Feng Hao

Feng Hao
The University of Warwick · Department of Computer Science

PhD

About

86
Publications
29,337
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,451
Citations
Additional affiliations
August 2014 - September 2016
Newcastle University
Position
  • Reader in Security Engineering
December 2010 - present
Newcastle University
Position
  • Professor (Full)

Publications

Publications (86)
Article
Full-text available
This article discusses secure methods to conduct e-voting over a blockchain in three different settings: decentralized voting, centralized remote voting, and centralized polling station voting. These settings cover almost all voting scenarios that occur in practice. A proof-of-concept implementation for decentralized voting over Ethereum’s blockcha...
Article
A novel strong physical unclonable function (PUF), called Probability-based PUF (Prob-PUF), is proposed using the stochastic process of trap emission in nano-scaled transistors. For the first time, the information of trap emission probability is used in the PUF design. This new approach offers ideal immunity to machine learning (ML) attacks. Since...
Article
Full-text available
The Payment Protocol standard BIP70, specifying how payments in Bitcoin are performed by merchants and customers, is supported by the largest payment processors and most widely-used wallets. The protocol has been shown to be vulnerable to refund attacks due to lack of authentication of the refund addresses. In this paper, we give the first formal m...
Article
Polymer banknotes are the trend for printed currency and have been adopted by more than fifty countries worldwide. However, over the past years, the quantity and the quality of polymer counterfeits have been increasing. This shows that the initial advantage of bringing a new polymer technology to fight against counterfeiting is reducing. To maintai...
Preprint
Full-text available
The Payment Protocol standard BIP70, specifying how payments in Bitcoin are performed by merchants and customers, is supported by the largest payment processors and most widely-used wallets. The protocol has been shown to be vulnerable to refund attacks due to lack of authentication of the refund addresses. In this paper, we give the first formal m...
Preprint
Full-text available
Polymer banknotes are the trend for printed currency and have been adopted by more than fifty countries worldwide. However, over the past years, the quantity of polymer counterfeits has been increasing, so has the quality of counterfeits. This shows that the initial advantage of bringing a new polymer technology to fight against counterfeiting is r...
Article
Collaboration is a keystone of defense in the field of cybersecurity. A collaborative detection system allows multiple collaborators or service providers to share their security-incident-response data, in order to effectively identify and isolate stealthy malicious actors who hide their traffic under the umbrella of legitimate Internet data transmi...
Article
Full-text available
On 2 May 2019, during the UK local elections, an e-voting trial was conducted in Gateshead, using a touch-screen end-to-end verifiable e-voting system. This was the first trial of verifiable e-voting for polling station voting in the UK, and it presented a case study to envisage the future of e-voting.
Article
In this article, we propose the first self-tallying decentralized e-voting protocol for a ranked-choice voting system based on Borda count. Our protocol does not need any trusted setup or tallying authority to compute the tally. The voters interact through a publicly accessible bulletin board for executing the protocol in a way that is publicly ver...
Article
Full-text available
The Internet of Things, or IoT, is the network of connected computing devices that have the ability to transfer valued data between each other via the Internet without requiring human intervention. In such a connected environment, the Social Internet of Things (SIoT) has become an emerging trend where multiple IoT devices owned by users support com...
Article
Full-text available
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the web content in a browser in the presence of malicious browser extensions? The problem of exposing confidential user credentials to malicious extensions has been widely understood, which has prompted major banks to deploy two-factor authentication. Ho...
Article
Full-text available
We propose the first auctioneer-free sealed-bid auction protocol with a linear computation and communication complexity O(c), c being the bit length of the bid price. Our protocol, called Self-Enforcing Auction Lot (SEAL), operates in a decentralized setting, where bidders jointly compute the maximum bid while preserving the privacy of losing bids....
Conference Paper
The 5th conference on Security Standardisation Research (SSR'19) is in London, UK, on 11 November 2019, co-located with the ACM Conference on Computer and Communications Security 2019 (CCS'19). This conference aims to provide a preferred venue for the discussion of all topics related to security standardisation, covering both theory and practice. T...
Article
The Internet of Things (IoT) or the Cyber-Physical System (CPS) is the network of connected devices, things and people which collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destinat...
Conference Paper
An end-to-end verifiable (E2E) voting system enables candidates, voters and observers to monitor the integrity of an election process and verify the results without relying on trusted systems. In this paper, we propose a DRE-based Borda count e-voting system called DRE-Borda. The proposed system is E2E verifiable without involving any tallying auth...
