Paper Suggestions

Differential Privacy

• Frank McSherry and Kunal Talwar. Mechanism Design via Differential Privacy. FOCS 2007.
• Cynthia Dwork, Moni Naor, Toniann Pitassi, and Guy Rothblum. Differential Privacy under Continual Observation. STOC 2010.
• T.-H. Hubert Chan, Elaine Shi, and Dawn Song. Private and Continual Release of Statistics. ICALP 2010.
• Moritz Hardt, Katrina Ligett, and Frank McSherry. A Simple and Practical Algorithm for Differentially Private Data Release. NIPS 2012.
• Daniel Kifer and Ashwin Machanavajjhala. A Rigorous and Customizable Framework for Privacy. PODS 2012.
• Úlfar Erlingsson, Vasyl Pihur, and Aleksandra Korolova. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. CCS 2014.
• Cynthia Dwork, Moni Naor, Omer Reingold, and Guy N. Rothblum. Pure Differential Privacy for Rectangle Queries via Private Partitions. ASIACRYPT 2015.
• Matthew Joseph, Aaron Roth, Jonathan Ullman, and Bo Waggoner. Local Differential Privacy for Evolving Data.

Applied Cryptography

• Benjamin Braun, Ariel J. Feldman, Zuocheng Ren, Srinath Setty, Andrew J. Blumberg, and Michael Walfish. Verifying Computations with State. SOSP 2013.
• Bryan Parno, Jon Howell, Craig Gentry, and Mariana Raykova. Pinocchio: Nearly Practical Verifiable Computation. S&P 2013.
• Aseem Rastogi, Matthew A. Hammer and Michael Hicks. Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. S&P 2014.
• Shai Halevi and Victor Shoup. Algorithms in HElib. CRYPTO 2014.
• Shai Halevi and Victor Shoup. Bootstrapping for HElib. EUROCRYPT 2015.
• Léo Ducas and Daniele Micciancio. FHEW: Bootstrapping Homomorphic Encryption in Less than a Second. EUROCRYPT 2015.
• Peter Kairouz, Sewoong Oh, and Pramod Viswanath. Secure Multi-party Differential Privacy. NIPS 2015.
• Arjun Narayan, Ariel Feldman, Antonis Papadimitriou, and Andreas Haeberlen. Verifiable Differential Privacy. EUROSYS 2015.

Language-Based Security

• Martín Abadi and Andrew D. Gordon. A Calculus for Cryptographic Protocols: The Spi Calculus. Information and Computation, 1999.
• Frank McSherry. Privacy Integrated Queries. SIGMOD 2009.
• Jason Reed and Benjamin C. Pierce. Distance Makes the Types Grow Stronger: A Calculus for Differential Privacy. ICFP 2010.
• Daniel B. Griffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John C. Mitchell, and Alejandro Russo. Hails: Protecting Data Privacy in Untrusted Web Applications. OSDI 2012.
• Danfeng Zhang, Aslan Askarov, and Andrew C. Myers. Language-Based Control and Mitigation of Timing Channels. PLDI 2012.
• Andrew Miller, Michael Hicks, Jonathan Katz, and Elaine Shi. Authenticated Data Structures, Generically. POPL 2014.
• Gilles Barthe, Marco Gaboardi, Emilio Jesús Gallego Arias, Justin Hsu, Aaron Roth, and Pierre-Yves Strub. Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy. POPL 2015.
• Samee Zahur and David Evans. Obliv-C: A Language for Extensible Data-Oblivious Computation. IACR 2015.
• Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yan Huang, and Elaine Shi. ObliVM: A Programming Framework for Secure Computation. S&P 2015.
• Andrew Ferraiuolo, Rui Xu, Danfeng Zhang, Andrew C. Myers, and G. Edward Suh. Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis. ASPLOS 2017.

Adversarial Machine Learning

• Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus. Intriguing Properties of Neural Networks. ICLR 2014.
• Ian J. Goodfellow, Jonathon Shlens, and Christian Szegedy. Explaining and Harnessing Adversarial Examples. ICLR 2015.
• Nicholas Carlini and David Wagner. Towards Evaluating the Robustness of Neural Networks. S&P 2017.
• Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaowei Xiao, Atul Prakash, Tadayoshi Kohno, and Dawn Song. Robust Physical-World Attacks on Deep Learning Models. CVPR 2018.
• Nicholas Carlini and David Wagner. Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods. AISec 2017.
• Jacob Steinhardt, Pang Wei Koh, and Percy Liang. Certified Defenses for Data Poisoning Attacks. NIPS 2017.
• Aleksander Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras, and Adrian Vladu. Towards Deep Learning Models Resistant to Adversarial Attacks. ICLR 2018.

Supplemental Material

• Cynthia Dwork and Aaron Roth. Algorithmic Foundations of Data Privacy.
• Gilles Barthe, Marco Gaboardi, Justin Hsu, and Benjamin C. Pierce. Programming Language Techniques for Differential Privacy.
• Michael Walfish and Andrew J. Blumberg. Verifying Computations without Reexecuting Them.
• Véronique Cortier, Steve Kremer, and Bogdan Warinschi. A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems.
• Dan Boneh and Victor Shoup. A Graduate Course in Applied Cryptography.