Two papers from the CS department have been accepted by this year’s ACM Conference on Computer and Communications Security (CCS), one of the top security conferences. One of the papers, titled “Identity-based Format-Preserving Encryption,” is a joint work between Prof. Viet Tung Hoang and Prof. Mihir Bellare (UC San Diego). The paper studies the NIST standard proposal DFF of Format-Preserving Encryption (FPE), a method to encrypt credit-card numbers and legacy databases. DFF is used by Veriphone, and claims security even when some local devices are compromised. The paper formalizes the security notions that DFF is meant to offer, proves that DFF indeed meets those goals and suggests further security enhancements.

The other paper, titled “Hear Your Voice Is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication,” is a joint work among Linghan Zhang, a third year PhD student in the department, and her lab-mate Sheng Tan, and her advisor Prof. Jie Yang. In the paper, they proposed VoiceGesture, a mobile voice liveness detection system on smartphones. It detects voice spoofing attacks by extracting user-specific features that resulted from the articulatory gesture when a user speaks a passphrase to a smartphone. VoiceGesture is practical as it requires neither cumbersome operations nor additional hardware but a speaker and a microphone that are commonly available on smartphones. Experimental results show that VoiceGesture achieves over 99% detection accuracy at around 1% Equal Error Rate (EER).