Security and Privacy Lunch

People interested in network security and privacy meet once a week over lunch break and watch videos related to security and privacy recorded at high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, USENIX Security, ...) as well as TED talks. After the presentation, there will likely be a short discussion and brainstorming related to the presentation. This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Watching and talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

Organizational Information

  • Contact: Martin Henze
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Date: Mondays, 12:30-13:15h (please follow the mailing list for announcements and last minute changes)
  • Place: COMSYS seminar room (Room 9007, Ground Floor, E3 Building)
  • First meeting: Monday, April 24
  • Please bring your own lunch
  • Suggestions for videos are very welcome, please contact Martin Henze

Preliminary Schedule

Date Topic
2017-04-24 Traces of Personal Data and Actions
1.) A new way to stop identity theft (David Birch @ TEDxSussexUniversity 2012)
2.) Online tracking: A 1-million-site measurement and analysis (Steven Englehardt, Arvind Narayanan @ ACM CCS 2016) - last minutes of video missing
2017-05-01 Cancelled - May Day
2017-05-08 Evolution of Economy through Blockchains? 
1.) How the blockchain will radically transform the economy (Bettina Warburg @ TEDSummit 2016)
2.) Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts (Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, Charalampos Papamanthou @ IEEE S&P 2016)
2017-05-15 Smart Homes, Cars and Phones - Privacy Breaches in a Smart World
1.) All your devices can be hacked (Avi Rubin @ TEDxMidAtlantic 2011)
2.) Security Analysis of Emerging Smart Home Applications (Earlence Fernandes, Jaeyeon Jung, Atul Prakash @ IEEE S&P 2016)
2017-05-22 Secure In-Network Functionality for Encrypted Connections
Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS (David Naylor, Kyle Schomp, Matteo Varvello, Ilias Leontiadis, Jeremy Blackburn, Diego R. Lopez, Konstantina Papagiannaki, Pablo Rodriguez Rodriguez, Peter Steenkiste @ ACM SIGCOMM 2015)
2017-05-29 Censorship Resistance for Web Browsing
Slitheen: Perfectly imitated decoy routing through traffic replacement (Cecylia Bocovich, Ian Goldberg @ ACM CCS 2016)
2017-06-05 Cancelled - Whit Monday
2017-06-12 Secure Multi-Party Computation
Everlasting Multi-party Computation (Dominique Unruh @ CRYPTO 2013)
2017-06-19 Cancelled - Workshop Smart Contracts & Blockchain by Senacor
2017-06-26 Private Computation of Statistics
Prio: Private, Robust, and Scalable Computation of Aggregate Statistics (Henry Corrigan-Gibbs, Dan Boneh @ USENIX NSDI 2017)
2017-07-03 Routing Attacks on Bitcoin
Hijacking Bitcoin: Routing Attacks on Cryptocurrencies (Maria Apostolaki, Aviv Zohar, Laurent Vanbever @ IEEE S&P 2017)
2017-07-10 Tracking Users Based on TLS Client Certificates
Push Away Your Privacy: Precise User Tracking Based on TLS Client Certificate Authentication (Matthias Wachs, Quirin Scheitle, Georg Carle @ IEEE/IFIP TMA 2017)
2017-07-17 Stealing Machine Learning Models
Stealing Machine Learning Models via Prediction APIs (Florian Tramèr, Fan Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart @ USENIX Security 2016)
2017-07-24 Secure Multiparty Computation in the Wild
Secure Multiparty Computation at Google (Ben Kreuter @ RWC 2017)
2017-07-31 Scalable Distribution of TLS Revocations
CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers (James Larish, David Choffnes, Dave Levin @ IEEE S&P 2017)
2017-08-07 Cancelled - Exam corrections
2017-08-14 Attacks on Bitcoin Pool Mining
Hardening Stratum, the Bitcoin Pool Mining Protocol (Ruben Recabarren, Bogdan Carbunar @ PETS 2017)
2017-08-21 Fingerprinting Browser Extensions
XHOUND: Quantifying the Fingerprintability of Browser Extensions (Oleksii Starov, Nick Nikiforakis @ IEEE S&P 2017)
2017-08-28 Acquiring Bogus TLS Certificates by Attacking BGP
Using BGP to Acquire Bogus TLS Certificates (Henry Birge-Lee, Yixin Sun, Annie Edmundson, Jennifer Rexford, Prateek Mittal @ HotPETS 2017)
2017-09-04 Protecting Anonymous Communication Networks Against Routing Attacks
Counter-RAPTOR: Safeguarding Tor Against Active Routing Attacks (Yixin Sun, Anne Edmundson, Nick Feamster, Mung Chiang, Prateek Mittal @ IEEE S&P 2017)
2017-09-11 Privacy protection of public-data queries
Splinter: Practical Private Queries on Public Data (Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan, Matei Zaharia @ USENIX NSDI 2017)
2017-09-18 Who intercepts our secure connections and does it affect security levels?
The Security Impact of HTTPS Interception (Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman, Vern Paxson @ NDSS 2017)
2017-09-25 Verifying the Networking Behavior of Cryptographic Clients
A System to Verify Network Behavior of Known Cryptographic Clients (Andrew Chi, Robert A. Cochran, Marie Nesfield, Michael K. Reiter, Cynthia Sturton @ USENIX NSDI 2017)


Our security and privacy lunch continues in the winter semester!

- Impressum | Datenschutz -