Volume 2024

Issue 1

• Editors' Introduction
  Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
• A Large-Scale Study of Cookie Banner Interaction Tools and their Impact on Users' Privacy [PDF]
  Nurullah Demir (Institute for Internet Security & KASTEL Security Research Labs & Karlsruhe Institute of Technology ), Tobias Urban (Institute for Internet Security & secunet Security Networks AG), Norbert Pohlmann (Institute for Internet Security), Christian Wressnegger (KASTEL Security Research Labs & Karlsruhe Institute of Technology)
• SoK: Data Privacy in Virtual Reality [PDF]
  Gonzalo Munilla Garrido (TUM), Vivek Nair (UC Berkeley), Dawn Song (UC Berkeley)
• Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving) [PDF] [Artifact: Reproduced]
  Yohan Beugin (University of Wisconsin-Madison), Patrick McDaniel (University of Wisconsin-Madison)
• QUICKeR: Quicker Updates Involving Continuous Key Rotation [PDF] [Artifact: Available]
  Lawrence Lim (University of California, Santa Barbara), Wei-Yee Goh (University of California, Santa Barbara), Divyakant Agrawal (University of California, Santa Barbara), Amr El Abbadi (University of California, Santa Barbara), Trinabh Gupta (University of California, Santa Barbara)
• Efficiently Compiling Secure Computation Protocols From Passive to Active Security: Beyond Arithmetic Circuits [PDF] [Artifact: Reproduced]
  Marina Blanton (University at Buffalo), Dennis Murphy (University at Buffalo), Chen Yuan (Meta Platform, Inc.)
• DeTorrent: An Adversarial Padding-only Traffic Analysis Defense [PDF] [Artifact: Available]
  James K Holland (University of Minnesota), Jason Carpenter (University of Minnesota), Se Eun Oh (Ewha Womans University), Nicholas Hopper (University of Minnesota)
• A False Sense of Privacy: Towards a Reliable Evaluation Methodology for the Anonymization of Biometric Data [PDF]
  Simon Hanisch (Center for Tactile Internet (CeTI), Technical University Dresden), Julian Todt (KASTEL, Karlsruhe Institute of Technology), Jose Patino (Cerence), Nicholas Evans (Digital Security Department, EURECOM), Thorsten Strufe (KASTEL, Karlsruhe Institute of Technology)
• Cross-Contextual Examination of Older Adults' Privacy Concerns, Behaviors, and Vulnerabilities [PDF]
  Yixin Zou (Max Planck Institute for Security and Privacy), Kaiwen Sun (University of Michigan), Tanisha Afnan (University of Michigan), Ruba Abu-Salma (King's College London), Robin Brewer (University of Michigan), Florian Schaub (University of Michigan)
• “Those things are written by lawyers, and programmers are reading that.” Mapping the Communication Gap Between Software Developers and Privacy Experts [PDF]
  Stefan Albert Horstmann (Ruhr University Bochum), Samuel Domiks (Independent), Marco Gutfleisch (Ruhr University Bochum), Mindy Tran (Paderborn University), Yasemin Acar (Paderborn University , The George Washington University), Veelasha Moonsamy (Ruhr University Bochum), Alena Naiakshina (Ruhr University Bochum)
• Supporting Informed Choices about Browser Cookies: The Impact of Personalised Cookie Banners [PDF] [Artifact: Available]
  Tom Biselli (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Laura Utz (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt), Christian Reuter (Science and Technology for Peace and Security (PEASEC), Technical University of Darmstadt)
• Block Cookies, Not Websites: Analysing Mental Models and Usability of the Privacy-Preserving Browser Extension CookieBlock [PDF] [Artifact: Available]
  Lorin Schöni (ETH Zürich), Karel Kubicek (ETH Zürich), Verena Zimmermann (ETH Zürich)
• Mitigating Inference Risks with the NIST Privacy Framework [PDF]
  Christopher B. Landis (Naval Postgraduate School), Joshua A. Kroll (Naval Postgraduate School)
