• Home >
  • Accepted Papers

Best Papers

The best paper award was given to two papers at ESORICS 2019:

Ilias Giechaskiel, Youqian Zhang and Kasper Rasmussen: “A Framework for Evaluating Security in the Presence of Signal Injection Attacks”

Jacqueline Brendel, Marc Fischlin and Felix Günther: “Breakdown Resilience of Key Exchange Protocols: NewHope, TLS 1.3, and Hybrids”

Accepted Papers

Authors Paper
Martin Albrecht, Loenzo Grassi, Leo Perrin, Sebastian Ramacher, Christian Rechberger, Dragos Rotaru, Arnab Roy and Markus Schofnegger. Feistel Structures for MPC, and More
Saed Alrabaee, El Mouatez Karbab, Lingyu Wang and Mourad Debbabi. BinEye: Towards Efficient Binary Authorship Characterization Using Deep Learning
Emma Arfelt, David Basin and Søren Debois. Monitoring the GDPR
Gildas Avoine, Sébastien Canard and Loïc Ferreira. IoT-friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-key Cryptography
Gilles Barthe, Sonia Belaïd, Gaëtan Cassiers, Pierre-Alain Fouque, Benjamin Grégoire and François-Xavier Standaert. Automated Verification of Higher-Order Masking in Presence of Physical Defaults
Alex Belkin, Nethanel Gelernter and Israel Cidon. The Risks of WebGL: Analysis, Evaluation and Detection
Jacqueline Brendel, Marc Fischlin and Felix Günther. Breakdown Resilience of Key Exchange Protocols: NewHope, TLS 1.3, and Hybrids
Sergiu Bursuc and Steve Kremer. Contingent payments on a public ledger: models and reductions for automated verification
Maxime Buser, Joseph K. Liu, Ron Steinfeld, Amin Sakzad and Shi-Feng Sun. A Dynamic & Revocable Group Merkle Signature
Matteo Cagnazzo, Norbert Pohlmann and Thorsten Holz. GDPiRated – Stealing Personal Information On- and Offline
Stefano Calzavara, Alvise Rabitti, Alessio Ragazzo and Michele Bugliesi. Testing for Integrity Flaws in Web Sessions
Darion Cassel, Yan Huang and Limin Jia. Uncovering Information Flow Policy Violations in C Programs
Stefanos Chaliasos, George Metaxopoulos, George Argyros and Dimitris Mitropoulos. Mime Artist: Bypassing Whitelisting for the Web with JavaScript Mimicry Attacks

