English
Related papers

Related papers: A "Final" Security Bug

200 papers

Smart contracts on a blockchain behave precisely as specified by their code. A vulnerability in this code can lead to unexpected behaviour, which is hard to fix because a blockchain does not allow to change smart contract code after its…

Programming Languages · Computer Science 2019-11-27 Markus Knecht

End-to-End Encryption (E2EE) aims to make all messages impossible to read by anyone except you and your intended recipient(s). Many well-known and widely used Instant-Messaging (IM) applications (such as Signal, WhatsApp, and Apple's…

Cryptography and Security · Computer Science 2023-07-10 Mashari Alatawi , Nitesh Saxena

The security of the Internet rests on a small number of open-source cryptographic libraries: a vulnerability in any one of them threatens to compromise a significant percentage of web traffic. Despite this potential for security impact, the…

Cryptography and Security · Computer Science 2021-07-13 Jenny Blessing , Michael A. Specter , Daniel J. Weitzner

Platforms are nowadays typically equipped with tristed execution environments (TEES), such as Intel SGX and ARM TrustZone. However, recent microarchitectural attacks on TEEs repeatedly broke their confidentiality guarantees, including the…

Cryptography and Security · Computer Science 2023-06-07 Dhiman Chakraborty , Michael Schwarz , Sven Bugiel

Technical debt (TD) describes the additional costs that emerge when developers have opted for a quick and easy solution to a problem, rather than a more effective and well-designed, but time-consuming approach. Self-Admitted Technical Debts…

Software Engineering · Computer Science 2025-08-12 Nam Le Hai , Anh M. T. Bui , Phuong T. Nguyen , Davide Di Ruscio , Rick Kazman

As the Internet of Things (IoT) emerges over the next decade, developing secure communication for IoT devices is of paramount importance. Achieving end-to-end encryption for large-scale IoT systems, like smart buildings or smart cities, is…

Cryptography and Security · Computer Science 2020-03-04 Sam Kumar , Yuncong Hu , Michael P Andersen , Raluca Ada Popa , David E. Culler

This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the form of masked characters that indicate keystrokes. To this end, we developed an attack called Password and…

The Web public key infrastructure is essential to providing secure communication on the Internet today, and certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates…

Cryptography and Security · Computer Science 2022-03-04 Sarah Meiklejohn , Joe DeBlasio , Devon O'Brien , Chris Thompson , Kevin Yeo , Emily Stark

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could…

Cryptography and Security · Computer Science 2019-07-08 A. P. Shivarpatna Venkatesh , A. Bhat Handadi , M. Mory

Background: Previous studies have shown that up to 99.59 % of the Java apps using crypto APIs misuse the API at least once. However, these studies have been conducted on Java and C, while empirical studies for other languages are missing.…

Software Engineering · Computer Science 2021-09-03 Anna-Katharina Wickert , Lars Baumgärtner , Florian Breitfelder , Mira Mezini

GitHub is one of the most widely used public code development platform. However, the code hosted publicly on the platform is vulnerable to commit spoofing that allows an adversary to introduce malicious code or commits into the repository…

Software Engineering · Computer Science 2025-04-29 Anupam Sharma , Sreyashi Karmakar , Gayatri Priyadarsini Kancherla , Abhishek Bichhawat

Completely Automated Public Turing Test To Tell Computers and Humans Apart (CAPTCHA) has been implemented on many websites to identify between harmful automated bots and legitimate users. However, the revenue generated by the bots has…

Cryptography and Security · Computer Science 2023-06-14 Rui Jin , Lin Huang , Jikang Duan , Wei Zhao , Yong Liao , Pengyuan Zhou

Android is the most used Operating System worldwide for mobile devices, with hundreds of thousands of apps downloaded daily. Although these apps are primarily written in Java and Kotlin, advanced functionalities such as graphics or…

Cryptography and Security · Computer Science 2024-12-03 Silvia Lucia Sanna , Diego Soi , Davide Maiorca , Giorgio Fumera , Giorgio Giacinto

The software supply chain is becoming a widespread analogy to designate the series of steps taken to go from source code published by developers to executables running on the users? computers. A security vulnerability in any of these steps…

Software Engineering · Computer Science 2022-06-30 Ludovic Courtès

Recently, the Dragonblood attacks have attracted new interests on the security of WPA-3 implementation and in particular on the Dragonfly code deployed on many open-source libraries. One attack concerns the protection of users passwords…

Cryptography and Security · Computer Science 2020-12-09 Daniel De Almeida Braga , Pierre-Alain Fouque , Mohamed Sabt

Non-interference is a semantic program property that assigns confidentiality levels to data objects and prevents illicit information flows from occurring from high to low security levels. In this paper, we present a novel security model for…

Cryptography and Security · Computer Science 2010-06-23 Mauricio Alba-Castro , María Alpuente , Santiago Escobar

The Algebraic Eraser has been gaining prominence as SecureRF, the company commercializing the algorithm, increases its marketing reach. The scheme is claimed to be well-suited to IoT applications but a lack of detail in available…

Cryptography and Security · Computer Science 2016-06-03 Simon R. Blackburn , M. J. B. Robshaw

Last-level cache side-channel attacks have been mostly demonstrated in highly-controlled, quiescent local environments. Hence, it is unclear whether such attacks are feasible in a production cloud environment. In the cloud, side channels…

Cryptography and Security · Computer Science 2024-05-22 Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher , Josep Torrellas

Recently, Zou et al. [Phys. Rev. A 82, 042325 (2010)] pointed out that two arbitrated quantum signature (AQS) schemes are not secure, because an arbitrator cannot arbitrate the dispute between two users when a receiver repudiates the…

Quantum Physics · Physics 2013-05-30 Song-Kong Chong , Yi-Ping Luo , Tzonelih Hwang

Real-time, online-editing web apps provide free and convenient services for collaboratively editing, sharing and storing files. The benefits of these web applications do not come for free: not only do service providers have full access to…

Cryptography and Security · Computer Science 2019-11-19 Yihao Hu , Ari Trachtenberg , Prakash Ishwar
‹ Prev 1 8 9 10 Next ›