Workshop Program

June 23, 2022 (GMT+2). Please join our workshop via Zoom with meeting ID: 876 0979 2887 (https://uniroma1.zoom.us/j/87609792887).
  • Opening Remarks (9:00-9:10 am, GMT+2, Chair: Jingqiang Lin)
  • Session 1 (9:10-10:10 am, GMT+2, Chair: Jingqiang Lin): Keynote
  • Hey... it’s a PDF. What can go wrong?

    - Christian Mainka and Vladislav Mladenov (Ruhr-University Bochum, Germany)

  • Session 2 (10:20-11:20 am, GMT+2, Chair: Jun Shao)
  • 1. UniqueChain: Achieving (Near) Optimal Transaction Settlement Time via Single Leader Election (10:20-10:40 am)

    - Peifang Ni and Jing Xu

    2. PEPEC: Precomputed ECC Points Embedded in Certificates and Verified by CT Log Servers (10:40-11:00 am)

    - Guangshen Cheng, Jiankuo Dong, Xinyi Ji, Bingyu Li, Haoling Fan and Pinchang Zhang

    3. Efficient Software Implementation of GMT-672 and GMT8-542 Pairing-Friendly Curves for a 128-bit Security Level (11:00-11:20 am)

    - Zihao Song, Junichi Sakamoto, Shigeo Mitsunari, Riku Anzai, Naoki Yoshida and Tsutomu Matsumoto


Keynote: Hey... it’s a PDF. What can go wrong?

By: Dr. Christian Mainka and Dr. Vladislav Mladenov, Ruhr-University Bochum, Germany


Abstract:
The basic idea of a PDF is simple. Users can open a document on different operating systems, and it has the same appearance as its printed equivalent. In the early 1990s, this conformance was a game-changer: it allowed sharing of documents on the Internet. Since then, PDFs have experienced an incredible evolution. The latest PDF standard supports calculation logic, 3D animations, and the filling and submitting of forms. PDF nowadays even supports JavaScript, a well-known scripting language used on websites. PDFs can also be signed and encrypted to ensure confidentiality, authenticity, and integrity.

This talk sheds light on what can go wrong when a user opens a PDF. We present the art of breaking PDF signatures. We highlight the developers' contradictive interpretation of specifications and talk about the difficulties to validate PDF signatures properly. Finally, we conclude with an outlook of further threats raised from documents.

Speaker BIO: Christian Mainka is a post-doctoral researcher at Ruhr-University Bochum. His research covers web and data security topics, presented at academia's and industry's most significant security conferences. His journey began in 2009 with the security impact arising from data description languages such as JSON and XML. Since then, he has filed numerous CVEs in widespread applications and libraries. He also originates the penetration test tools WS-Attacker and the Single Sign-On Burpsuite Extension EsPReSSO. Together with his colleagues, he is developing new cyber attacks on PDF that won first place at the 2019 CSAW Applied Research Competition. At the 2021 ACM Conference on Computer and Communications Security (CCS), his collaborative publication on Cross-Site Leaks in Web Browsers won the Best Paper Award.
Twitter: @chearix

Speaker BIO: Vladislav Mladenov works as a security researcher at the Chair of Network and Data Security at the Ruhr University Bochum since 2012. In his dissertation he analyzed the security of Single Sign-On protocols such as SAML 2.0, OpenID, OpenID Connect and OAuth and discovered various vulnerabilities. After completing his doctorate Vladislav Mladenov works as a PostDoc and additionally devotes his attention to the security of data description languages, e.g. JSON, XML and PostScript. Since 2018, Mr. Mladenov focused his research on the security of office documents and recently published several attacks on PDFs.
Twitter: @v_mladenov

Accepted Papers

  • #1 - UniqueChain: Achieving (Near) Optimal Transaction Settlement Time via Single Leader Election
  • #2 - PEPEC: Precomputed ECC Points Embedded in Certificates and Verified by CT Log Servers
  • #3 - Efficient Software Implementation of GMT-672 and GMT8-542 Pairing-Friendly Curves for a 128-bit Security Level

Note: Each accepted workshop paper needs one registration at full rate before (13th May), no matter student author or not. Please refer to ACNS 2022 registration link to finish this process.



ACNS Workshop on SCI: Call for Papers

In recent years, we have witnessed severe security incidences caused by buggy protocols or implementations of cryptographic algorithms: POODLE, DROWN, OpenSSL Heartbleed, Windows certificate validation vulnerabilities, PDF shadow attacks, Google Titan Token Bluetooth bugs, etc. It is critical for practitioners and researchers to ensure the security of cryptographic software and hardware, which are essential for a wide range of systems, services, and applications.