Shan Chen, Samuel Jero, Matthew Jagielski, Alexandra Boldyreva and Cristina Nita-Rotaru. Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC
Lingguang Lei, Yuewu Wang, Dawei Chu, Yanchu Li, Jiwu Jing and Kun Sun OCRAM-assisted Sensitive Data Protection on ARM-based Platform
Max Curran, Xiao Liang, Himanshu Gupta, Omkant Pandey and Samir Das. ProCSA: Protecting Privacy in Crowdsourced Spectrum Allocation
Hung Dang, Ee-Chien Chang and Dat Le Tien. Towards a Marketplace for Secure Outsourced Computations
Nicolai Davidssoon, Andre Pawlowski and Thorsten Holz. Towards Automated Application-Specific Software Stacks
Alexandre Debant, Stephanie Delaune and Cyrille Wiedling. Symbolic analysis of terrorist fraud resistance
Keita Emura, Shuichi Katsumata and Yohei Watanabe. Identity-Based Encryption with Security against the KGC: A Formal Model and Its Instantiation from Lattices
Nils Fleischhacker, Giulio Malavolta and Dominique Schroeder. Arithmetic Garbling from Bilinear Maps
Behrad Garmany, Martin Stoffel, Robert Gawlik and Thorsten Holz. Static Detection of Uninitialized Stack Variables in Binary Code
Ilias Giechaskiel, Youqian Zhang and Kasper Rasmussen.  A Framework for Evaluating Security in the Presence of Signal Injection Attacks
Sébastien Gondron and Sebastian A. Mödersheim. Formalizing and Proving Privacy Properties of Voting Protocols using Alpha-Beta Privacy
Juan Guarnizo and Pawel Szalachowski. Practical Data Feed Service for Smart Contracts
Hui Guo, Zhenfeng Zhang, Jing Xu and Mingyuan Xia. Generic Traceable Proxy Re-Encryption and Accountable Extension in Consensus Network
Jaybie de Guzman, Kanchana Thilakarathna and Aruna Seneviratne. A First Look into Privacy Leakage in 3D Mixed Reality Data
Vincent Haupert and Stephan Gabert. Where to Look for What You See Is What You Sign? User Confusion in Transaction Security
Ross Horne, Sjouke Mauw, Zach Smith and Ihor Filimonov. Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity
Hugo Jonker, Benjamin Krumnow and Gabry Vlot. Fingerprint surface-based detection of web bot detectors
Yusuke Kawamoto and Takao Murakami. Local Obfuscation Mechanisms for Hiding Probability Distributions
Shabnam Kasra Kermanshahi, Joseph Liu, Ron Steinfeld and Surya Nepal. Generic Multi-keyword Ranked Search on Encrypted Cloud Data
Florian Kerschbaum and Anselme Tueno. An Efficiently Searchable Encrypted Data Structure for Range Queries
Duc Le, Mahimna Kelkar and Aniket Kate. Flexible Signatures: Making Authentication Suitable for Real-Time Environments
Xiaoning Liu and Xun Yi. Privacy-Preserving Collaborative Medical Time Series Analysis based on Dynamic Time Warping
Zhen Liu, Khoa Nguyen, Guomin Yang, Huaxiong Wang and Duncan S. Wong. A Lattice-based Linkable Ring Signature Supporting Stealth Addresses
Kangjie Lu, Aditya Pakki and Qiushi Wu. Automatically Identifying Security Checks for Detecting Kernel Semantic Bugs
Siqi Ma, Elisa Bertino, Robert Deng, Juanru Li, Diet Ostry, Surya Nepal and Sanjay Jha. Finding Flaws from Password Authentication Code in Android Apps
Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi. Proactivizer: Transforming Existing Verification Tools into Efficient Solutions for Runtime Security Enforcement
Weizhi Meng, Wenjuan Li, Lijun Jiang, Kim-Kwang Raymond Choo and Chunhua Su. Practical Bayesian Poisoning Attacks on Challenge-based Collaborative Intrusion Detection Networks
Loïc Miller and Cristel Pelsser.  A Taxonomy of Attacks using BGP Blackholing
Kazuhiko Minematsu and Norifumi Kamiya. Symmetric-key Corruption Detection : When XOR-MACs Meet Combinatorial Group Testing
Duncan Mitchell and Johannes Kinder. A Formal Model for Checking Cryptographic API Usage in JavaScript
Chris Novakovic and David Parker. Automated Formal Analysis of Side-Channel Attacks on Probabilistic Systems
Momen Oqaily, Yosr Jarraya, Lingyu Wang, Mengyuan Zhang, Makan Pourzandi and Mourad Debbabi. iCAT: An Interactive Customizable Anonymization Tool
Henrique G. Pereira and Philip W. L. Fong. SEPD: An Access Control Model for Resource Sharing in an IoT Environment
Tran Viet Xuan Phuong, Willy Susilo, Guomin Yang, Jongkil Kim and Dongxi Liu. Puncturable Proxy Re-Encryption supporting to Group Messaging Service
Yue Qin, Chi Cheng and Jintai Ding. A Complete and Optimized Key Mismatch Attack on NIST Candidate NewHope
Erwin Quiring, Matthias Kirchner and Konrad Rieck. On the Security and Applicability of Fragile Camera Fingerprints
Juan E. Rubio, Mark Manulis, Cristina Alcaraz and Javier Lopez. Enhancing Security and Dependability of Industrial Networks with Opinion Dynamics
Michael Schwarz, Martin Schwarzl, Moritz Lipp, Jon Masters and Daniel Gruss. NetSpectre: Read Arbitrary Memory over Network
Sagar Sharma and Keke Chen. Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data
Philip Sperl and Konstantin Böttinger. Side-Channel Aware Fuzzing
Miha Stopar, Tilen Marc, Jan Hartman, Manca Bizjak and Jolanda Modic. Privacy-Enhanced Machine Learning with Functional Encryption
Junichi Tomida, Atsushi Fujioka, Akira Nagai and Koutarou Suzuki. Strongly Secure Identity-Based Key Exchange with Single Pairing Operation
Henry Turner, Giulio Lovisotto and Ivan Martinovic. Attacking speaker recognition systems with phoneme morphing
Bryan Ward, Richard Skowyra, Chad Spensky, Jason Martin and Hamed Okhravi. The Leakage-Resilience Dilemma
Jianghong Wei, Xiaofeng Chen, Xuexian Hu and Jianfeng Ma. Forward-Secure Puncturable Identity-Based Encryption for Securing Cloud Emails
Konrad Weiss and Julian Schuette. Annotary: A Concolic Execution System for Developing Secure Smart Contracts
Yao Yao, Wei Zhou, Yan Jia, Lipeng Zhu, Yuqing Zhang and Peng Liu. Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution
Xun Yi, Kwok-Yan Lam, Elisa Bertino and Fang-Yu Rao. Location Privacy-Preserving Mobile Crowd Sensing with Anonymous Reputation
Zhongjun Zhang, Jianfeng Wang, Yunling Wang, Yaping Su and Xiaofeng Chen. Towards Efficient Verifiable Forward Secure Searchable Symmetric Encryption
Yifeng Zheng, Huayi Duan and Cong Wang. Towards Secure and Efficient Outsourcing of Machine Learning Classification
Huadi Zheng, Qingqing Ye and Haibo Hu. BDPL: A Boundary Differential Private Layer against Machine Learning Model Extraction Attacks
Lei Zhou, Jidong Xiao, Leach Kevin, Westley Weimer, Fengwei Zhang and Guojun Wang. Nighthawk: Transparent System Introspection from Ring -3
Yevhen Zolotavkin and Veronika Kuchta. Incentives for Harvesting Attack in Proof of Work mining pools
Cong Zuo, Shi-Feng Sun, Joseph K. Liu, Jun Shao and Josef Pieprzyk. Dynamic Searchable Symmetric Encryption with Forward and Stronger Backward Privacy

