Keynotes
Yang Cao
Institute of Science Tokyo, Japan
Yang Cao is an Associate Professor at the Department of Computer Science, Institute of Science Tokyo (Science Tokyo, formerly Tokyo Tech), and directing the Trustworthy Data Science and AI (TDSAI) Lab. He is passionate about studying and teaching on algorithmic trustworthiness in data science and AI. Two of his papers on data privacy were selected as best paper finalists in top-tier conferences IEEE ICDE 2017 and ICME 2020. He was a recipient of the IEEE Computer Society Japan Chapter Young Author Award 2019, Database Society of Japan Kambayashi Young Researcher Award 2021. His research projects were/are supported by JSPS, JST, MSRA, KDDI, LINE, WeBank, etc.
Abstract: Data Pricing mechanisms are the backbone of data markets: they set the rules for exchanging data products, determine fair rewards, and shape trust among participants.
Yet each mechanism—whether arbitrage-free pricing, auctions, or Shapley-value-based contribution scoring—operates in a different environment, trades different assets, and faces different attackers. This
talk will explore the privacy and security challenges that emerge across these mechanisms and present defenses tailored to each. We begin with arbitrage-free pricing in trusted query markets, defending against
buyers who exploit price inconsistencies. We then move to auction-based pricing, addressing sellers who submit low-quality updates to game the system. Next, we secure Shapley value pricing against privacy
leakage during contribution evaluation. Finally, we introduce Truth-Shapley, a Bayesian incentive-compatible valuation method that thwarts strategic manipulation while preserving fairness. Together, these
works form a systematic investigation of how pricing mechanisms themselves become attack surfaces—and how aligning economic incentives with privacy and integrity can make data markets truly trustworthy.
Sherman S. M. Chow
Chinese University of Hong Kong, Hong Kong
Sherman S. M. Chow has grown with ProvSec. This journey began when he
co-founded its predecessor—the Applied Cryptography and Information
Security (ACIS) workshop—in 2006 with Joseph K. Liu, the late Patrick
Tsang, and Duncan S. Wong, all alumni of The Chinese University of Hong
Kong (CUHK), with Chow as the exception. He then served on the inaugural
ProvSec 2007 program committee, when PhD students were seldom invited.
Chow often turns to ProvSec to share his work: in 2008, instead of a
journal extension, he published extended results on general
certificateless encryption and timed-release encryption at ProvSec,
based on his SCN 2008 work from an internship at Fuji Xerox Palo Alto
Lab; at ProvSec 2013, with others, he presented a strengthened security
model for escrow-free identity-based encryption, a notion from his PhD
at New York University, advised by Yevgeniy Dodis and Victor Shoup (a
ProvSec 2012 invited speaker); and he served as program co-chair for
ProvSec 2014, held with ISC 2014, which he also co-chaired.
Chow’s ProvSec 2015 paper—held in Japan (as will ProvSec 2025)—was co-authored with, among others, his first postdoctoral visitor Yu Chen; Goichiro Hanaoka, who later invited him to serve as an AsiaCrypt 2025 area chair in Real-World Cryptography; and Zongyang Zhang, whose student Weihan Li (now graduated) became Chow’s first long-term visiting student at CUHK. That collaboration led to ongoing submissions, including a USENIX Security 2024 paper and a paper in IEEE Transactions on Information Forensics and Security (TIFS)—a journal where Chow serves as Senior Area Editor (since 2024) and earlier served as Associate Editor (2015–2019), uncommon at the time for an assistant professor at a rank-A journal. At ProvSec 2016, Chow and his PhD student Yongjun Zhao (now at TikTok, advancing privacy-enhancing technology) published work combining leakage resilience from Chow’s research (e.g., CCS 2010 and EuroCrypt 2012) with secure deduplication from Zhao’s thesis. ProvSec remains one of Chow’s favorite publication outlets, alongside AsiaCCS, ACNS, NDSS, S&P, USENIX Security Symposium, and CT-RSA.
