Keynotes: Main Conference

Democratizing Election Verification: New Methods for Addressing An Ancient Attacker Model



Prof. Vanessa Teague
Associate Professor (Adj.)
Australian National University, Thinking Cybersecurity Pty. Ltd., and Democracy Developers Ltd.

Abstract: Elections are a special security problem because it is not good enough for systems to be secure and results correct – they must also be verifiably so. Even leaving aside the psychological aspects (some people don’t believe evidence, or don’t understand mathematically-based evidence), many nations’ election systems fall far short of this goal. In this talk I’ll discuss a setting increasingly common in the US, Australia and elsewhere: citizens vote privately on paper, then the votes are digitized and counted electronically. Sounds simple, doesn’t it? But producing publicly verifiable evidence of a correct outcome requires carefully-designed processes. Also, running these processes meaningfully requires active involvement from the public. I’ll discuss the attacker model and process of verifiable election audits. I’ll then explain our groundbreaking techniques for auditing instant-runoff (IRV) elections and other complex social choice functions, and describe important open problems, particularly for the single transferable vote.
Based on joint work with Michelle Blom, Andrew Conway, Alexander Ek, Philip B Stark, Peter J Stuckey and Damjan Vukcevic.
Speaker’s Bio: Vanessa Teague’s research focuses primarily on cryptographic methods for achieving security and privacy, particularly for issues of public interest such as election integrity and the protection of government data. She was part of the team (with Chris Culnane and Ben Rubinstein) who discovered the easy re-identification of doctors and patients in the Medicare/PBS open dataset released by the Australian Department of Health. She has co-designed numerous protocols for improved election integrity in e-voting systems, and co-discovered serious weaknesses in the cryptography of deployed e-voting systems in New South Wales, Western Australia and Switzerland. She lives and works on Wurundjeri land in Southeastern Australia (near Melbourne). In 2023 she founded Democracy Developers Ltd, an Australian not-for-profit that builds open-source software for supporting democracy.

Rethinking IoT Security: Understanding and Mitigating Out-of-Band Vulnerabilities



Prof. Wenyuan Xu
Zhejiang University

Abstract: Vulnerabilities pose a significant challenge in ensuring cyberse-security for information systems. In the past, vulnerabilities were mainly associated with functional defects in system software and hardware, known as “in-band vulnerabilities,” whereby “band” refers to the functional domain. However, with the rapid development of the Internet of Things (IoT), new security issues have emerged that traditional vulnerability categorization may not fully cover. IoT devices rely on sensors and actuators to interact with the real world, but this interaction process between physical and digital systems has created defects that are difficult to analyze and detect.

These defects include unintentional coupling effects of sensors from ambient analog signals or abnormal channels that were not intentionally designed, collectively known as “out-of-band vulnerabilities.” Various security incidents have highlighted the prevalence of out-of-band vulnerabilities in IoT systems, and their activation can result in serious consequences.
To address this issue, we propose a vulnerability categorization framework that includes out-of-band vulnerabilities and provides examples for each category. Our talk highlights the need to shift the research paradigm for system security to encompass both in-band and out-of-band vulnerabilities in the intelligence era. Finally, we explore potential solutions for mitigating out-of-band vulnerabilities and securing IoT devices.
Speaker’s Bio: Wenyuan Xu is a Professor in the College of Electrical Engineering at Zhejiang University. She received her Ph.D. in Electrical and Computer Engineering from Rutgers University in 2007. Prior to joining Zhejiang University in 2013, she was a tenured faculty member in the Department of Computer Science and Engineering at the University of South Carolina in the United States. Her research focuses on embedded systems security, smart systems security, and IoT security. She is a recipient of the National Science Fund for Distinguished Young Scholars of China, the NSF CAREER award, and various best-paper awards including ACM CCS 2017 and ACM AsiaCCS 2018. In addition, she is a program committee co-chair for NDSS 2022-2023 and USENIX Security 2024, and serves as an associate editor for IEEE TMC, ACM TOSN, and TPS.

Formal Methods for Payment Protocols

David Basin, Professor am D-MATH


Prof. David Basin
ETH Zurich

Abstract: We report on experience using Tamarin, a security protocol model checker, to find numerous, serious exploitable vulnerabilities in EMV payment protocols.  EMV is the international protocol standard for smartcard payment that is used in over 9 billion payment cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are hard to spot in EMV’s lengthy and complex specification, running over 2,000 pages.

We have formalized a comprehensive model of EMV in Tamarin. We use our model to automatically discover new flaws that lead to critical attacks on EMV.  In particular, an attacker can use a victim’s EMV card (e.g., Mastercard or Visa Card) for high-valued purchases without the victims PIN.  Said more simply, the PIN on your EMV card is useless!  We describe these attacks, their repair, and more generally why using formal methods is essential for critical protocols like payment protocols.

Speaker’s Bio: David Basin is a full professor of Computer Science at ETH Zurich, since 2003.  His research areas are Information Security and Software Engineering. He is the founding director of the ZISC, the Zurich Information Security Center, which he led from 2003-2011. He served as Editor-in-Chief of the ACM Transactions on Privacy and Security (2015-2020) and of Springer-Verlag’s book series on Information Security and Cryptography (2008-present). He has co-founded three security companies, is on the board of directors of Anapaya Systems AG, and on various management and scientific advisory boards. He is an IEEE Fellow and an ACM Fellow.

Model Stealing Attacks and Defenses: Where are we now?



Prof. N. Asokan
Professor and David R. Cheriton Chair
The University of Waterloo

Abstract: The success of deep learning in many application domains has been nothing short of dramatic. This has brought the spotlight onto security and privacy concerns with machine learning (ML). One such concern is the threat of model theft. I will discuss work on exploring the threat of model theft, especially in the form of “model extraction attacks”  — when a model is made available to customers via an inference interface, a malicious customer can use repeated queries to this interface and use the information gained to construct a surrogate model.

I will also discuss possible countermeasures, focusing on deterrence mechanisms that allow for model ownership resolution (MOR) based on watermarking or fingerprinting. In particular, I will discuss the robustness of MOR schemes. I will touch on the issue of conflicts that arise when protection mechanisms for multiple different threats need to be applied simultaneously to a given ML model, using MOR techniques as a case study.

This talk is based on work done with my students and collaborators, including Buse Atli Tekgul, Jian Liu, Mika Juuti, Rui Zhang, Samuel Marchal, and Sebastian Szyller. The work was funded in part by Intel Labs in the context of the Private AI consortium.

Speaker’s Bio: N. Asokan is a professor of computer science and a David R. Cheriton Chair at the University of Waterloo where he also serves as the executive director of the Cybersecurity and Privacy Institute. Asokan is an ACM Fellow and an IEEE Fellow. More information about his work is on his website at