• Why Privacy-Preserving Protocols Are Sometimes Not Enough: A Case Study of the Brisbane Toll Collection Infrastructure [PDF] [Artifact: Reproduced]
  Amirhossein Adavoudi Jolfaei (University of Luxembourg), Andy Rupp (University of Luxembourg and KASTEL SRL), Stefan Schiffner (Berufliche Hochschule Hamburg (BHH)), Thomas Engel (University of Luxembourg)
• Generalizable Active Privacy Choice: Designing a Graphical User Interface for Global Privacy Control [PDF] [Artifact: Available]
  Sebastian Zimmeck (Wesleyan University), Eliza Kuller (Wesleyan University), Chunyue Ma (Wesleyan University), Bella Tassone (Wesleyan University), Joe Champeau (Wesleyan University)
• Opted Out, Yet Tracked: Are Regulations Enough to Protect Your Privacy? [PDF]
  Zengrui Liu (Texas A&M University), Umar Iqbal (Washington University in St. Louis), Nitesh Saxena (Texas A&M University)
• Privacy Preserving Feature Selection for Sparse Linear Regression [PDF]
  Adi Akavia (University of Haifa), Ben Galili (Technion), Hayim Shaul (IBM Research), Mor Weiss (Bar-Ilan University), Zohar Yakhini (Reichman University and Technion)
• Model-driven Privacy [PDF] [Artifact: Reproduced]
  Srdan Krstic (ETH Zurich), Hoang Nguyen (ETH Zurich), David Basin (ETH Zurich)
• DP-ACT: Decentralized Privacy-Preserving Asymmetric Digital Contact Tracing [PDF]
  Azra Abtahi (Lund University), Mathias Payer (EPFL), Amir Aminifar (Lund University)
• CoStricTor: Collaborative HTTP Strict Transport Security in Tor Browser [PDF] [Artifact: Reproduced]
  Killian Davitt (University College London), Dan Ristea (University College London), Duncan Russell (The Tor Project), Steven J. Murdoch (University College London)
• DeVoS: Deniable Yet Verifiable Vote Updating [PDF] [Artifact: Reproduced]
  Johannes Müller (University of Luxembourg), Balázs Pejó (Budapest University of Technology and Economics), Ivan Pryvalov (University of Luxembourg & Brandenburg University of Technology)
• Over Fences and Into Yards: Privacy Threats and Concerns of Commercial Satellites [PDF]
  Rachel McAmis (University of Washington), Mattea Sim (University of Indiana Bloomington), Mia Bennett (University of Washington), Tadayoshi Kohno (University of Washington)
• Constant-Round Private Decision Tree Evaluation for Secret Shared Data [PDF]
  Nan Cheng (University of St.Gallen), Naman Gupta (IIT Delhi), Aikaterini Mitrokotsa (University of St.Gallen), Hiraku Morita (Aarhus University and University of Copenhagen), Kazunari Tozawa (The University of Tokyo)
• Data Isotopes for Data Provenance in DNNs [PDF]
  Emily Wenger (The University of Chicago), Xiuyu Li (UC Berkeley), Ben Y. Zhao (The University of Chicago), Vitaly Shmatikov (Cornell Tech)
• MAPLE: MArkov Process Leakage attacks on Encrypted Search [PDF] [Artifact: Reproduced]
  Seny Kamara (MongoDB & Brown University), Abdelkarim Kati (Mohammed-VI Polytechnic University), Tarik Moataz (MongoDB), Jamie DeMaria (Elementl), Andrew Park (Carnegie Mellon University), Amos Treiber (Technical University of Darmstadt)
• SocIoTy: Practical Cryptography in Smart Home Contexts [PDF] [Artifact: Reproduced]
  Tushar M. Jois (City College of New York), Gabrielle Beck (Johns Hopkins University), Sofia Belikovetsky (Johns Hopkins University), Joseph Carrigan (Johns Hopkins University), Alishah Chator (Boston University), Logan Kostick (Johns Hopkins University), Maximilian Zinkus (Johns Hopkins University), Gabriel Kaptchuk (Boston University), Aviel D. Rubin (Johns Hopkins University)
• Communication Breakdown: Modularizing Application Tunneling for Signaling Around Censorship [PDF]
  Paul Vines (Two Six Technologies), Samuel McKay (Two Six Technologies), Jesse Jenter (Two Six Technologies), Suresh Krishnaswamy (Two Six Technologies)
