FCS 2020

Workshop on Foundations of Computer Security 2020

June 22, 2020
Boston, MA, USA

Affiliated with CSF 2020

Background, aim and scope

Computer security is an established field of both theoretical and practical significance. In recent years, there has been sustained interest in the formal foundations of methods used in computer security. The aim of the FCS 2020 workshop is to provide a forum for the discussion of continued research in this area.

FCS 2020 welcomes papers on all topics related to the formal underpinnings of security and privacy, and their applications. The scope of FCS 2020 includes, but is not limited to, formal specification, analysis, and design of cryptographic protocols and their applications; formal definitions of various aspects of security such as access control mechanisms, mobile code security and network security; modeling of information flow and its application to confidentiality policies, system composition, and covert channel analysis; foundations of privacy; applications of formal techniques to practical security and privacy.

We are interested in new theoretical results, in exploratory presentations that examine open questions and raise fundamental concerns about existing theories, and in the development of security/privacy tools using formal techniques. Demonstrations of tools based on formal techniques are welcome, as long as the demonstrations can be carried out on a standard digital projector (i.e., without any specialized equipment). We solicit the submission of both mature work and work in progress.

Possible topics include, but are not limited to:

Automated reasoning techniques
Composition issues
Formal specification
Foundations of verification
Information flow analysis
Language-based security
Logic-based design
Program transformation
Security models
Static analysis
Statistical methods
Tools
Trust management

for

Access control & resource usage control
Authentication
Availability and denial of service
Covert channels
Confidentiality
Integrity
Intrusion detection
Malicious code
Mobile code
Mutual distrust
Privacy
Security policies
Security protocols

Program

All times EDT.
  • 10am - 10:10am: Opening remarks
  • 10:10am - 11:10am: [KEYNOTE] Bryan Parno [video]
    The talk info

    Developing High-Performance Mechanically-Verified Cryptographic Code

    Project Everest is constructing a high-performance, standards-compliant, formally verified implementation of the HTTPS ecosystem, including TLS, X.509, and the core cryptographic algorithms. This talk will present an overview of how we verify our implementations are correct, cryptographically secure, and resilient to basic side channels. We will focus on our EverCrypt cryptographic provider, a comprehensive collection of verified, cryptographic functionalities (available via a carefully designed API) whose performance matches or exceeds the best unverified implementations. The talk will conclude with lessons learned in the process of verifying over 124K lines of code and proof.

    Bio:

    Bryan Parno is an Associate Professor with a joint appointment in Carnegie Mellon University's Computer Science Department and Electrical & Computer Engineering Department, and a Senior Member of ACM and IEEE. After receiving a Bachelor's degree from Harvard College, he completed his PhD working with Adrian Perrig at Carnegie Mellon University, where his dissertation won the 2010 ACM Doctoral Dissertation Award. He then spent six years as a Researcher in Microsoft Research before returning to CMU.

    Bryan's research is primarily focused on investigating long-term, fundamental improvements in how to design and build secure systems. In 2011, he was selected for Forbes' 30-Under-30 Science List. He formalized and worked to optimize verifiable computation, receiving a Best Paper Award at the IEEE Symposium on Security and Privacy for his advances. He coauthored a book on Bootstrapping Trust in Modern Computers, and his work in that area has been incorporated into the latest security enhancements in Intel CPUs. His research into security for new application models was incorporated into Windows and received Best Paper Awards at the IEEE Symposium on Security and Privacy and the USENIX Symposium on Networked Systems Design and Implementation. He has recently extended his interest in bootstrapping trust to the problem of building practical, formally verified secure systems, for which he received two Distinguished Paper Awards. His other research interests include user authentication, secure network protocols, and security in constrained environments (e.g., RFID tags, sensor networks, or vehicles).

