Data Privacy Management, Cryptocurrencies and Blockchain Technology: ESORICS 2021 International Workshops, DPM 2021 and CBT 2021, Darmstadt, Germany, ... Selected Papers (Security and Cryptology)

Foreword from the DPM 2021 Program Chairs
DPM 2021 Organization
Foreword from the CBT 2021 Program Chairs
CBT 2021 Organization
Contents
DPM Workshop: Risks and Privacy Preservation
Best Security Measures to Reduce Cyber-Incident and Data Breach Risks
	1 Introduction
	2 Related Works
	3 Data
		3.1 The JNSA and the Security Next
		3.2 Toyo-Keizai Corporate Social Responsibility (CSR) Survey
	4 Analysis of Cyber Incidents
		4.1 Types of Cyber Incidents
		4.2 Relative Risk and Hypothesis Testing
		4.3 Mantel-Haenszel Test
		4.4 Multiple Logistic Regression
		4.5 Results of Analysis
		4.6 Confounding Factors
		4.7 Multiple Logistic Regression
		4.8 Discussion
	5 Conclusion
	References
Synthesizing Privacy-Preserving Location Traces Including Co-locations
	1 Introduction
	2 Related Work
		2.1 Co-locations
		2.2 Location Synthesizers
	3 Problem Formalization
		3.1 Notations
		3.2 Friendship Data
		3.3 Trace Data
		3.4 Threat Model and Differential Privacy
	4 Proposed Method
		4.1 Overview
		4.2 Friendship Probability p\'
		4.3 Co-location Count Matrix Q\'
		4.4 Generating Synthetic Traces
	5 Experimental Evaluation
		5.1 Datasets
		5.2 Utility Metrics
		5.3 Location Synthesizers
		5.4 Experimental Results
	6 Conclusion
	References
DPM Workshop: Policies and Regulation
Quantitative Rubric for Privacy Policy Analysis
	1 Introduction
	2 Background and Approach
	3 Privacy Policy Model and Experimental Design
		3.1 General Assumptions
		3.2 Section-Specific Assumptions
		3.3 Example Implementation of the Rubric
	4 Analysis
		4.1 Qualitative Results
		4.2 Evaluation of Our Metric
		4.3 Quantitative Results
	5 Conclusion
	References
Rethinking the Limits of Mobile Operating System Permissions
	1 Introduction
	2 Background
		2.1 Coarse-Grained Controls
		2.2 Personal Data Use
		2.3 Towards Fine-Grained Controls
		2.4 Addictive Design
	3 Complementary Systems
		3.1 OS Modification
		3.2 Application Modification
		3.3 Data Capture
		3.4 Feasibility of Complementary Systems
	4 Enhancing Awareness
		4.1 User Concerns
		4.2 Permission Awareness
		4.3 Data Transparency
	5 Recommendations
		5.1 Fine-Grained Controls
		5.2 Transparency
	6 Conclusion
	References
Interdependent Privacy Issues Are Pervasive Among Third-Party Applications
	1 Introduction
	2 Related Work
	3 Platforms, Permissions and Interdependent Privacy
		3.1 Permissions and Interdependent Privacy
		3.2 Platform Specifics
	4 Application-Level Statistics
		4.1 Data Collection
		4.2 Do Real Apps Request IDP/PIDP Permissions?
		4.3 Risk Signals
	5 Discussion: Avoidance, Transparency and Control
	6 Conclusion
	References
DPM Workshop: Privacy and Learning
SPGC: An Integrated Framework of Secure Computation and Differential Privacy for Collaborative Learning
	1 Introduction
		1.1 Backgrounds
		1.2 Contribution
	2 Preliminaries
	3 Problem Description
		3.1 Privacy-Preserving Collaborative Learning
		3.2 Technical Difficulty
	4 Design of SPGC
		4.1 Overview
		4.2 Construction
		4.3 Privacy Analysis
