Financial Cryptography and Data Security '10


Fourteenth International Conference
January 25-28, 2010

Dream Hotel Gran Tacande 5* & Spa Vitanova
Tenerife, Canary Islands, Spain


FC 2010 FULL PAPERS (19 papers, 14.6% acceptance rate)

Dan Kaminsky, IOActive, Len Sassaman, Meredith Patterson, KU Leuven,
PKI Layer Cake: New Collision Attacks Against the Global X.509 Infrastructure
Frank Stajano, University of Cambridge, Ford-Long Wong, Bruce Christianson,
Multichannel protocols to prevent relay attacks
Tom Chothia, University of Birmingham, Vitaliy Smirnov,
A Traceability Attack Against e-Passports
Octavian Catrina, Amitabh Saxena, International University in Germany
Secure Computation With Fixed-Point Numbers
Paul Karger, IBM TJ Watson Research Center, David Toll, IBM, TJ Watson Research Center, Elaine Palmer, IBM, TJ Watson Research Center, Suzanne McIntosh, IBM, TJ Watson Research Center, Samuel Weber, Jonathan Edwards,
Implementing a High-Assurance Smart-Card OS
Jan Camenisch, IBM Research - Zurich, Maria Dubovitskaya, IBM Russian Systems and Technology Laboratory Moscow Engineering Physics Institute, Gregory Neven, IBM Research - Zurich,
Unlinkable Priced Oblivious Transfer with Rechargeable Wallets
Aline Gouget, Gemalto, Sebastien Canard, Orange,
Multiple Denominations in E-cash with Compact Transaction Data
Joseph Bonneau, University of Cambridge, Mike Just, Greg Matthews,
What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions
Benedikt Westermann, Q2S - NTNU, Rolf Wendolsky, Jondos GmbH, Lexi Pimenidis, iDev GmbH, Dogan Kesdogan, University of Siegen,
Cryptographic Protocol Analysis of AN.ON
Sven Schaege, Ruhr-Universitaet Bochum, Joerg Schwenk,
A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys
Emiliano De Cristofaro, UCI, Gene Tsudik, UCI,
Practical Private Set Intersection Protocols with Linear Complexity
Mathias Bjorkqvist, Christian Cachin, Robert Haas, Xiao-Yu Hu, Anil Kurmus, Rene Pawlitzek, Marko Vukolic,
Design and Implementation of a Key-Lifecycle Management System
Tyler Moore, Harvard University, Benjamin Edelman, Harvard Business School,
Measuring the Perpetrators and Funders of Typosquatting
Adam Barth, UC Berkeley, Ben Rubinstein, UC Berkeley, Mukund Sundararajan, Stanford, John Mitchell, Stanford, Dawn Song, UC Berkeley, Peter Bartlett, UC Berkeley,
A Learning-Based Approach to Reactive Security
Kimmo Jvinen, Helsinki University of Technology, Vladimir Kolesnikov, Bell Laboratories, Ahmad-Reza Sadeghi, Ruhr-University Bochum, Thomas Schneider, Ruhr-University Bochum,
Embedded SFE: Offloading Server and Network using Hardware Tokens
Tal Moran, Harvard University, Tyler Moore, Harvard University,
The Phish Market Protocol: Securely Sharing Attack Data Between Competitors
Roger Dingledine, The Tor Project, Tsuen-Wan Ngan, Dan Wallach,
Building Incentives into Tor
Moti Yung, Columbia University, Aggelos Kiayias, Uconn,
Tree-Homomorphic Encryption and Scalable Hierarchical Secret-Ballot Elections
Prithvi Bisht, University of Illinois, Chicago, A. Sistla, University of Illinois, Chicago, V.N. Venkatakrishnan, University of Illinois, Chicago,
Automatically Preparing Safe SQL Queries

FC 2010 SHORT PAPERS (15 papers, 26.1% acceptance rate):

Xiaofeng Chen, Xidian University, Fangguo Zhang, Haibo Tian, Yi Mu, Kwangjo Kim,
Three-round Abuse-free Optimistic Contract Signing With Everlasting Secrecy
Ryan Gardner, Johns Hopkins University, Sujata Garera, Johns Hopkins University, Aviel Rubin, Johns Hopkins University,
Designing for Audit: A Voting Machine with a Tiny TCB
Felix Gröbert, Ruhr University Bochum, Daniel Bußmeyer, Ruhr University Bochum, Jörg Schwenk, Ruhr University Bochum, Christoph Wegener, Ruhr University Bochum,
Attacking of SmartCard-based Banking Applications with JavaScript-based Rootkits
Ulrich Rührmair, Christian Jaeger, Christian Hilgers, Michael Algasinger, György Csaba, Martin Stutzmann, TU Muenchen,
Security Applications of Diodes with Unique Current-Voltage Characteristics
Steven Murdoch, University of Cambridge, Ross Anderson, University of Cambridge
Verified by Visa and MasterCard SecureCode: or, How Not to Design Authentication
Timo Kasper, Ruhr-University Bochum, Christof Paar, Ruhr-University Bochum, Michael Silbermann, Ruhr-University Bochum
All You Can Eat or Breaking a Real-World Contactless Payment System
Toni Perkovic, FESB, Mario Cagalj, FESB, Nitesh Saxena, Polytechnic Institute of NYU,
Shoulder Surfing Safe Login in a Partially Observable Attacker Model
Aniket Kate, University of Waterloo, Ian Goldberg, University of Waterloo,
Using Sphinx to Improve Onion Routing Circuit Construction
Ivan Damgard, Aarhus University, Marcel Keller, Aarhus University,
Secure Multiparty AES
Jorge Guajardo, Bart Mennink, K.U.Leuven, Berry Schoenmakers,
Modulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis
Feng Hao, Thales E-Security,
On robust key agreement based on public key authentication
Bogdan Groza, Politehnica University, Marius Minea, Politehnica University,
A formal approach for automated reasoning about off-line and non-blockable on-line guessing
John Bethencourt, U. of California, Berkeley, Elaine Shi, PARC, Dawn Song, UC Berkeley,
Signatures of Reputation: Towards Trust Without Identity
Paul Syverson, Naval Research Laboratory, Will Yuen, Christopher Thorpe, Zhenming Liu,
Intention-Disguised Algorithmic Trading
Jens Grossklags, Princeton University, Benjamin Johnson, Carnegie Mellon University, Nicolas Christin, Carnegie Mellon University,
When Information Improves Information Security