  • 11:25am - 12:20pm: [Session #1] Blockchain
    • Session chairs: Joe Near and Isaac Sheff
    • On the Optimality of Optimistic Responsiveness. Ittai Abraham, Kartik Nayak, Ling Ren and Nibesh Shrestha [video]
    • Anonymity Trilemma: not all is lost for anonymity, but quite a lot is. Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi and Aniket Kate [video] [slides]
    • Practical and Verifiable Electronic Sortition. Hsun Lee and Hsu-Chun Hsiao [video] [paper]
    • Virtual coffee and Q & A
  • Lunch break
  • 1:30pm - 2:35pm: [Session #2] Root of trust and side channels
    • Session chairs: Kartik Nayak and Mu Zhang
    • What’s Necessary to Establish Malware Freedom Unconditionally? Virgil Gligor [video] [paper] [slides]
    • Constant-Time Foundations for the New Spectre Era. Sunjay Cauligi, Craig Disselkoen, Klaus V. Gleissenthall, Dean Tullsen, Deian Stefan, Tamara Rezk and Gilles Barthe [video]
    • Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade. Marco Vassena, Klaus Von Gleissenthall, Rami Gökhan Kıcı, Deian Stefan and Ranjit Jhala [video]
    • Virtual coffee and Q & A
  • 2:45pm - 3:25pm: [Session #3] Information flow control
    • Session chairs: Elisavet Kozyri and Danfeng Zhang
    • Noninterference Half-Off: The Semantics of Program Counter Labels and Effects. Andrew Hirsch and Ethan Cecchetti [video] [paper]
    • PER-based certification of secure information flow. Andrzej Filinski, Thomas Jensen and Ken Friis Larsen [video] [paper] [slides]
    • Zeebra: compiler for a low-level language with IFC. Christoffer Müller Madsen, Jon Michael Aanes and Aslan Askarov [video]
    • Virtual coffee and Q & A
  • 3:30pm - 4:05pm: [Session #4] Formal methods, PKI, and AI
    • Session chairs: Josh Gancher and Niki Vazou
    • Adversarial Robustness of AI Agents Acting in Probabilistic Environments. Lisa Oakley, Alina Oprea and Stavros Tripakis [video] [paper]
    • Synthesis of Deceptive Cyberdefense with Temporal Logic Constraints. Abhishek Kulkarni and Jie Fu [video] [paper]
    • Assertion-Carrying Certificates. Waqar Aqeel, Zachary Hanif, James Larisch, Olamide Omolola, Taejoong Chung, Dave Levin, Bruce Maggs, Alan Mislove, Bryan Parno and Christo Wilson [video] [paper] [slides]
    • The Fox and the Hound: Comparing Fully Abstract and Robust Compilation. Carmine Abate and Matteo Busi [video]
    • Virtual coffee and Q & A
  • Closing remarks

Important dates

Submissions for full papers: Extended: May 8th 2020 (AOE)
Deadline for short papers (1 page abstract): May 17th 2020 (AOE)
Notification of acceptance: May 31st 2020
Workshop June 22nd, 2020

Submission

FCS 2020 welcomes two kinds of submissions:

  • full papers (at most 12 pages, excluding references and well-marked appendices)
  • short papers (at most 1 page, excluding references and well-marked appendices)

FCS'20 will employ a light form of double-blind reviewing. Submitted papers must (a) omit any reference to the authors' names or the names of their institutions, and (b) reference the authors' own related work in the third person (e.g., not "We build on our previous work ..." but rather "We build on the work of ..."). Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing the paper more difficult (e.g., important background references should not be omitted or anonymized). The author information will be revealed to the reviewers after reviews are submitted. Please see the CSF conference site for answers to frequently asked questions (FAQ) that address many common concerns. When in doubt, contact the program chairs.

All submissions will be peer-reviewed by the program committee listed below. Authors of accepted papers must guarantee that their papers will be presented at the workshop. Extended abstracts will receive as rigorous a review as full papers. Extended abstracts may receive shorter talk slots at the workshop than full papers, depending on the number of accepted submissions.

Papers should be formatted using the two-column IEEE proceedings style available for various document preparation systems at the IEEE Conference Publishing Services page http://www.ieee.org/conferences_events/conferences/publishing/templates.html. The first page should include the paper's title, an abstract, and a list of keywords. Committee members are not required to read appendices, so papers must be intelligible without them. Papers not adhering to the page limits may be rejected without consideration of their merits.

Papers must be submitted online in the PDF format through EasyChair, at the following address: https://easychair.org/conferences/?conf=fcs20. Please do not submit papers in any other format (e.g., Word).

Informal proceedings

The workshop has no published proceedings. Presenting a paper at the workshop should not preclude submission to or publication in other venues (before, after or concurrently with FCS 2020). Papers presented at the workshop will be made available to workshop participants, but this does not constitute an official proceedings.

Program committee

  • Alejandro Russo (Chalmers)
  • Andrew Hirsch (MPI-SWS)
  • Aseem Rastogi (Microsoft Research India)
  • Danfeng Zhang (Penn State University)
  • Elisavet Kozyri (Harvard University)
  • Elaine Shi (Cornell University) Co-chair
  • Heiko Mantel (TU Darmstadt)
  • Hsu-Chun Hsiao (National Taiwan University)
  • Joe Near (University of Vermont)
  • Joshua Gancher (Cornell University)
  • Mu Zhang (University of Utah)
  • Niki Vazou (IMDEA)
  • Nikos Vasilakis (Massachusetts Institute of Technology)
  • Owen Arden (UC Santa Cruz) Co-chair
  • Pablo Buiras (KTH)
  • Piotr Mardziel (Carnegie Mellon University)
  • Scott Moore (Galois)
  • Siyao Guo (NYU Shanghai)
  • Yu Yu (Shanghai Jiao Tong University)

Contact

The PC chairs can be contacted at the following addresses:
  • Owen Arden (UC Santa Cruz): owen [at] soe [dot] ucsc [dot] edu
  • Elaine Shi (Cornell): runting [at] gmail [dot] com

Registration

Registration is done through the main CSF website. Students: To apply for free student registration, please fill out this form.

Previous editions