FCS 2022

Workshop on Foundations of Computer Security 2022

August 11, 2022

Haifa, Israel (a hybrid event)

Affiliated with CSF 2022 (co-located with FLoC 2022)

Format

FCS 2022 will be a hybrid event, and support both in-person and remote attendance.

We plan to support remote attendants who have registered for the workshop by streaming the workshop on Zoom. Participants who are registered for the workshop will be emailed a Zoom link a few days prior to the workshop in order for them to join remotely.

Remote interaction will be made possible through the Zoom chat as well as on a Slack channel whose link will be mailed together with the Zoom one.

CSF and FLoC are currently planned to be in-person only and will not be providing support for remote attendance (i.e., no fancy room/mic equipment). We will do our best using our own equipment to provide good quality video and audio for remote participants.

Background, aim and scope

Computer security is an established field of both theoretical and practical significance. In recent years, there has been sustained interest in the formal foundations of methods used in computer security. The aim of the FCS 2022 workshop is to provide a forum for the discussion of continued research in this area.

FCS 2022 welcomes papers on all topics related to the formal underpinnings of security and privacy, and their applications. The scope of FCS 2022 includes, but is not limited to, formal specification, analysis, and design of cryptographic protocols and their applications; formal definitions of various aspects of security such as access control mechanisms, mobile code security and network security; modeling of information flow and its application to confidentiality policies, system composition, and covert channel analysis; foundations of privacy; applications of formal techniques to practical security and privacy.

We are interested in new theoretical results, in exploratory presentations that examine open questions and raise fundamental concerns about existing theories, and in the development of security/privacy tools using formal techniques. Demonstrations of tools based on formal techniques are welcome, as long as the demonstrations can be carried out on a standard digital projector (i.e., without any specialized equipment). We solicit the submission of both mature work and work in progress.

Possible topics include, but are not limited to:

Automated reasoning techniques
Composition issues
Formal specification
Foundations of verification
Information flow analysis
Language-based security
Logic-based design
Program transformation
Security models
Static analysis
Statistical methods
Tools
Trust management

for

Access control & resource usage control
Authentication
Availability and denial of service
Blockchain & consensus protocols
Covert channels
Confidentiality
Integrity
Intrusion detection
Machine Learning
Malicious code
Mobile code
Mutual distrust
Privacy
Security policies
Security protocols

Program

Remote participation: Click here to join the workshop via Zoom

All times Israel Daylight Time (GMT+3).
  • 9am - 9:15am: Setup and Opening remarks
  • 9:15am - 10:30am: [KEYNOTE] Karim Eldefrawy, SRI International
    Details (click for details)

    Title: Computer-aided Verification and Automated Synthesis of Cryptographic Protocols

    Abstract

    In this talk we summarize our recent efforts developing efficient high-assurance implementations of advanced cryptographic protocol such as secure multi-party computation (MPC) and zero-knowledge (ZK) proof systems. Such high-assurance implementations are automatically extracted from formally verified protocols specifications in EasyCrypt. We show how such automatically extracted implementations do not suffer from a significant performance overhead (as one may initially expect them to), even though they do not incorporate natural performance-boosting optimizations such as parallelism.

    Bio

    Karim Eldefrawy, Ph.D., is a Principal Computer Scientist at the Computer Science Laboratory (CSL) at SRI International. His research interests lie in secure and privacy-preserving computation for distributed systems, and computer-aided formal verification of cryptographic algorithms and protocols. His research is funded by the Defense Advanced Research Project Agency (DARPA), the Department of Homeland Security (DHS), and the Intelligence Advanced Research Projects Activity (IARPA), and (in the past) Boeing and General Motors. Karim served on technical program committees of top academic conferences on security and cryptography and was the information director of ACM Transactions on Privacy and Security (formerly ACM TISSEC) from 2011 to 2015. He taught security and cryptography courses at the University of California at Irvine (UCI) and the University of San Francisco (USF).

