ACM Conference on Computer and Communications Security

CCS 2017 - Papers on Authentication and authorization

Topics · Papers

Authentication and authorization

Hearing Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication
Linghan Zhang (Florida State University), Sheng Tan (Florida State University), Jie Yang (Florida State University)
Session: 2A
Let’s go in for a closer look: Observing passwords in their natural habitat
Sarah Pearman (Carnegie Mellon University), Jeremy Thomas (Carnegie Mellon University), Pardis Emami Naeini (Carnegie Mellon University), Hana Habib (Carnegie Mellon University), Lujo Bauer (Carnegie Mellon University), Nicolas Christin (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University), Serge Egelman (University of California, Berkeley), Alain Forget (Google)
Session: 2B
T/Key: Second-Factor Authentication From Secure Hash Chains
Dmitry Kogan (Stanford University), Nathan Manohar (Stanford University), Dan Boneh (Stanford University)
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Melissa Chase (Microsoft Research), David Derler (Graz University of Technology), Steven Goldfeder (Princeton University), Claudio Orlandi (Aarhus University), Sebastian Ramacher (Graz University of Technology), Christian Rechberger (Graz University of Technology / Denmark Technical University), Daniel Slamanig (AIT Austrian Institute of Technology), Greg Zaverucha (Microsoft Research)
Session: 1I
Detecting Structurally Anomalous Logins Within Enterprise Networks
Hossein Siadati (New York University), Nasir Memon (New York University)
Session: 2F
AUTHSCOPE: Towards Automatic Discovery of Vulnerable Access Control in Online Services
Chaoshun Zuo (University of Texas at Dallas), Qingchuan Zhao (University of Texas at Dallas), Zhiqiang Lin (University of Texas at Dallas)
Session: 2D
VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration
Jian Liu (Rutgers University), Chen Wang (Rutgers University), Yingying Chen (Rutgers University), Nitesh Saxena (University of Alabama at Birmingham)
Session: 2A
Practical Graphs for Optimal Side-Channel Resistant Memory-Hard Functions
Joel Alwen (IST Austria), Jeremiah Blocki (Purdue University), Ben Harsha (Purdue University)
Data breaches, phishing, or malware? Understanding the risks of stolen credentials
Kurt Thomas (Google), Frank Li (University of California, Berkeley), Ali Zand (Google), Jake Barrett (Google), Juri Ranieri (Google), Luca Invernizzi (Google), Yarik Markov (Google), Oxana Comanescu (Google), Vijay Eranti (Google), Angelika Moscicki (Google), Dan Margolis (Google), Vern Paxson (University of California, Berkeley), Elie Bursztein (Google)
Session: 5F
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study
Alena Naiakshina (University of Bonn), Anastasia Danilova (University of Bonn), Christian Tiefenau (University of Bonn), Marco Herzog (University of Bonn), Sergej Dechand (University of Bonn), Matthew Smith (University of Bonn)
Iron: Functional Encryption using Intel SGX
Ben Fisch (Stanford University), Dhinakaran Vinayagamurthy (University of Waterloo), Dan Boneh (Stanford University), Sergey Gorbunov (University of Waterloo)
(Award Finalist)
Session: 1D
Defending Against Key Exfiltration: Efficiency Improvements for Big-Key Cryptography via Large-Alphabet Subkey Prediction
Mihir Bellare (University of California, San Diego), Wei Dai (University of California, San Diego)
Session: 4D
Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping
Zhangkai Zhang (Beihang University), Xuhua Ding (Singapore Management University), Gene Tsudik (University of California, Irvine), Jinhua Cui (Singapore Management University), Zhoujun Li (Beihang University)
Session: 2A