Article
Full-text available
In 2006, Hao and Zieliński presented a two‐round veto protocol named anonymous veto network (AV‐net), which is exceptionally efficient in terms of the number of rounds, computation and bandwidth usage. However, AV‐net has two generic issues: (i) a participant who has submitted a veto can find out whether she is the only one who vetoed; (ii) the las...
Preprint
Full-text available
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the web content in a browser in the presence of malicious browser extensions? The problem of exposing confidential user credentials to malicious extensions has been widely understood, which has prompted major banks to deploy two-factor authentication. Ho...
Article
The emerging use of modern technologies has not only benefited society but also attracted fraudsters and criminals to misuse the technology for financial benefits. Fraud over the Internet has increased dramatically, resulting in an annual loss of billions of dollars to customers and service providers worldwide. Much of such fraud directly impacts i...
Article
Threshold password-authenticated secret sharing (TPASS) protocols allow a client to distribute a secret s amongst n servers and protect it with a password pw, so that the client can later recover the secret s from any subset of t of the servers using the password pw. In this paper, we present two efficient TPASS protocols, one is built on two-phase...
Preprint
Full-text available
Cryptocurrency mining in the browser has the potential to provide a new pay-as-you-go monetisation mechanism for consuming digital media over the Web. However, browser mining has recently received strong criticism due to illegitimate use of mining scripts in several popular websites (a practice called cryptojacking). Here we provide the first feasi...
Article
The Internet of Vehicles (IoV) is the network of connected vehicles and transport infrastructure units (Roadside Units (RSU)), which utilizes emerging wireless systems (4G, 5G, LTE) for the communication and sharing of information. The network of connected vehicles enables users to disseminate critical information about events happening on the road...
Article
Full-text available
Botnets are the preeminent source of online crime and arguably one of the greatest threats to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that leverages the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin i...
Article
Full-text available
In the age of IoT (Internet of Things), Machine-to-Machine (M2M) communication has gained significant popularityover the last few years. M2M communication systems may have a large number of autonomous connected devices thatprovide services without human involvement. Interacting with compromised, infected and malicious machines can bringdamaging con...
Article
Full-text available
In the first part of this paper, we propose PINlogger.js which is a JavaScript-based side channel attack revealing user PINs on an Android mobile phone. In this attack, once the user visits a website controlled by an attacker, the JavaScript code embedded in the web page starts listening to the motion and orientation sensor streams without needing...
Article
In online marketplaces (e-commerce, cloud marketplaces), potential buyers/consumers do not have direct access to inspect the quality of products and services offered by service providers or retailers of the marketplace. Therefore, consumers have to trust the reputation system of the online marketplace for deciding whether or not to interact with th...
Article
Reputation systems enable consumers to evaluate the trustworthiness of business entities (retailers, sellers) over the marketplace. In electronic marketplaces, the reputation of an business entity (retailer, seller) is computed by aggregating the “trust-scores” assigned to her by the parties who have had transactions with her. Most reputation syste...
Article
Full-text available
Simple Password Exponential Key Exchange (SPEKE) is a well-known Password Authenticated Key Exchange (PAKE) protocol that has been used in Blackberry phones for secure messaging and Entrust's TruePass end-to-end web products. It has also been included into international standards such as ISO/IEC 11770-4 and IEEE P1363.2. In this paper, we analyse t...
Article
Nuisance or unsolicited calls and instant messages come at any time in a variety of different ways. These calls would not only exasperate recipients with the unwanted ringing, impacting their productivity, but also lead to a direct financial loss to users and service providers. Telecommunication Service Providers (TSPs) often employ standalone dete...
Article
Full-text available
Browser extensions have been established as a common feature present in modern browsers. However, some extension systems risk exposing APIs which are too permissive and cohesive with the browser's internal structure, thus leaving a hole for malicious developers to exploit security critical functionality within the browser itself. In this paper, we...
Conference Paper
The Internet of Things (IoT) is the integration of a large number of autonomous heterogeneous devices that report information from the physical environment to the monitoring system for analytics and meaningful decisions. The compromised machines in the IoT network may not only be used for spreading unwanted content such as spam, malware, viruses et...
Conference Paper
Full-text available
BIP70 is a community-accepted Payment Protocol standard that governs how merchants and customers perform payments in Bitcoin. This standard is supported by most major wallets and the two dominant Payment Processors: Coinbase and BitPay, who collectively provide the infrastructure for accepting Bitcoin as a form of payment to more than 100,000 merch...
Article
Full-text available
Classroom voting is an important pedagogical technique in which students learn by voting on the answers to questions. The same voting platform is also often used for exercises such as rating lecturer performance and voting for prizes. In this paper, we present VCV, an end-to-end (E2E) verifiable classroom voting system built based on the DRE-i prot...