	5 Experiments
		5.1 Experimental Setup
		5.2 Results
		5.3 Discussion
	6 Related Works
	7 Conclusion
	References
A k-Anonymised Federated Learning Framework with Decision Trees
	1 Introduction
	2 Preliminaries
		2.1 Mondrian k-Anonymity
		2.2 Aggregation of Decision Trees
		2.3 Critical Insights of Tree Merging Algorithm
	3 Problem Statement
		3.1 Proposed Scheme for HFL with Decision Trees
	4 Creation of Non-IID Partitions
	5 Experimental Settings
		5.1 Datasets
		5.2 Dimensionality Reduction of Data
		5.3 Anonymisation of Data
		5.4 Generation of IID and Non-IID Partitions
		5.5 Building Decision Trees
		5.6 Aggregation Algorithm
		5.7 Testing
		5.8 Implementation Details
	6 Results and Analysis
	7 Conclusion and Future Works
	References
Anonymizing Machine Learning Models
	1 Introduction
	2 Related Work
		2.1 K-anonymity
		2.2 Protecting Machine Learning Training Sets
	3 Model-Guided Anonymization
	4 Results
		4.1 Discussion
		4.2 Defending Against Inference Attacks
	5 Conclusions and Future Work
	A Datasets and Quasi-identifiers
	B Attack Model
	References
DPM Workshop: Short Papers
A New Privacy Enhancing Beacon Scheme in V2X Communication
	1 Introduction
	2 Related Work
		2.1 Our Contribution
	3 New Beacon Scheme
		3.1 Overview
		3.2 Security Properties of the Beacon Scheme
		3.3 Adversary Model
		3.4 Beacon Scheme Algorithm
		3.5 Consideration on Security Properties
	4 Simulation
		4.1 Approach
		4.2 Discussion and Evaluation
	5 Conclusions and Future Work
	References
Next Generation Data Masking Engine
	1 Introduction
	2 Magen
		2.1 Core
		2.2 Metal
		2.3 Format
	3 Implementation
	4 Performance
	5 Summary
	References
Towards a Formal Approach for Data Minimization in Programs (Short Paper)
	1 Introduction
	2 A Formal Approach to Data Minimization
	3 Usage Scenarios
	4 Approaches to the Computation of the Decomposition
	5 Limitations
	6 Related Work
	7 Conclusion
	References
CBT Workshop: Mining, Consensus and Market Manipulation
Virtual ASICs: Generalized Proof-of-Stake Mining in Cryptocurrencies
	1 Introduction
		1.1 Our Contributions
		1.2 The Advantages and Disadvantages of Physical ASICs vs. PoS
		1.3 Related Work
	2 Model
	3 Consensus Based on Virtual ASICs
		3.1 From Proof of Stake to Virtual ASICs
		3.2 Example: Nakamoto Style Consensus Protocol
	4 Auction Protocol for Virtual ASICs
		4.1 All-or-Nothing Broadcast
		4.2 The Auction Protocol
	References
Asymmetric Asynchronous Byzantine Consensus
	1 Introduction
	2 Related Work
	3 System Model and Preliminaries
		3.1 Byzantine Quorum Systems
	4 Asymmetric Trust
	5 Asymmetric Randomized Byzantine Consensus
		5.1 Asymmetric Binary Validated Broadcast
		5.2 Asymmetric Randomized Consensus
	References
Using Degree Centrality to Identify Market Manipulation on Bitcoin
	1 Introduction
	2 Related Work
	3 Base Methodology and Preliminary Analysis
		3.1 Data Acquisition
		3.2 Graph Definition
		3.3 Rank Analysis
	4 Stability Analysis
		4.1 Methodology
		4.2 Results
	5 Case Study
		5.1 Data Pre-processing
		5.2 User Repetition Forecasting
	6 Conclusion and Future Work
	References
CBT Workshop: Smart Contracts and Anonymity
Augmenting MetaMask to Support TLS-endorsed Smart Contracts
