- crypto-events - INF Mailman

Talk announcement: Automating Linux Kernel Security: From Bug Discovery to Exploit Synthesis, by Alessandro Sorniotti (1 July 2026)
by Christian Cachin 16 Jun '26

16 Jun '26

*Date and Location* 1 July 2026, *16:00* Universität Bern, Hauptgebäude, Hochschulstrasse 4, Seminarraum 206 *Speaker* Alessandro Sorniotti IBM Research - Zurich *Title* Automating Linux Kernel Security: From Bug Discovery to Exploit Synthesis *Abstract* This talk presents a high-level view of modern approaches to Linux kernel security, spanning both offensive and defensive perspectives. We outline a pipeline that starts from bug discovery -- leveraging fuzzing and sanitizers -- and progresses through primitive and object analysis toward automated exploit generation (AEG). Key ideas include extracting attacker-controlled inputs via symbolic and concolic techniques, reasoning about bug "capabilities" and systematically matching them with target objects to construct viable exploitation paths. We also briefly discuss how these insights feed into defensive tooling, such as exploitability assessment, bug ranking, and patch assistance, highlighting opportunities for automation across the vulnerability lifecycle. *Brief bio* Alessandro Sorniotti is a Principal Research Scientist working in system security and applied cryptography. His research has spanned operating systems and low-level software security -- covering vulnerability discovery, exploit development, and automated analysis -- as well as applied cryptography and blockchain technologies. In that space, he has worked on protocols and systems for distributed trust, digital assets, and secure transaction processing. More recently, his work has explored automation and data-driven approaches for vulnerability analysis, exploitability assessment, and patching, bridging offensive and defensive security across domains. --- Please note the earlier talk by Judith Senn at 15:00. See you there! Christian Cachin --- Christian Cachin email: christian.cachin(a)unibe.ch Cryptology and Data Security Group web: crypto.unibe.ch/cc Institute of Computer Science tel: +41 31 684 8560 University of Bern Neubrückstrasse 10, CH-3012 Bern, Switzerland

1 0

Talk announcement: Privacy and the Detection of Money Laundering, by Judith Senn (1 July 2026)
by Christian Cachin 16 Jun '26

16 Jun '26

*Date and Location* 1 July 2026, *15:00* Universität Bern, Hauptgebäude, Hochschulstrasse 4, Seminarraum 206 *Speaker* Judith Senn Security and Privacy Lab Universität Innsbruck *Title* Privacy and the Detection of Money Laundering *Abstract* The discussion of payment systems is often framed as a polarised debate between privacy and enforcement against financial crime. While many anti-money laundering mechanisms depend on transaction data to identify suspicious behaviour, payment records can expose sensitive information about individuals and groups. Current detection methods often assume access to detailed transaction data, but it remains unclear which specific attributes are necessary for reliable detection. We address this question experimentally by evaluating two graph-based detectors of money laundering, FraudGT and MEGA-GNN, under different privacy regimes for a common benchmark of transaction data. We compare how coarsening, concealment, and anonymisation of selected transaction attributes affect detection performance. The evaluation considers three settings: testing pre-trained models on privacy-modified data, fine-tuning pre-trained models on privacy-modified data, and training models directly under the corresponding privacy scenario. The results suggest that privacy modifications preserving the transaction graph are largely compatible with money laundering detection. In particular, modifying transaction amounts has little to no effect on detection performance, while timestamp transformations have limited influence. Conversely, modifications that impair the reconstruction of the transaction graph result in a performance drop. This pattern is consistent across both detectors. *Brief bio* Judith Senn is a research assistant in the Security and Privacy Lab at the Universität Innsbruck. Her research focuses on privacy in digital payments and its impact on compliance and performance. --- Please note the later talk by Alessandro Sorniotti at 16:00. See you there! Christian Cachin --- Christian Cachin email: christian.cachin(a)unibe.ch Cryptology and Data Security Group web: crypto.unibe.ch/cc Institute of Computer Science tel: +41 31 684 8560 University of Bern Neubrückstrasse 10, CH-3012 Bern, Switzerland