  • 10:30am - 11:00am: Break
  • 11:00am - 11:45pm: [Session #1] Blockchain and Real-world Security
    • Session chair: Ethan Cecchetti
    • A Preview to HoRStify: Sound Security Analysis of Smart Contracts. Sebastian Holler, Clara Schneidewind and Sebastian Biewer
    • Automatic Fair Exchanges. Lorenzo Ceragioli, Letterio Galletta, Pierpaolo Degano and Luca Viganò
    • Towards Unlinkable Smartcard-based Payments: an extended abstract. Sergiu Bursuc, Ross Horne, Sjouke Mauw and Semen Yurkov
  • 11:45am - 12:00am: Break
  • 12:00am - 12:30pm: [Session #2] Secure Hardware
    • Session chair: Roberto Blanco
    • Unveiling Security through Obscurity Approach of Intel TDX Remote Attestation. Muhammad Usama Sardar
    • pi_RA: A pi-calculus for verifying protocols that use remote attestation. Emiel Lanckriet, Matteo Busi and Dominique Devriese
  • 12:30pm - 2:00pm: Lunch break
  • 2:00pm - 2:45pm: [Session #3] Analysis for Security and Privacy
    • Session chair: Marco Gaboardi
    • VeNuS: Neural Network Robustness Specifications via Verifier-guided Optimization. Anan Kabaha and Dana Drachsler Cohen
    • Compositional Higher-order Declassification Using Logical Relations. Jan Menz, Andrew K. Hirsch and Deepak Garg
    • Robust Indistinguishability. Amir Houmansadr, Monica Moniot and Adam O'Neill
  • 2:45pm - 2:50pm: Closing remarks

Important dates

Submissions for long papers: Thursday, June 16, 2022 (AOE) (extended)
Submissions for short papers: Thursday, June 16, 2022 (AOE)
Notification of acceptance: July 12, 2022
Workshop August 11, 2022

Submission

FCS 2022 welcomes two kinds of submissions:

  • long papers (at most 12 pages, excluding references and well-marked appendices)
  • short papers (at most 2 pages, excluding references and well-marked appendices)

FCS'22 will employ a light form of double-blind reviewing. Submitted papers must (a) omit any reference to the authors' names or the names of their institutions, and (b) reference the authors' own related work in the third person (e.g., not "We build on our previous work ..." but rather "We build on the work of ..."). Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing the paper more difficult (e.g., important background references should not be omitted or anonymized). The author information will be revealed to the reviewers after reviews are submitted. Please see the CSF conference site for answers to frequently asked questions (FAQ) that address many common concerns. When in doubt, contact the program chairs.

All submissions will be peer-reviewed by the program committee listed below. Authors of accepted papers must guarantee that their papers will be presented at the workshop. Short papers will receive as rigorous a review as long papers.

Papers may be formatted using a two-column proceedings style accepted by IEEE, ACM, or USENIX conferences. The first page should include the paper's title, an abstract, and a list of keywords. Committee members are not required to read appendices, so papers must be intelligible without them. Papers not adhering to the page limits may be rejected without consideration of their merits.

Papers must be submitted online in the PDF format through EasyChair, at the following address: https://easychair.org/conferences/?conf=fcs22. Please do not submit papers in any other format (e.g., Word).

Informal proceedings

The workshop has no published proceedings. Presenting a paper at the workshop should not preclude submission to or publication in other venues (before, after or concurrently with FCS 2022). Papers presented at the workshop will be made available to workshop participants, but this does not constitute an official proceedings.

Program committee

  • Stelios Tsampas (Friedrich-Alexander-Universität Erlangen-Nürnberg)
  • Matthew Kolosick (University of California San Diego)
  • Matvey Soloviev (Cornell University)
  • Chiké Abuah (University of Vermont)
  • Marco Vassena (Utrecht University)
  • Matteo Busi (Ca' Foscari University of Venice)
  • Tegan Brennan (Stevens Institute of Technology)
  • Ioannis Demertzis (University of California)
  • Roberto Blanco (MPI-SP)
  • Eleanor Birrell (Pomona College)
  • Anitha Gollamudi (Yale University)
  • Arthur Azevedo de Amorim (Boston University)
  • Shrutarshi Basu (Harvard University)

Contact

PC chairs:

  • Marco Patrignani (University of Trento): marco [dot] patrignani [at] unitn [dot] it
  • Joe Near (University of Vermont): jnear [at] uvm [dot] edu

Invited speakers chair:

Registration

Registration is done through the main CSF website, which will link to the FLoC registration page. When you register, you will need to check the box for "FCS: Foundations of Computer Security" to register for the workshop.

Students: To apply for free student registration, see here (TBA).

Previous editions