Sem­in­ar: Cur­rent Top­ics in IT Se­cur­ity

Topics

1) TLS 1.3 and 0-RTT: Novelties, changes, issues

2) Nonce misuse-resistant encryption: objective, goals, definitions, constructions

3) Same-Origin Policy: Evaluation in Modern Browsers

4) May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519

5) A Large-Scale Empirical Study of Security Patches

6) Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS

7) Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web

8) Broken Hearted: How To Attack ECG Biometrics

9) Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks

10) Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services

11) Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin

12) Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation

13) Code-reuse attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets

14) Measuring small subgroup attacks against Diffie-Hellman