ACM CCS 2015

22nd ACM Conference on Computer and Communications Security

The Denver Marriot City Center, Denver, Colorado, US

October 12-16, 2015

  • Aspens
  • Pikes Peak
  • Denver Skyline
  • Welcome to Colorado
  • Denver Museum of Nature and Science
  • Denver Zoo
  • Garden of the Gods
  • Rocky Mountain National Park

Keynotes & Invited Talks

Keynote by Dr. Edward Felten


Princeton University

Title: TBD

Date/Time: Tuesday, October 13, 2015 8:30-9:30 AM

Abstract: TBD

Bio:

Edward W. Felten is Deputy U.S. Chief Technology Office and Professor of Computer Science and Public Affairs at Princeton University. His research interests include computer security and privacy, especially relating to media and consumer products; and technology law and policy. He has published about eighty papers in the research literature, and two books. His research on topics such as web security, copyright and copy protection, and electronic voting has been covered extensively in the popular press. His weblog, at freedom-to-tinker.com, is widely read for its commentary on technology, law, and policy.

He was the lead computer science expert witness for the Department of Justice in the Microsoft antitrust case, and he has testified in other important lawsuits. He has testified before the Senate Commerce Committee on digital television technology and regulation, and before the House Administration Committee on electronic voting. In 2004, Scientific American magazine named him to its list of fifty worldwide science and technology leaders.

 

Keynote by Dr. Moti Yung


Google Inc. and Columbia University

Title: From Mental Poker to Core Business: Why and How to Deploy Secure Computation Protocols?

Date/Time: Wednesday, October 14, 2015 8:30-9:30 AM

Abstract:

Technological innovations in security and privacy are critical to advancing modern computing in our time. I will present an effort involving deployment of experimental commercial applications designed and built as a 'secure multi-party computation protocol for specific tasks,' to be used repetitively to achieve a number of concrete ubiquitous business goals. In these applications, the outputs are calculated in the presence of privacy constraints which prevent parties from sharing their individual inputs directly and openly. I will also discuss what I think are the reasons for the inherent difficulty of developing such routines in general (for achieving business goals). In particular, I will survey what I believe to be the reasons that almost 40 years since secure computation protocols was invented as a basic theoretical notion, capturing specific and then general computational tasks, and in spite of its theoretical and even experimentation success, the notion has not yet been widely and seriously used in achieving routine relevant business goals (in contrast with symmetric key and public key cryptosystems and protocols, which were also proposed 40 years ago and are used extensively, primarily to implement secure authenticated channels). The presentation will also cover the general bottom up methodology used in this effort leading to the design and development process. This exemplifying methodology includes: feasibility study of the specific domain, extraction of business needs which are limited by privacy constraints, application analysis from the perspective of utility metrics and secure computing. Then, the methodology further includes design, implementation, and experimentation, guided by the analysis and employing appropriate protocols, while considering scale and performance constraints, and cost overhead that is tolerable.

Bio:

Moti Yung is a computer scientist whose main interests are in cryptography, security, and privacy. He is currently with Google. Yung earned his Ph.D. from Columbia University in 1988. He worked at IBM Research, was a vice president and chief scientist at CertCo, and was director of Advanced Authentication Research at RSA Laboratories. He has held adjunct faculty appointments at Columbia where he co-advised several Ph.D. students over the years, and served as consultant to leading companies and to open projects with various governments as well. Yung's major interests are building em useful foundations for the field based on practical needs, and transforming theoretical ideas into practice. He has contributed extensively to numerous new cryptographic ideas, techniques, protocols, and systems, and to new central notions (such as to innovating the notion of public key cryptosystems secure against chosen-ciphertext attacks -- currently a major requirement from public-key encryption operating on the Internet). He has also contributed to innovative constructions, leading to practical systems implementations in actual large scale systems and networks. Examples of the latter are IBM's SNA network authentication, the distributed certification authority for Visa and Mastercard's SET initiative, the Greek National Lottery system, the security and privacy aspects of Google's global systems such as the Ad Exchange (ADX), the ephemeral ID efforts within Google BLE beacons initiative, and some of Google's most basic privacy practices. Yung's interest in trusted systems has led to inventing the notion of Cryptovirology, which predicted public-key based ransomware, and the notion of Kleptography: a deniable algorithm substitution attacks on cryptosystem, which was allegedly mounted within the deployed American Federal Information Processing Standard detailing the Dual_EC_DRBG.