• On the Quality of Privacy Policy Documents of Virtual Personal Assistant Applications [PDF] [Artifact: Reproduced]
  Chuan Yan (University of Queensland, Australia), Fuman Xie (University of Queensland, Australia), Mark Huasong Meng (Institute for Infocomm Research, Singapore), Yanjun Zhang (University of Technology Syndey, Australia), Guangdong Bai (University of Queensland, Australia)
• SEDMA: Self-Distillation with Model Aggregation for Membership Privacy [PDF]
  Tsunato Nakai (Mitsubishi Electric Corporation), Ye Wang (Mitsubishi Electric Research Laboratories), Kota Yoshida (Ritsumeikan University), Takeshi Fujino (Ritsumeikan University)
• SoK: Metadata-Protecting Communication Systems [PDF]
  Sajin Sasy (University of Waterloo), Ian Goldberg (University of Waterloo)
• A Cautionary Tale: On the Role of Reference Data in Empirical Privacy Defenses [PDF]
  Caelin Kaplan (SAP Labs France, Inria, Université Côte d’Azur), Chuan Xu (Inria, Université Côte d’Azur, CNRS, I3S), Othmane Marfoq (Inria, Université Côte d’Azur, Accenture Labs), Giovanni Neglia (Inria, Université Côte d’Azur), Anderson Santana de Oliveira (SAP Labs France)
• SWiSSSE: System-Wide Security for Searchable Symmetric Encryption [PDF] [Artifact: Reproduced]
  Zichen Gui (ETH Zurich), Kenneth G. Paterson (ETH Zurich), Sikhar Patranabis (IBM Research India), Bogdan Warinschi (University of Bristol and DFINITY)
• PRIVIC: A privacy-preserving method for incremental collection of location data [PDF]
  Sayan Biswas (INRIA and LIX, École Polytechnique), Catuscia Palamidessi (INRIA and LIX, École Polytechnique)
• User-Controlled Privacy: Taint, Track, and Control [PDF] [Artifact: Reproduced]
  François Hublet (ETH Zürich), David Basin (ETH Zürich), Srđan Krstić (ETH Zürich)
• SGXonerate:Finding (and Partially Fixing) Privacy Flaws in TEE-based Smart Contract Platforms Without Breaking the TEE [PDF]
  Nerla Jean-Louis (University of Illinois Urbana Champaign), Yunqi Li (University of Illinois Urbana Champaign), Yan Ji (Cornell University), Harjasleen Malvai (University of Illinois Urbana Champaign), Thomas Yurek (University of Illinois Urbana Champaign), Sylvain Bellemare (IC3 (Cornell University)), Andrew Miller (University of Illinois Urbana Champaign, IC3)
• Tailoring Digital Privacy Education Interventions for Older Adults: A Comparative Study on Modality Preferences and Effectiveness [PDF]
  Heba Aly (Clemson University), Yizhou Liu (Clemson University), Reza Ghaiumy Anaraky (New York University), Sushmita Khan (Clemson University), Moses Namara (Clemson University), Kaileigh Angela Byrne (Clemson University), Bart Knijnenburg (Clemson University)

Issue 2

• Editors' Introduction
  Micah Sherr (Georgetown University), Zubair Shafiq (University of California, Davis)
• Multipars: Reduced-Communication MPC over Z2k [PDF]
  Sebastian Hasler (University of Stuttgart), Pascal Reisert (University of Stuttgart), Marc Rivinius (University of Stuttgart), Ralf Küsters (University of Stuttgart)
• Privadome: Delivery Drones and Citizen Privacy [PDF]
  Gokulnath M. Pillai (Indian Institute of Science Bangalore, and Cerebras Bangalore), Ajith Suresh (Indian Institute of Science Bangalore, and Technology Innovation Institute Abu Dhabi), Eikansh Gupta (Indian Institute of Science Bangalore, and Qualcomm Hyderabad), Vinod Ganapathy (Indian Institute of Science Bangalore), Arpita Patra (Indian Institute of Science Bangalore)
• Delegated Private Matching For Compute [PDF]
  Dimitris Mouris (University of Delaware), Daniel Masny (Meta Inc.), Ni Trieu (Arizona State University), Shubho Sengupta (Meta Inc.), Prasad Buddhavarapu (Meta Inc.), Benjamin Case (Meta Inc.)
