The paper proposes a scalable, privacy-preserving framework for iris recognition using Fully Homomorphic Encryption (FHE), achieving accuracy comparable to cleartext while identifying the computationa…

The paper proposes ChaRVoC, a novel Challenge-Response Voice Cancelable authentication system that enhances voice biometrics by integrating inherent voice features, secret keys, and dynamic challenges…

The paper introduces a theoretically grounded evaluation framework for watermarking generative models, proposing a novel method (SSB) that allows for systematic design across all security-robustness-f…

Dual-Guard introduces a dual-channel latent watermarking framework that simultaneously embeds global provenance and localized content anchors into diffusion images, achieving robust detection against…

The paper demonstrates that using synthetic hand images containing accessories, generated via inpainting, significantly improves the robustness of hand detectors for safety-critical applications by cl…

The paper introduces ImageProtector, a user-side method that embeds an imperceptible perturbation into images to prevent Multi-modal Large Language Models (MLLMs) from analyzing and extracting sensiti…

The paper demonstrates that fine-tuning safety guard models on benign data can catastrophically collapse their safety alignment, proposing Fisher-Weighted Safety Subspace Regularization (FW-SSR) to ac…

The paper demonstrates a class of steganographic exfiltration attacks against vector databases by hiding data within embeddings, and proposes VectorPin, a cryptographic provenance protocol to detect s…

The paper proposes AnaFP, a theoretically guided analytical fingerprinting scheme that determines the optimal distance of a model's fingerprint from the decision boundary to ensure both robustness and…

The paper introduces SADBench, a systematic benchmark designed to evaluate both the effectiveness of steganographic attacks injecting harmful content and the robustness of steganalysis defenses agains…

The paper introduces a novel, scalable, and provably secure biometric authentication system designed to authenticate millions of users against cloud databases without requiring auxiliary identifiers.

The paper proposes an efficient and provably secure linguistic steganography method using range coding that achieves high embedding capacity and speed, outperforming existing methods.

LoREnc is a novel, training-free framework that secures Foundation Models (FMs) and LoRA adapters against intellectual property leakage and model recovery attacks by spectrally truncating weights and…

The paper introduces ARES, a novel and practical gradient inversion attack that reconstructs sensitive training samples from large batch updates in Federated Learning without requiring architectural m…

The paper proposes evaluating certified training methods by comparing their Pareto fronts across the natural-certified accuracy trade-off, revealing superior performance and previously unappreciated c…

Ciphera proposes a decentralized biometric identity framework that combines facial recognition with DIDs and VCs, achieving feasible sub-second verification while highlighting challenges in revocation…

The paper proposes a simple, generic attack strategy—re-watermarking—that reliably suppresses existing watermarks, demonstrating that watermarks can be used to attack other watermarks.

Rel-Zero proposes a novel zero-watermarking technique that embeds invisible watermarks by exploiting the invariance of relational distances between image patches during AI editing, achieving superior…

The paper proposes W-IR, a novel watermarking framework that simultaneously achieves high certified robustness against adversarial attacks and effectively mitigates identity leakage in watermarked ima…

The paper demonstrates that combining outputs from multiple large language models (LLMs) effectively cancels out statistical watermarks, revealing a fundamental vulnerability in current AI text detect…