Fwd: [security-lunch] Jul 1 | Paul Gerhart on "Trace: Complete Client-Side Account Access Logging"

2 views
Skip to first unread message

Alan Karp

unread,
Jun 29, 2026, 5:46:17 PM (3 days ago) Jun 29
to <friam@googlegroups.com>

--------------
Alan Karp


---------- Forwarded message ---------
From: Michael Leo Paper via security-lunch <securit...@lists.stanford.edu>
Date: Mon, Jun 29, 2026 at 11:49 AM
Subject: [security-lunch] Jul 1 | Paul Gerhart on "Trace: Complete Client-Side Account Access Logging"
To: securit...@lists.stanford.edu <securit...@lists.stanford.edu>


Security Lunch ☀️ Ed. — Wednesday,  July 1st, 2026, 12:00 pm @ CoDa E160

Trace: Complete Client-Side Account Access Logging
Paul Gerhart
Can't make it in person? Join us on zoom.
See our past & upcoming events on our website


Abstract: 
Despite improvements to authentication mechanisms, account compromise remains frequent and users need a trustworthy way to determine what devices have accessed their accounts.  Doing so, however, is in tension with privacy goals on the modern web, which mandate that web services not learn static device identifiers. Recent work aims to address this tension via client-side encrypted access logging (CSAL), but their approach does not allow retrieving all log entries and users may miss information about adversarial accesses. This talk presents Trace, a new CSAL system that achieves complete logging while preserving privacy.  Trace records verifiable evidence of each authentication in an encrypted log stored by an independent logging service, ensuring that only the user can inspect it.  The web service remains unaware of the logging, preserving backward compatibility with existing authentication infrastructures.

Bio:
Paul Gerhart is a fourth-year PhD student at TU Wien, supervised by Dominique Schröder. His research involves designing and analysing advanced cryptographic protocols, including advanced signatures, distributed key generation and authentication protocols.
_______________________________________________
security-lunch mailing list
securit...@lists.stanford.edu
https://mailman.stanford.edu/mailman/listinfo/security-lunch
Reply all
Reply to author
Forward
0 new messages