English
Related papers

Related papers: CryptoExplorer: An Interactive Web Platform Suppor…

200 papers

To ensure the quality of software systems, software engineers can make use of a variety of quality assurance approaches, such as software testing, modern code review, automated static analysis, and build automation. Each of these quality…

Software Engineering · Computer Science 2026-04-21 Ali Khatami , Andy Zaidman

Frequently advised secure development recommendations often fall short in practice for app developers. Tool-driven (e.g., using static analysis tools) approaches lack context and domain-specific requirements of an app being tested. App…

Software Engineering · Computer Science 2021-11-04 Muhammad Sajidur Rahman , Blas Kojusner , Ryon Kennedy , Prerit Pathak , Lin Qi , Byron Williams

Modern software development requires a large investment in learning application programming interfaces (APIs). Recent research found that the learning materials themselves are often inadequate: developers struggle to find answers beyond…

Software Engineering · Computer Science 2014-02-07 Adrian Kuhn , Robert DeLine

GraphQL is a query language for APIs and a runtime to execute queries. Using GraphQL queries, clients define precisely what data they wish to retrieve or mutate on a server, leading to fewer round trips and reduced response sizes. Although…

Software Engineering · Computer Science 2019-07-31 Erik Wittern , Alan Cha , James C. Davis , Guillaume Baudart , Louis Mandel

Large language model fine-tuning APIs enable widespread model customization, yet pose significant safety risks. Recent work shows that adversaries can exploit access to these APIs to bypass model safety mechanisms by encoding harmful…

Machine Learning · Computer Science 2025-08-26 Jack Youstra , Mohammed Mahfoud , Yang Yan , Henry Sleight , Ethan Perez , Mrinank Sharma

We propose a novel approach to improving software security called Cryptographic Path Hardening, which is aimed at hiding security vulnerabilities in software from attackers through the use of provably secure and obfuscated cryptographic…

Software Engineering · Computer Science 2012-02-03 Vijay Ganesh , Michael Carbin , Martin Rinard

Code generation tools driven by artificial intelligence have recently become more popular due to advancements in deep learning and natural language processing that have increased their capabilities. The proliferation of these tools may be a…

Software Engineering · Computer Science 2024-01-09 Owura Asare , Meiyappan Nagappan , N. Asokan

Mobile applications rely on complex backends that introduce significant security risks, yet developers often lack the tools to assess these risks effectively. This paper presents AndroScanner, an automated pipeline for detecting…

Cryptography and Security · Computer Science 2026-04-17 Harini Dandu

Proof-of-concept exploits help demonstrate software vulnerability beyond doubt and communicate attacks to non-experts. But exploits can be configuration-specific, for example when in Security APIs, where keys are set up specifically for the…

Cryptography and Security · Computer Science 2024-10-03 Robert Künnemann , Julian Biehl

There is burgeoning interest in designing AI-based systems to assist humans in designing computing systems, including tools that automatically generate computer code. The most notable of these comes in the form of the first self-described…

Cryptography and Security · Computer Science 2021-12-17 Hammond Pearce , Baleegh Ahmad , Benjamin Tan , Brendan Dolan-Gavitt , Ramesh Karri

Ever since its inception, cryptography has been caught in a vicious circle: Cryptographers keep inventing methods to hide information, and cryptanalysts break them, prompting cryptographers to invent even more sophisticated encryption…

Quantum Physics · Physics 2023-06-14 Renato Renner , Ramona Wolf

The Model Context Protocol (MCP) is rapidly emerging as the middleware for LLM-based applications, offering a standardized interface for tool integration. However, its built-in security mechanisms are minimal: while schemas and declarations…

Cryptography and Security · Computer Science 2025-12-04 Biwei Yan , Yue Zhang , Minghui Xu , Hao Wu , Yechao Zhang , Kun Li , Guoming Zhang , Xiuzhen Cheng

Blockchain, as a distributed ledger technology, becomes increasingly popular, especially for enabling valuable cryptocurrencies and smart contracts. However, the blockchain software systems inevitably have many bugs. Although bugs in smart…

Cryptography and Security · Computer Science 2023-02-22 Xiao Yi , Daoyuan Wu , Lingxiao Jiang , Yuzhou Fang , Kehuan Zhang , Wei Zhang

With the increasing use of online services, the protection of the privacy of users becomes more and more important. This is particularly critical as authentication and authorization as realized on the Internet nowadays, typically relies on…

Cryptography and Security · Computer Science 2025-03-05 Daniel Slamanig

Following code style conventions in software projects is essential for maintaining overall code quality. Adhering to these conventions improves maintainability, understandability, and extensibility. Additionally, following best practices…

Software Engineering · Computer Science 2026-01-16 Alvari Kupari , Nasser Giacaman , Valerio Terragni

Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead…

Cryptography and Security · Computer Science 2023-07-11 Markus Dahlmanns , Constantin Sander , Robin Decker , Klaus Wehrle

While Ethereum's discovery protocols (Discv4/ Discv5) incorporate robust cryptographic designs to protect user privacy, real-world deployment reveals critical vulnerabilities when users deviate from security guidelines. In this paper, we…

Cryptography and Security · Computer Science 2025-07-03 Chenyu Li , Xueping Liang , Xiaorui Gong , Xiu Zhang

Exploit proof-of-concepts (PoCs) for known vulnerabilities are widely shared in the security community. They help security analysts to learn from each other and they facilitate security assessments and red teaming tasks. In the recent…

Cryptography and Security · Computer Science 2023-06-08 Soufian El Yadmani , Robin The , Olga Gadyatskaya

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari

Generating secure random numbers is a central problem in cryptography that needs a reliable source of enough computing entropy. Without enough entropy available - meaning no good source of secure random numbers - a device is susceptible to…

Cryptography and Security · Computer Science 2018-10-02 JV Roig