Chow’s ProvSec 2015 paper—held in Japan (as will ProvSec 2025)—was co-authored with, among others, his first postdoctoral visitor Yu Chen; Goichiro Hanaoka, who later invited him to serve as an AsiaCrypt 2025 area chair in Real-World Cryptography; and Zongyang Zhang, whose student Weihan Li (now graduated) became Chow’s first long-term visiting student at CUHK. That collaboration led to ongoing submissions, including a USENIX Security 2024 paper and a paper in IEEE Transactions on Information Forensics and Security (TIFS)—a journal where Chow serves as Senior Area Editor (since 2024) and earlier served as Associate Editor (2015–2019), uncommon at the time for an assistant professor at a rank-A journal. At ProvSec 2016, Chow and his PhD student Yongjun Zhao (now at TikTok, advancing privacy-enhancing technology) published work combining leakage resilience from Chow’s research (e.g., CCS 2010 and EuroCrypt 2012) with secure deduplication from Zhao’s thesis. ProvSec remains one of Chow’s favorite publication outlets, alongside AsiaCCS, ACNS, NDSS, S&P, USENIX Security Symposium, and CT-RSA.
Abstract: A privacy-preserving Web3 must let people act together with user-controlled data and anonymity by design, even as the system certifies and verifies private records and
anonymous actions at scale. This talk studies several mission-critical features that research has often overlooked.
Secure coordination under malice and churn (NDSS'23, NDSS'24). Prior threshold ECDSA systems often assumed every signer stayed responsive; one dropout triggered restart and wasted preprocessing. I will present designs with true t-out-of-n liveness and identifiable abort, defending operations against denial-of-signing in time-sensitive tasks.
Sustainable private state (CSF'23). Anonymity should not force ever-growing unlinkable records. I will show how to preserve unlinkability while removing stale records as they age—anonymity that compresses with time—and how this composes with anonymous payments and reputation, in contrast to prior designs that let records persist indefinitely.
Mitigating Sybils through anonymous reputation (ACNS'23, EuroS&P'23). To keep authentication private while discouraging Sybil growth, scored anonymous credentials let honest users authenticate quickly and build anonymous reputation across long-lived, system-wide sessions; revocation is immediate, and subjective disputes are handled without halting global authentication.
Collective contribution with speed and integrity (USENIX Security'22, NDSS'24). For collaboration at scale with many independent writers and many readers, hybrid and delegatable searchable encryption reconcile a two-decade split: sublinear search in the multi-client model with forward privacy.
I will also note recent work on strategic controls for decentralized blockchains without a trusted hub (ICDCS'23, FC'25) and zero-knowledge proofs that scale (AsiaCrypt'25, ePrint '25). The directions in this talk aim to spur research beyond Web3.
Secure coordination under malice and churn (NDSS'23, NDSS'24). Prior threshold ECDSA systems often assumed every signer stayed responsive; one dropout triggered restart and wasted preprocessing. I will present designs with true t-out-of-n liveness and identifiable abort, defending operations against denial-of-signing in time-sensitive tasks.
Sustainable private state (CSF'23). Anonymity should not force ever-growing unlinkable records. I will show how to preserve unlinkability while removing stale records as they age—anonymity that compresses with time—and how this composes with anonymous payments and reputation, in contrast to prior designs that let records persist indefinitely.
Mitigating Sybils through anonymous reputation (ACNS'23, EuroS&P'23). To keep authentication private while discouraging Sybil growth, scored anonymous credentials let honest users authenticate quickly and build anonymous reputation across long-lived, system-wide sessions; revocation is immediate, and subjective disputes are handled without halting global authentication.
Collective contribution with speed and integrity (USENIX Security'22, NDSS'24). For collaboration at scale with many independent writers and many readers, hybrid and delegatable searchable encryption reconcile a two-decade split: sublinear search in the multi-client model with forward privacy.