Article
In this paper, we propose a novel paper fingerprinting technique based on analyzing the translucent patterns revealed when a light source shines through the paper. These patterns represent the inherent texture of paper, formed by the random interleaving of wooden particles during the manufacturing process. We show these patterns can be easily captu...
Conference Paper
Full-text available
In a contactless transaction, when more than one card is presented to the payment terminal’s field, the terminal does not know which card to choose to proceed with the transaction. This situation is called card collision. EMV (which is the primary standard for smart card payments) specifies that the reader should not proceed when it detects a card...
Article
In a two-server password-authenticated key exchange (PAKE) protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the cli...
Conference Paper
Full-text available
Nearly all verifiable e-voting schemes require trustworthy authorities to perform the tallying operations. An exception is the DRE-i system which removes this requirement by pre-computing all encrypted ballots before the election using random factors that will later cancel out and allow the public to verify the tally after the election. While the r...
Conference Paper
Full-text available
Bitcoin as deployed today does not scale. Scalability research has focused on two directions: (1) redesigning the Blockchain protocol, and (2) facilitating ‘off-chain transactions’ and only consulting the Blockchain if an adjudicator is required. In this paper we focus on the latter and provide an overview of Bitcoin payment networks. These consist...
Article
Conforming to W3C specifications, mobile web browsers allow JavaScript code in a web page to access motion and orientation sensor data without the user's permission. The associated risks to user security and privacy are however not considered in W3C specifications. In this work, for the first time, we show how user security can be compromised using...
Conference Paper
Full-text available
Mobile NFC payment is an emerging industry, estimated to reach $670 billion by 2015. The Mafia attack presents a realistic threat to payment systems including mobile NFC payment. In this attack, a user consciously initiates an NFC payment against a legitimate-looking NFC reader (controlled by the Mafia), not knowing that the reader actually relays...
Conference Paper
Full-text available
Bitcoin is designed to protect user anonymity (or pseudo nymity) in a financial transaction, and has been increasingly adopted by major e-commerce websites such as Dell, PayPal and Expedia. While the anonymity of Bitcoin transactions has been extensively studied, little attention has been paid to the security of post-transaction correspondence. In...
Conference Paper
Threshold password-authenticated secret sharing (TPASS) protocols allow a client to secret-share a secret s among n servers and protect it with a password \(\mathsf {pw}\), so that the client can later recover s from any subset of t of the servers using the password \(\mathsf {pw}\), but so that no coalition smaller than t learns anything about s o...
Article
Full-text available
Existing software-based data erasure programs can be summarized as following the same one-bit-return protocol: the deletion program performs data erasure and returns either success or failure. However, such a onebit- return protocol turns the data deletion system into a black box - the user has to trust the outcome but cannot easily verify it. This...
Conference Paper
Conforming to the recent W3C specifications (www.w3.org/TR/orientation-event), modern mobile web browsers generally allow JavaScript code in a web page to access motion and orientation sensor data without the user's permission. The associated risks to user privacy are however not considered in W3C specifications. In this work, for the first time, w...
Conference Paper
Full-text available
In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic "fairy-ring dance" construction that transforms any secure two-party PAKE scheme to a group PAKE protocol while preserving the round efficiency in the optimal way. Based on this generic construction, we present two concrete instantiations base...
Conference Paper
Full-text available
Botnets are the preeminent source of online crime and arguably the greatest threat to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that runs on the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin is designed...
Conference Paper
Full-text available
In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic " fairy-ring dance " construction that transforms any secure two-party PAKE scheme to a group PAKE protocol while preserving the round efficiency in the optimal way. Based on this generic construction, we present two concrete instantiations ba...
Conference Paper
Full-text available
The SPEKE protocol is commonly considered one of the classic Password Authenticated Key Exchange (PAKE) schemes. It has been included in international standards (particularly, ISO/IEC 11770-4 and IEEE 1363.2) and deployed in commercial products (e.g., Blackberry). We observe that the original SPEKE specification is subtly different from those defin...
Article
Full-text available
Dragonfly is a password authenticated key exchange protocol that has been submitted to the Internet engineering task force as a candidate standard for general internet use. The authors analysed the security of this protocol and devised an attack that is capable of extracting both the session key and password from an honest party. This attack was th...
Conference Paper
In two-server password-authenticated key exchange (PAKE) protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the clien...
Article
Full-text available
Private browsing has been a popular privacy feature built into all mainstream browsers since 2005. However, despite its prevalent use, the security of this feature has received little attention from the research community. In this paper, we present an up-to-date and comprehensive analysis of private browsing across four most popular web browsers: I...