The aim of the SCI workshop is to provide an international forum of scientific research and development to explore the security issues in the implementation and deployment of cryptographic solutions. We are interested in these main aspects: (1) vulnerabilities and defenses in the implementation of cryptographic algorithms; (2) vulnerabilities and defenses in the implementation of cryptographic protocols; (3) defective cryptographic algorithms and protocols deployed in the wild; (3) weak cryptographic keys and random numbers in the cryptographic implementation; (4) runtime cryptographic key attacks and protections; (5) certificates and key management; (6) misuse or abuse of cryptographic services; and (7) other topics on secure cryptographic implementations.

We try to promote secure cryptographic solutions in the Internet, by exploring and discussing the (in)security issues. We solicitat submissions of original research papers on a wide range of topics, including but not limited to:

  • Secure implementations of crypto algorithms & protocols
  • Fuzzing and vulnerabilities of crypto algorithms & protocols
  • Measurement of cryptographic solutions in the wild, defective or updated
  • Designs of random bit generators
  • Weak cryptographic keys and defective random bit generators
  • Side channel attacks and defenses
  • Cryptographic key protections and memory attacks
  • PKI certificate services and key management
  • HTTPS/TLS vulnerabilities and attacks
  • Measurement and bugs of certificate-based solutions
  • Audit and monitoring of cryptographic services
  • Physical attacks and defenses of cryptographic implementation
  • Verification and evaluation of cryptographic implementation
  • High-performance cryptographic engines
  • Cryptographic hardware
  • Cryptography for Blockchain
  • Cryptography for IoT/CPS
  • Cryptography for the Cloud
  • Cryptography for Mobile systems
  • Cryptography for VANET

We are especially interested in papers with novel ideas, position papers, pilot studies, and initial findings. ACNS will also award two best papers from the 2022 ACNS workshops (AIBlock, AIHWS, AIoTS, CIMSS, Cloud S&P, SCI, SecMT, and SiMLA). They will share the award of 1000 USD, which is sponsored by Frontiers in Communications and Networks. A paper from SCI won the best workshop paper last year! Meanwhile, the workshop will include an interesting keynote talk, which will be announced on the workshop web site as arrangements are finalized.

Prospective authors are invited to submit manuscripts describing original work. The manuscript has to be written in English and in PDF format. All submissions must follow the original LNCS format (see http://www.springeronline.com/lncs) with a page limit of 18 pages including all references and appendices.

The proceedings of the SCI workshop will be published by Springer in the LNCS series.

Submit your papers: https://easychair.org/conferences/?conf=acnssci2022

Program Committee

  • Florian Caullery HENSOLDT Cyber GmbH, Germany
  • Bo Chen Michigan Technological Univ., USA
  • Jiankuo Dong Nanjing University of Posts and Telecommunications, China
  • Niall Emmart NVIDIA Corporation, USA
  • Johann Großschädl University of Luxembourg, Luxembourg
  • Miroslaw Kutylowski Wroclaw University of Technology, Poland
  • Rongxing Lu University of New Brunswick, Canada
  • Bingyu Li Beihang University, China
  • Fengjun Li University of Kansas, USA
  • Ximeng Liu Fuzhou University, China
  • Chunli Lv China Agricultural University, China
  • Di Ma ZDNS, CHINA
  • Yuan Ma Chinese Academy of Sciences, China
  • Ziqiang Ma Ningxia University, China
  • Zhiguo Wan Shandong University, China
  • Ding Wang Nankai University, China
  • Juan Wang Wuhan University, China
  • Fan Zhang Zhejiang University, China
  • Fangyu Zheng Chinese Academy of Sciences, China
  • Cong Zuo Nanyang Technological University, Singapore


In Conjunction with
ACNS 2022

Important Dates:

Paper submission:
March 28, 2022. 23:59, AoE

Acceptance Notification:
April 15, 2022

Camera ready:
May 1, 2022

Workshop Chairs:

Dr. Jingqiang Lin
University of Science and Technology of China
linjq <at> ustc.edu.cn

Dr. Jun Shao
Zhejiang Gongshang University
chn.junshao <at> gmail.com

Publication Chair

Dr. Bo Luo
University of Kansas
bluo <at> ku.edu

Publicity Co-chairs:

Hao Peng
Zhejiang Normal University

Fangyu Zheng
Chinese Academy of Sciences

Past SCI Workshops

ACNS Workshop on SCI 2021

ACNS Workshop on SCI 2020