1 0

Talk announcement: Practice-Driven Theoretical Cryptography, by Stefano Tessaro (27 April 2026)
by Christian Cachin 15 Apr '26

15 Apr '26

*Date and Location* 27 April 2026, 11:00 -- 12:00 (Attention: Starting time is **:00**) Universität Bern, Hauptgebäude, Hochschulstrasse 4, Room 206. *Speaker* Prof. ‪Stefano Tessaro University of Washington *Title* Practice-Driven Theoretical Cryptography *Abstract* A large fraction of modern academic cryptography is organised around designing primitives and protocols that admit proofs of security within carefully specified formal models and under well-founded assumptions. Yet many of the mechanisms that underpin today’s digital infrastructure were either not developed with these proof frameworks in mind or benefit only from partial validation within them. In this talk, I will explain how filling this gap gives rise to a practice-driven theoretical agenda aimed at establishing the strongest possible security guarantees for cryptographic mechanisms that are already deployed or being standardised, without redesigning them to fit current proof frameworks. I will illustrate how this perspective often leads to new theoretical questions of broader appeal, including connections to theoretical computer science more broadly. I will present several vignettes from our recent work, including research motivated by standardization efforts in privacy-preserving authentication and distributed cryptography, as well as an ongoing multi-year program aimed at understanding the security of block cipher design paradigms – the foundations of modern symmetric-key encryption standards – through connections to fundamental questions about randomness and structure. *Brief bio* Stefano Tessaro is a Professor in the Paul G. Allen School of Computer Science & Engineering at the University of Washington and is currently a Visiting Professor at ETH Zurich. He works primarily on cryptography, computer security and theoretical computer science. Earlier, he was an assistant professor at UC Santa Barbara, where he held the Glen and Susanne Culler Chair. He received a PhD from ETH Zurich in 2010 and held postdoctoral appointments at UC San Diego and MIT. He has received several awards for his work, including a Sloan Research Fellowship, an NSF CAREER Award, a Hellman Fellowship and a Best Paper Award at EUROCRYPT 2017. --- See you there! Christian Cachin --- Christian Cachin email: christian.cachin(a)unibe.ch Cryptology and Data Security Group web: crypto.unibe.ch/cc Institute of Computer Science tel: +41 31 684 8560 University of Bern Neubrückstrasse 10, CH-3012 Bern, Switzerland

1 0

Reminder: Workshop on Secure Systems in Bern on 16 February
by Christian Cachin 02 Feb '26

02 Feb '26

IMPORTANT: Registration is required for planning - see Website. --- It is my pleasure to announce a workshop titled "Secure Systems" on 16 February 2026 at the University of Bern: Workshop on Secure Systems 16 February 2026 The Cryptology and Data Security Research Group organizes a workshop on the theme of secure systems University of Bern 16 February 2026 Hauptgebäude, Hochschulstrasse 4, Room 033 https://crypto.unibe.ch/2026/01/16/workshop_secure_systems.html 9:30 Christian Cachin, University of Bern Welcome 9:30-10:30 Peter Pietzuch, Imperial College London Keynote: Improving Cloud Security with Hardware Memory Capabilities 10:30-10:50 Break 11:00-11:30 François-Xavier Wicht, University of Bern Censorship-Resistant BitTorrent Trackers 11:30-12:00 Mpoki Mwaisela, University of Neuchatel IM-PIR: In-Memory Private Information Retrieval 12:15-14:00 Lunch (details to be announced) 14:00-14:45 Anil Kurmus, IBM Research - Zurich Speculative Memory Errors 14:45-15:15 Louis Vialar, University of Neuchatel SECUREFUSION: A Versatile Proxy for Transparent DBMS Encryption --- Christian Cachin email: christian.cachin(a)unibe.ch Cryptology and Data Security Group web: crypto.unibe.ch/cc Institute of Computer Science tel: +41 31 684 8560 University of Bern Neubrückstrasse 10, CH-3012 Bern, Switzerland

1 0

2026

crypto-events ----- 2026 ----- June 2026 May 2026 April 2026 March 2026 February 2026 January 2026

crypto-events