I will also note recent work on strategic controls for decentralized blockchains without a trusted hub (ICDCS'23, FC'25) and zero-knowledge proofs that scale (AsiaCrypt'25, ePrint '25). The directions in this talk aim to spur research beyond Web3.
Kaitai Liang
University of Turku, Finland
Kaitai is an associate professor in cybersecurity at UTU, and holds at adjunct position at TU Delft where he leads the CRYPTAI Lab. He has secured European funding for several high-impact projects related to cybersecurity and AI, serving as PI. His research has led to real-world impact through collaborations with use cases. His works have been featured in top-tier conferences, e.g., USENIX Security, ACM CCS, NDSS, SIGMETRICS, ESORICS, Asiacrypt, and many others, as well as in leading international journals, e.g.,IEEE TDSC, IEEE TIFS. He has also delivered information security keynotes to international conferences and received awards, e.g., distinguished reviewer award, distinguished editor award, best research paper. A sought-after expert, he's been invited to serve on PC member, as General Chair, and as a Steering Committee member for renowned security and privacy conferences, e.g., USENIX Security, ACM CCS, IEEE Euro S&P, ESORICS, IEEE CSF, PoPETs, as well as session chairs, keynotes for information security topics. He also serves as an Associate Editor for prominent journals.
Abstract: Byzantine-robust Federated Learning (FL) aims to defend against malicious clients and ensure the training of an accurate global model with a minimal attack success rate.
However, most existing solutions assume that the majority of clients are honest—a condition that may not always hold in real-world deployments. Some methods bypass this assumption by requiring access to an auxiliary
dataset for filtering malicious updates, while others rely on a semi-honest majority to maintain both robustness and update confidentiality.
This talk presents a novel federated learning system that is both Byzantine-robust and privacy-preserving, capable of operating securely even when malicious actors form the majority—on either the client or server side. Our approach guarantees model robustness and the confidentiality of individual updates, removing the need for traditional trust assumptions. This work marks a significant step toward building federated learning environments that are both secure and resilient by design.
Zhen Li
Shandong University of Technology, China
Dr. Li Zhen is Professor at the School of Computer Science and Technology, Shandong University of Technology. He earned his PhD from Nanyang Technological University and served as an SVP-level AI expert at the SPDB Singapore Innovation Center. With more than 60 industry publications, Dr. Li combines deep academic scholarship with industrial impact—leading 20+ production AI projects and securing over 10 million US dollars in project funding. His keynote will focus on leveraging advanced AI techniques to strengthen IoT firmware security, drawing on two decades of cross-disciplinary experience in real-time analytics, large-scale systems and practical deployments.
Abstract:The rapid proliferation of IoT devices has expanded the attack surface and left many devices exposed to N-day vulnerabilities from outdated firmware. Accurate, scalable
firmware-version identification is therefore critical for vulnerability detection and remediation. I present DeepFW, an end-to-end framework that fingerprints firmware by analyzing embedded web interfaces. DeepFW
uses a Fusion Feature Attention Network (FFAN) to capture subtle visual and structural differences and a novel Hard Mining Cosine Triplet-Center Loss (HCTCL) to improve intra-class compactness and inter-class separability
under high firmware homogeneity. Evaluated on 4,442 firmware images and 130,445 extracted web pages, DeepFW outperforms state-of-the-art baselines by >25% on average (precision and recall). Our measurements further
show only 2.28% of devices run the latest firmware, while 6,684 devices (≈61.26%) remain vulnerable to known exploits. The talk will cover DeepFW’s design, experimental validation, and operational implications for
automated vulnerability monitoring and patch prioritization.