	1 Introduction
	2 Background
		2.1 Components of the System
		2.2 Usage of TLS-endorsed Smart Contracts
		2.3 Security Considerations
	3 Analysis
		3.1 Browser Warnings and Security Indicator Designs
		3.2 Negative Indication in Browsers
		3.3 Indication of a Protocol Downgrade
		3.4 Authentication Error Scenarios for TLS-endorsed Smart Contracts
	4 Design and Implementation
		4.1 Design Concept for TLS-endorsed Smart Contracts in MetaMask
		4.2 Integration of TeSC in MetaMask
	5 Evaluation
		5.1 Test Setup
		5.2 Test Procedure
		5.3 Result Analysis
	6 Related Work
	7 Conclusion
	References
Smart Contracts for Incentivized Outsourcing of Computation
	1 Introduction
	2 Related Work
	3 Preliminaries
	4 Model
	5 A Judge Protocol with Guaranteed Correctness
		5.1 The New Judge Protocol
		5.2 Game Analysis
	6 Concluding Remarks
	References
Anonymous Sidechains
	1 Introduction
		1.1 Our Contributions
		1.2 Related Work
	2 Preliminaries
		2.1 Cryptographic Building Blocks
		2.2 Zerocash
	3 Anonymous Sidechains Definition
		3.1 Security
		3.2 Privacy
	4 Anonymous Sidechain Construction
		4.1 Security Analysis
	References
CBT Workshop: Short Papers
Filling the Tax Gap via Programmable Money
	1 Introduction
		1.1 Desiderata
		1.2 Related Work
	2 Tax Auditable Distributed Ledger
	3 A Tax-Auditing Extension for Provisions
	4 Conclusion
	References
Impact of Delay Classes on the Data Structure in IOTA
	1 Introduction
	2 Types of Messages and Their Processing
	3 Delay Time for Value Messages
		3.1 Synchronicity Assumptions
		3.2 Quarantine Procedure
	4 Delay Classes and Tip Pool Model
		4.1 General Model for the Tip Pool Size
		4.2 Experimental and Simulation Validation
	5 Controlling the Tip Pool Size
	6 Conclusion
	References
Secure Static Content Delivery for CDN Using Blockchain Technology
	1 Introduction
	2 Related Works
	3 System Design
		3.1 Attack Scenario
		3.2 Overview
		3.3 Typical Usage
		3.4 Benefits and Drawbacks
	4 Experiments
		4.1 Implementation
		4.2 Evaluation
	5 Discussion
	6 Future Works and Conclusion
	References
Lattice-Based Proof-of-Work for Post-Quantum Blockchains
	1 Introduction
	2 Preliminaries
		2.1 Lattices and Lattice Problems
	3 Proposed PoW Protocol,  LPoW
		3.1 Discussion
	References
Blockchain-Based Two-Factor Authentication for Credit Card Validation
	1 Introduction
	2 Related Work
	3 Preliminaries
		3.1 Background
		3.2 Attack Model
	4 Blokchain-Based 2-FA Framework for Transaction Authentication
		4.1 Overview
		4.2 Registration Phase
		4.3 Second Factor Authentication Phase
	5 Evaluation
		5.1 Security Analysis
		5.2 Hyperledger Performance
	6 Conclusion
	References
Homomorphic Decryption in Blockchains via Compressed Discrete-Log Lookup Tables
	1 Introduction
	2 Background
		2.1 Additively Homomorphic ElGamal Encryption
		2.2 Improving Efficiency of Discrete Log Lookup Operations
		2.3 Related Blockchain Works that Require Precomputed Tables
	3 Methodology
		3.1 Ideal Truncation
		3.2 Variable-Length Truncation
		3.3 Optimizations
		3.4 Relaxed Collisions and Template Distribution
	4 Implementation
		4.1 Truncation Algorithm Evaluation
		4.2 Complexity Analysis and Comparison
	5 Conclusion
	References
Author Index