FC 2010 PANELS (1 panel):

Bernhard Haemmerli, Acris GmbH & University of Applied Sciences Lucerne, Rafael Llarena, Atos Origin, Michael Samson, FI-ISAC y NVB, Thomas Kohler, UBS. Moderator: Henning Arendt, @bc, Previous Chair of European Finance Forum
Importance of Confidential Network Security Information Exchange for Critical Financial Infrastructure (CFI) Protection - views from participants of the PARSIFAL project

FC 2010 POSTERS (7 posters):

Chuan Shi, Jiuling Zhang, Beixing Deng, Xing Li. Tsinghua University.
A New Inverted Index Encryption Method for Statistical Attack Resistance
P. Caballero-Gil, J. Molina-Gil, C. Caballero-Gil and C. Hernández-Goya, University of La Laguna.
Security in Commercial Applications of Vehicular Ad-Hoc Networks
Lilia Georgieva. Heriot-Watt University.
Towards using domain engineering for automatic analysis of cryptographic protocols
Slawomir Grzonkowski. National University of Ireland, Galway.
SeDiCi: An Authentication Service Taking Advantage of Zero-Knowledge Proofs
Pern Hui Chia. Q2S NTNU.
Certification Intermediaries and the Alternative
Tan Teik Guan. Data Security Systems Solutions Pte Ltd.
BetterThanPin: Empowering Users to Fight Phishing
Shujun Li, University of Konstanz, Ahmad-Reza Sadeghi, Ruhr-University of Bochum, Roland Schmitz, Stuttgart Media University.
hPIN/hTAN: Low-Cost e-Banking Secure against Untrusted Computers


John Aycock and John Sullins.
Ethical Proactive Threat Research.
Karsten Loesing, Steven Murdoch and Roger Dingledine.
A Case Study on Measuring Statistical Data in the Tor Anonymity Network.
David Dittrich, Felix Leder and Tillmann Werner.
A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets.
Chris Grier, Kurt A. Thomas and David M. Nicol.
Barriers to Security and Privacy Research in the Web Era.
Erin Kenneally, Michael Bailey and Douglas Maughan.
A Tool for Understanding and Applying Ethical Principles in Network and Security Research.


Seny Kamara and Kristin Lauter (Microsoft Research)
Cryptographic Cloud Storage
Steffen Schulz and Ahmad-Reza Sadeghi (Ruhr-University Bochum)
Extending IPsec for Efficient Remote Attestation
Shin'ichiro Matsuo (NICT), Kunihiko Miyazaki (Hitachi), Akira Otsuka (AIST), and David Basin (ETH Zurich)
How to Evaluate the Security of Real-life Cryptographic Protocols? The cases of ISO/IEC 29128 and CRYPTREC
David Kravitz (Motorola)
Open Mobile Alliance Secure Content Exchange: Introducing Key Management Constructs and Protocols for Compromise-Resilient Easing of DRM Restrictions
Elli Androulaki and Steven M. Bellovin (Columbia University)
A Secure and Privacy-Preserving Targeted Ad-System
Jean-Sebastien Coron (University of Luxembourg), Aline Gouget, Pascal Paillier (CryptoExperts and Gemalto) and Karine Villegas (Gemalto)
SPAKE: a Single-party Public-key Authenticated Key Exchange Protocol for Contact-less Applications

WLC'2010 ACCEPTED PAPERS (Tentative):

Jin Tamura
A note on a fatal error of optimized LFC private information retrieval scheme and its corrected results
J.Melia-Segui, J.Garcia-Alfaro, J.Herrera-Joancomarti:
Analysis and improvement of a pseudorandom number generator for EPC Gen2 tags
D.Engels, X.Fan, G.Gong, H.Hu, E.M.Smith: Hummingbird:
Ultra-Lightweight Cryptography for Resource-Constrained Devices
G.Azuara, J.J.Piles, J.L.Salazar, J.L.Tornos:
Reliable food traceability using RFID tagging
S.Canard, J.Etrog, I.Coisel:
Lighten Encryption Schemes for Secure and Private RFID Systems
V.Auletta, C.Blundo, A.De Caro, E.De Cristofaro, G.Persiano, I.Visconti:
Increasing Privacy Threats in the Cyberspace: the Case of Italian E-Passports
S.Martinez, C.Roig, M.Valls:
Securing the Use of RFID-Enabled Banknotes
A.Poschmann, A.Moradi:
Lightweight Cryptography and DPA Countermeasures: A Survey

This conference is organized annually by the International Financial Cryptography Association .