Daniel Xiapu Luo
The Hong Kong Polytechnic University, China
Prof. Luo received his B.S. and M.S. from Wuhan University and obtained his Ph.D. degree from the Hong Kong Polytechnic University, under the supervision of Prof. Rocky K.C. Chang. After that, he spent two years at the Georgia Institute of Technology as a post-doctoral research fellow advised by Prof. Wenke Lee. His current research interests include Blockchain and Smart Contracts Security, Mobile/IoT/Vehicle Security, Network Security and Privacy, and Software Engineering with papers published in top-tier security, software engineering, and networking conferences and journals. His research has led to more than ten best/distinguished paper awards, including ACM CCS'24 Distinguished Paper Award, four ACM SIGSOFT Distinguished Paper Awards in ICSE'24, Internetware'24, ISSTA'22 and ICSE’21, Best DeFi Papers Award 2023, Best Paper Award in INFOCOM'18, Best Research Paper Award in ISSRE'16, etc. and several awards from the industry. He received the BOCHK Science and Technology Innovation Prize (FinTech) 2023 for his contribution to blockchain security. He is an ACM Distinguished Member for contributions to safeguarding blockchain and smart contracts along with Android and its applications. He is also listed as the World’s Top 2% Scientists by Stanford University. His research uncovered many severe vulnerabilities in critical infrastructures and applications. Moreover, his work has been utilized by industry to detect and analyze malware and cyberattacks. He actively contributes to the community by participating in program/organization committees for major conferences in security, software engineering, and networking, and by serving as an associate editor for prestigious journals such as IEEE/ACM Transactions on Networking (ToN), IEEE Transactions on Dependable and Secure Computing (TDSC), and ACM Transactions on Privacy and Security (TOPS). He has also received several awards for his service, including the Top Reviewer Award from CCS'22 and the Distinguished TPC Member Award from INFOCOM'23 and INFOCOM'24.
Abstract:In the rapidly evolving world of blockchain technology, hidden vulnerabilities pose significant risks to security and trust. This talk delves into the often-overlooked
weaknesses within the blockchain ecosystem. In particular, I will introduce our latest research on identifying security vulnerabilities within the blockchain ecosystem.
Shabnam Kasra
the University of New South Wales, Australia
Dr. Shabnam Kasra is a Senior Lecturer (Associate Prof equivalent) specializing in cybersecurity at the University of New South Wales (UNSW) at Australian Defence Force Academy. She earned her Ph.D. in Security Sciences, with a focus on Applied Cryptography, from Monash University in Melbourne, Australia. Dr. Kasra has extensive experience in the field of cybersecurity. Her research interests lie in the areas of cryptography, cybersecurity, information privacy, Automotive Cyber Security, and Blockchain.
Abstract:This talk focuses on electromagnetic side-channel attacks (EMSCAs); the non-invasive techniques that recover secrets by measuring unintended EM emissions from microcontrollers,
IoT devices, and cryptographic hardware. A walk through the full attack workflow (signal capture, denoising, leakage modeling, and key recovery via correlation and machine learning), highlight real-world case studies
on AES, and quantify practical requirements (equipment, traces, noise tolerance) will be covered.
Cong Wang
City University of Hong Kong, China
Cong Wang is a Chair Professor and Head of the Department of Computer Science, City University of Hong Kong. His research encompasses data security and privacy, AI systems and security, and blockchain with decentralized applications. He is an IEEE Fellow, an HK RGC Research Fellow, and a Founding Member of the Young Academy of Sciences of Hong Kong. He has served as the Editor-in-Chief for the IEEE Transactions on Dependable and Secure Computing (late 2022 - early 2025), a premier security journal under the IEEE Computer Society.
Abstract:The necessity of safeguarding important and sensitive data has been globally recognized, and there is an urgent call to keep sensitive data always encrypted to protect
the data at rest, in transit, and in use. Satisfying the demand is not easy, especially in the context of modern databases. The difficulty lies in how to perform the database query processing over encrypted data
while meeting the requirements of security, performance, and complex query functions.
In this talk, we will take a retrospective view on encrypted database research. Over the past decade, the field has advanced substantially along two complementary fronts: inferring sensitive information about private data by abusing operational leakage, and mitigating or concealing such leakage under varied query functionalities and performance considerations. We will review recent advancements and key challenges in both areas, and outline a possible roadmap toward encrypted databases that are more secure, efficient, and functionally rich in practice.