success of those experiments has led to deep learning techniques becoming a mainstream component in side-channel leakage evaluations.
Conversely, recent work has shown that neural networks can be reversed engineered by the side-channel attacker, i.e., the adversary using physical leakage such as timing and EM. This makes neural nets an interesting target as in some applications such as security evaluation, HD maps for autonomous vehicles etc. optimized networks are considered an IP.
This talk will survey this interplay of deep learning and side-channel analysis and its impact on security.
4:15 pm – 5:00 pm Frank Krüger, George Mason University, USA
Toward a Model of Trust Drawn from Neuroscience, Psychology, and Economics • Abstract »
Trust pervades nearly every social aspect of our daily lives, and its disruption is a significant factor in mental illness. Research in the field of neuroeconomics has gained a deeper understanding of the neuropsychoeconomic (NPE) underpinnings of trust by combining complementary methodologies from neuroscience, psychology, and economics. However, a coherent model of trust that integrates separate findings under a conceptual framework is still lacking. In this presentation, I will sketch out an integrative NPE model that explains how the interactions of psychoeconomic components engage domain-general large-scale brain networks in shaping trust behavior over time. Further, I will point out the caveats of current research approaches and outline open questions that can help guide future transdisciplinary investigations for a better understanding of the neuropsychology of trust.
5:00 pm – 5:45 pm Carmela Troncoso, EPFL Lausanne, Switzerland
Privacy Engineering • Abstract »
In this talk we revisit privacy engineering methodologies and show that not those, not the PETs designed at top conferences are thought to be deployed in an Agile manner nor in a service-oriented world (which is 90% of the software development these days). As such, they are very hard to deploy in practice. We identify the problems and propose future avenues of research to tackle them.
5:45 pm – 6:30 pm Closing


Mandy Herberg, conf@crossing.tu-darmstadt.de