• Multiparty Private Set Intersection Cardinality and Its Applications [PDF]
  Jiahui Gao (Arizona State University), Ni Trieu (Arizona State University), Avishay Yanai (VMware Research)
• Two Steps Forward and One Step Back: The Right to Opt-out of Sale under CPRA [PDF]
  Jan Charatan (Pomona College), Eleanor Birrell (Pomona College)
• StyleAdv: A Usable Privacy Framework Against Facial Recognition with Adversarial Image Editing [PDF]
  Minh-Ha Le (Linköping University, Linköping, Sweden), Niklas Carlsson (Linköping University, Linköping, Sweden)
• Differentially Private Ad Conversion Measurement [PDF]
  John Delaney (Google), Badih Ghazi (Google), Charlie Harrison (Google), Christina Ilvento (Google), Ravi Kumar (Google), Pasin Manurangsi (Google), Martin Pál (Google), Karthik Prabhakar (Google), Mariana Raykova (Google)
• A Framework for Provably Secure Onion Routing against a Global Adversary [PDF]
  Philip Scherer (KIT Karlsruhe), Christiane Weis (NEC Laboratories Europe), Thorsten Strufe (KIT Karlsruhe)
• Exploring the Privacy Experiences of Closeted Users of Online Dating Services in the US [PDF]
  Elijah Bouma-Sims (Carnegie Mellon University), Sanjnah Ananda Kumar (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)
• Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels [PDF]
  Yanzi Lin (Wellesley College), Jaideep Juneja (Carnegie Mellon University), Eleanor Birrell (Pomona College), Lorrie Faith Cranor (Carnegie Mellon University)
• Website Data Transparency in the Browser [PDF]
  Sebastian Zimmeck (Wesleyan University), Daniel Goldelman (Wesleyan University), Owen Kaplan (Wesleyan University), Logan Brown (Wesleyan University), Justin Casler (Wesleyan University), Judeley Jean-Charles (Wesleyan University), Joe Champeau (Wesleyan University), Hamza Harkous (Google)
• Traceable mixnets [PDF]
  Prashant Agrawal (CSE, IIT Delhi; CDAIS, Ashoka University), Abhinav Nakarmi (CSE, University of Michigan), Mahabir Prasad Jhanwar (CS and CDAIS, Ashoka University), Subodh Sharma (CSE, IIT Delhi), Subhashis Banerjee (CSE, IIT Delhi; CS and CDAIS, Ashoka University)
• MixMatch: Flow Matching for Mixnet Traffic [PDF]
  Lennart Oldenburg (COSIC, KU Leuven), Marc Juarez (University of Edinburgh), Enrique Argones Rúa (COSIC, KU Leuven), Claudia Diaz (COSIC, KU Leuven, and Nym Technologies, SA)
• Contextualizing Interpersonal Data Sharing in Smart Homes [PDF]
  Weijia He (Dartmouth College), Nathan Reitinger (University of Maryland, College Park), Atheer Almogbil (Johns Hopkins University), Yi-Shyuan Chiang (University of Illinois Urbana-Champaign), Timothy J. Pierson (Dartmouth College), David Kotz (Dartmouth College)
• SoK: Secure Human-centered Wireless Sensing [PDF]
  Wei Sun (Duke University), Tingjun Chen (Duke University), Neil Gong (Duke University)
• Extending the Security of SPDZ with Fairness [PDF]
  Bart Veldhuizen (Independent researcher), Gabriele Spini (TNO), Thijs Veugen (TNO and Twente University), Lisa Kohl (CWI)
• Defining and Controlling Information Leakage in US Equities Trading [PDF]
  Arthur Américo (Proof Trading), Allison Bishop (Proof Trading and City College, CUNY), Paul Cesaretti (Graduate Center, CUNY and Proof Trading), Garrison Grogan, Adam McKoy (Proof Trading), Robert Nicholas Moss (Proof Trading), Lisa Oakley (Notheastern University and Proof Trading), Marcel Ribeiro (Proof Trading), Mohammad Shokri (Graduate Center, CUNY and Proof Trading)
• How Does Connecting Online Activities to Advertising Inferences Impact Privacy Perceptions? [PDF]
  Florian M. Farke (Ruhr University Bochum), David G. Balash (University of Richmond), Maximilian Golla (CISPA Helmholtz Center for Information Security), Adam J. Aviv (The George Washington University)
• NOTRY: Deniable messaging with retroactive avowal [PDF]
  Faxing Wang (University of Melbourne), Shaanan Cohney (University of Melbourne), Riad Wahby (Carnegie Mellon University), Joseph Bonneau (a16z Crypto Research)
• Security and Privacy with Second-Hand Storage Devices: A User-Centric Perspective from Switzerland [PDF]
  Kavous Salehzadeh Niksirat (University of Lausanne), Diana Korka (University of Lausanne), Quentin Jacquemin (University of Lausanne), Céline Vanini (University of Lausanne), Mathias Humbert (University of Lausanne), Mauro Cherubini (University of Lausanne), Sylvain Métille (University of Lausanne), Kévin Huguenin (University of Lausanne)
• A Bilingual Longitudinal Analysis of Privacy Policies Measuring the Impacts of the GDPR and the CCPA/CPRA [PDF]
  Henry Hosseini (University of Münster), Christine Utz (CISPA Helmholtz Center for Information Security), Martin Degeling (Stiftung Neue Verantwortung), Thomas Hupperich (University of Münster)
• Blending Different Latency Traffic With Beta Mixing [PDF]
  Iness Ben Guirat (COSIC KU leuven), Debajyoti Das (COSIC KU leuven), Claudia Diaz (COSIC KU leuven)