Call for Papers

ESORICS Call For Papers

ESORICS is the annual European research event in Computer Security.

The Symposium started in 1990 and has been held in several European countries, attracting a wide international audience from both the academic and industrial communities. Papers offering novel research contributions in computer security are solicited for submission to the 2019 Symposium, to be held in Luxembourg.

The primary focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers discussing industrial research and development.

Important Dates

  • Title and Abstract deadline: Monday April 22, 2019
    (11:59 p.m. American Samoa time, UTC-11)
  • Paper submission deadline: Monday April 29, 2019
    (11:59 p.m. American Samoa time, UTC-11)
  • Notification to authors: Friday June 21, 2019
  • Camera ready due: Tuesday July 9, 2019
  • Conference: Monday September 23 – Wednesday September 25, 2019
  • Workshops: Thursday September 26 – Friday September 27, 2019

Call closed.


Submission website: https://easychair.org/conferences/?conf=esorics19

PC Chairs:  Kazue Sako, NEC Japan and Steve Schneider, University of Surrey, UK

Email for PC Chairs: esorics19 [at] easychair [dot] org (submission via website only!)


Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference/workshop with proceedings. The symposium proceedings will be published by Springer in the Lecture Notes in Computer Science series (LNCS).

All submissions should follow the LNCS template ( available from http://www.springer.de/comp/lncs/authors.html ) from the time they are submitted. Submitted papers should be at most 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, and at most 20 pages total. Committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English. Submissions are to be made to the submission web site. Only pdf files will be accepted. Submissions are not anonymous.

Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors of accepted papers must agree with Springer LNCS copyright and guarantee that their papers will be presented at the conference.


Topics of interest include, but are not limited to:

Access control


Ad hoc networks


Applied cryptography



Blockchain and finance security

Data and computation integrity

Database security

Data protection

Deep learning for attack and defense

Digital content protection

Digital forensics

Distributed systems security

Embedded systems security

Inference control

Information hiding

Identity management

Information flow control

Information security governance and management

Intrusion detection

Formal security methods

Language-based security

Network security

Phishing and spam prevention


Privacy preserving data mining

Risk analysis and management

Secure electronic voting

Security architectures

Security economics

Security metrics

Security models

Security and privacy for big data

Security and privacy in cloud scenarios

Security and privacy in complex systems

Security and privacy in content centric networking

Security and privacy in crowdsourcing

Security and privacy in the IoT

Security and privacy in location services

Security and privacy for mobile code

Security and privacy in pervasive / ubiquitous computing

Security and privacy policies

Security and privacy in social networks

Security and privacy in web services

Security and privacy in cyber-physical systems

Security, privacy and resilience in critical infrastructures

Security verification

Software security

Systems security

Trust models and management

Trustworthy user devices

Usable security and privacy

Web security

Wireless security


✆ Contact the organizing committee: esorics2019 [at] uni [dot] lu


✆ Contact the organizing committee: esorics2019 [at] uni [dot] lu


✆ Contact the organizing committee: esorics2019 [at] uni [dot] lu


✆ Contact the organizing committee: esorics2019 [at] uni [dot] lu