Article
Full-text available
This paper presents a new End-to-End (E2E) verifiable e-voting protocol for large-scale elections, called Direct Recording Electronic with Integrity (DRE-i). In contrast to all other E2E verifiable voting schemes, ours does not involve any Tallying Authorities (TAs). The design of DRE-i is based on the hypothesis that existing E2E voting protocols’...
Article
If two parties wish to safely communicate over an insecure channel, one method they may use is to first run an authenticated key exchange protocol over this channel so as to jointly and secretly construct a cryptographically strong session key that can serve to subsequently secure further bulk communication. This chapter is an introduction to the d...
Chapter
If two parties wish to safely communicate over an insecure channel, one method they may use is to first run an authenticated key exchange protocol over this channel so as to jointly and secretly construct a cryptographically strong session key that can serve to subsequently secure further bulk communication. This chapter is an introduction to the d...
Conference Paper
Full-text available
In this paper, we propose – and have implemented – the first verifiable classroom voting system. The subject of secure classroom voting has so far received almost no attention from the security community. Though several commercial classroom voting systems have been available, none of them is verifiable. State-of-the-art verifiable voting protocols...
Conference Paper
Hi, good afternoon everyone. We have come to the last talk. I know many of you are probably desperate for a pint in the pub, so I will make your life easy and keep the talk short. This talk is about “verifiable classroom voting”. If you look for the literature on this subject, you will probably find none. The reason should become clear later in the...
Conference Paper
Full-text available
This paper shows several security weaknesses of a Multi-Factor Authenticated Key Exchange (MK-AKE) protocol, proposed by Pointcheval and Zimmer at ACNS'08. The Pointcheval-Zimmer scheme was designed to combine three authentication factors in one system, including a password, a secure token (that stores a private key) and biometrics. In a formal mod...
Conference Paper
Verifiable electronic voting has been extensively researched for over twenty years, but few protocols have achieved real-life deployment. A key impediment, we argue, is caused by the existing protocols' universal reliance on the probity of the tallying authorities. This might seem surprising to many people as dependence on tallying authorities has...
Conference Paper
Good morning everyone. In the past six months I have been doing some preliminary investigation on what the future e-voting will look like. We have made some progress and I would like to share with you our findings, and also highlight some open problems. I would appreciate your comments and critics. For this presentation I have prepared an election....
Conference Paper
Full-text available
Official trials were conducted of a number of e-voting systems in the UK in 2002/3 and 2007 during local government elections, yet none of these test systems were subsequently used in any further elections, and all trials were suspended in 2008. We describe these trials, concentrating on the second more extensive 2007 trial, and how their results w...
Article
Full-text available
Hao, Ryan & Zieliski (2010) propose a two-round decentralized voting protocol that is efficient in terms of rounds, computation, and bandwidth. However, the protocol has two drawbacks. First, if some voters abort then the election result cannot be announced, that is, the protocol is not robust. Secondly, the last voter can learn the election result...
Conference Paper
Full-text available
This talk is about How to Sync with Alice. It is joint work with Peter Ryan. Life used to be simple; you have only one desktop computer. Then you have laptop, which is more convenient, and is becoming inexpensive. In the past five years you’ve seen the rise of smartphones, and tablets. So the computer has been evolving. It used to be bulky, and fix...
Conference Paper
Full-text available
This paper explains the sync problem and compares solutions in Firefox 4 and Chrome 10. The sync problem studies how to securely synchronize data across different computers. Google has added a built-in sync function in Chrome 10, which uses a user-defined password to encrypt bookmarks, history, cached passwords etc. However, due to the low-entropy...
Article
Full-text available
Password Authenticated Key Exchange (PAKE) is one of the important topics in cryp- tography. It aims to address a practical security problem: how to establish secure communication between two parties solely based on a shared password without requiring a Public Key Infrastruc- ture (PKI). After more than a decade of extensive research in this fleld,...
Article
Full-text available
In 2006, Hao and Zieliński proposed a two-round anonymous veto protocol (called AV-net), which provided exceptional efficiency compared to related techniques. In this study, the authors add a self-tallying function to the AV-net, making it a general-purpose voting protocol. The new protocol works in the same setting as the AV-net ́ it requires no t...
Article
Full-text available
The small subgroup confinement attack works by confining cryptographic operations within a small subgroup, in which exhaustive search is feasible. This attack is overt and hence can be easily thwarted by adding a public key validation: verifying the received group element has proper order. In this paper, we present a different aspect of the small s...
Conference Paper
Full-text available
We describe two new attacks on the HMQV protocol. The first attack raises a serious question on the basic definition of “authentication” in HMQV, while the second attack is generally applicable to many other protocols. In addition, we present a new authenticated key agreement protocol called YAK. Our approach is to depend on well-established techni...