English
Related papers

Related papers: A "Final" Security Bug

200 papers

An attacker that gains access to a cryptocurrency user's private keys can perform any operation in her stead. Due to the decentralized nature of most cryptocurrencies, no entity can revert those operations. This is a central challenge for…

Cryptography and Security · Computer Science 2021-06-03 Uri Kirstein , Shelly Grossman , Michael Mirkin , James Wilcox , Ittay Eyal , Mooly Sagiv

In the era of social media and messaging applications, people are becoming increasingly aware of data privacy issues associated with such apps. Major messaging applications are moving towards end-to-end encryption (E2EE) to give their users…

Cryptography and Security · Computer Science 2021-08-02 Raman Singh , Ark Nandan Singh Chauhan , Hitesh Tewari

Vulnerabilities in open source packages can be a security risk for the client projects that use these packages as dependencies. When a new vulnerability is discovered in a package, the package should quickly release a fix in a new version,…

Cryptography and Security · Computer Science 2021-12-14 Nasif Imtiaz , Aniqa Khanom , Laurie Williams

Android is an open source mobile operating system that is developed mainly by Google. It is used on a significant portion of mobile devices worldwide. In this paper, I will be looking at an attack commonly known as tapjacking. I will be…

Cryptography and Security · Computer Science 2015-08-03 Benjamin Lim

We present a comprehensive dataset of Java vulnerability-fixing commits (VFCs) to advance research in Java vulnerability analysis. Our dataset, derived from thousands of open-source Java projects on GitHub, comprises two variants: JavaVFC…

Software Engineering · Computer Science 2024-09-10 Tan Bui , Yan Naing Tun , Yiran Cheng , Ivana Clairine Irsan , Ting Zhang , Hong Jin Kang

This paper describes a reduction from the halting problem of Turing machines to subtype checking in Java. It follows that subtype checking in Java is undecidable, which answers a question posed by Kennedy and Pierce in 2007. It also follows…

Programming Languages · Computer Science 2016-11-08 Radu Grigore

Timing side-channel attacks exploit secret-dependent execution time to fully or partially recover secrets of cryptographic implementations, posing a severe threat to software security. Constant-time programming discipline is an effective…

Cryptography and Security · Computer Science 2024-02-22 Luwei Cai , Fu Song , Taolue Chen

Cryptography misuses are prevalent in the wild. Crypto APIs are hard to use for developers, and static analysis tools do not detect every misuse. We developed SafEncrypt, an API that streamlines encryption tasks for Java developers. It is…

Cryptography and Security · Computer Science 2024-09-10 Ehsan Firouzi , Ammar Mansuri , Mohammad Ghafari , Maziar Kaveh

Recently, Tian et al presented an article, in which they discussed some security weaknesses of Yoon et al's scheme and subsequently proposed two ``improved'' schemes. In this paper, we show that the Tian et al's schemes are insecure and…

Cryptography and Security · Computer Science 2007-12-19 Manik Lal Das

A Java File Security System (JFSS) [1] has been developed by us. That is an ecrypted file system. It is developed by us because there are so many file data breaches in the past and current history and they are going to increase day by day…

Software Engineering · Computer Science 2013-12-09 Brijender Kahanwal , Tejinder Pal Singh

A program's exceptional behavior can substantially complicate its control flow, and hence accurately reasoning about the program's correctness. On the other hand, formally verifying realistic programs is likely to involve exceptions -- a…

Programming Languages · Computer Science 2024-10-03 Marco Paganoni , Carlo A. Furia

Motivated by the rise of quantum computers, existing public-key cryptosystems are expected to be replaced by post-quantum schemes in the next decade in billions of devices. To facilitate the transition, NIST is running a standardization…

Cryptography and Security · Computer Science 2022-03-02 Saad Islam , Koksal Mus , Richa Singh , Patrick Schaumont , Berk Sunar

The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security…

Cryptography and Security · Computer Science 2012-08-17 Manas Gaur

Research in cybersecurity may seem reactive, specific, ephemeral, and indeed ineffective. Despite decades of innovation in defense, even the most critical software systems turn out to be vulnerable to attacks. Time and again. Offense and…

Cryptography and Security · Computer Science 2024-09-04 Marcel Böhme

We analyse the 2025 Signalgate leak of sensitive US military information by the Trump administration, addressing why confidentiality was violated (messages leaked to the press) in spite of encryption (Signal), to deepen the socio-technical…

Cryptography and Security · Computer Science 2026-04-22 Maurice Chiodo , Toni Erskine , Dennis Müller , James G. Wright

Smart contracts enable contract terms to be automatically executed and verified on the blockchain, and recent years have witnessed numerous applications of them in areas such as financial institutions and supply chains. The execution logic…

Software Engineering · Computer Science 2025-12-16 Lantian Li , Yuyu Chen , Jingwen Wu , Yue Pan , Zhongxing Yu

In the official whitepaper of Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), AMD explicitly emphasizes the capability to prevent Trusted Computing Base (TCB) rollback attacks. Cryptographically, this is realized by…

Cryptography and Security · Computer Science 2026-05-14 Muyan Shen , Yu Qin

Components of machine learning systems are not (yet) perceived as security hotspots. Secure coding practices, such as ensuring that no execution paths depend on confidential inputs, have not yet been adopted by ML developers. We initiate…

Cryptography and Security · Computer Science 2020-11-04 Zhen Sun , Roei Schuster , Vitaly Shmatikov

Background: Despite the widespread use of automated security defect detection tools, software projects still contain many security defects that could result in serious damage. Such tools are largely context-insensitive and may not cover all…

Software Engineering · Computer Science 2023-07-06 Jiaxin Yu , Liming Fu , Peng Liang , Amjed Tahir , Mojtaba Shahin

Software obfuscation or obscuring a software is an approach to defeat the practice of reverse engineering a software for using its functionality illegally in the development of another software. Java applications are more amenable to…

Cryptography and Security · Computer Science 2009-04-23 Praveen Sivadasan , P Sojan Lal