English
Related papers

Related papers: Hiding the Access Pattern is Not Enough: Exploitin…

200 papers

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

An attacker can gain information of a user by analyzing its network traffic. The size of transferred data leaks information about the file being transferred or the service being used, and this is particularly revealing when the attacker has…

Cryptography and Security · Computer Science 2022-09-12 Sebastian Simon , Cezara Petrui , Carlos Pinzón , Catuscia Palamidessi

Encryption provides a method to protect data outsourced to a DBMS provider, e.g., in the cloud. However, performing database operations over encrypted data requires specialized encryption schemes that carefully balance security and…

Cryptography and Security · Computer Science 2021-03-11 Masoumeh Shafieinejad , Suraj Gupta , Jin Yang Liu , Koray Karabina , Florian Kerschbaum

Searchable encryption (SE) is a positive way to protect users sensitive data in cloud computing setting, while preserving search ability on the server side, i.e., it allows the server to search encrypted data without leaking information…

Emerging Technologies · Computer Science 2024-05-14 Wenjie Liu , Yinsong Xu , Wen Liu , Haibin Wang , Zhibin Lei

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar

Malicious server (MS) attacks have enabled the scaling of data stealing in federated learning to large batch sizes and secure aggregation, settings previously considered private. However, many concerns regarding the client-side…

Cryptography and Security · Computer Science 2024-04-16 Kostadin Garov , Dimitar I. Dimitrov , Nikola Jovanović , Martin Vechev

Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views, triggers, and integrity constraints. This is not merely a problem of…

Cryptography and Security · Computer Science 2016-11-18 Marco Guarnieri , Srdjan Marinovic , David Basin

SQL injection attacks, a class of injection flaw in which specially crafted input strings leads to illegal queries to databases, are one of the topmost threats to web applications. A Number of research prototypes and commercial products…

Databases · Computer Science 2015-04-28 Swapnil Kharche , Jagdish patil , Kanchan Gohad , Bharti Ambetkar

In the bounded retrieval model, the adversary can leak a certain amount of information from the message sender's computer (e.g., 10 percent of the hard drive). Bellare, Kane and Rogaway give an efficient symmetric encryption scheme in the…

Cryptography and Security · Computer Science 2023-07-18 Ben Morris , Hans Oberschelp , Hamilton Samraj Santhakumar

We consider membership inference attacks, one of the main privacy issues in machine learning. These recently developed attacks have been proven successful in determining, with confidence better than a random guess, whether a given sample…

Machine Learning · Computer Science 2019-11-20 Rauf Izmailov , Peter Lin , Chris Mesterharm , Samyadeep Basu

Due to increasing privacy concerns, neural network (NN) based secure inference (SI) schemes that simultaneously hide the client inputs and server models attract major research interests. While existing works focused on developing secure…

Cryptography and Security · Computer Science 2020-02-18 Song Bian , Weiwen Jiang , Qing Lu , Yiyu Shi , Takashi Sato

Companies and individuals demand more and more storage space and computing power. For this purpose, several new technologies have been designed and implemented, such as the cloud computing. This technology provides its users with storage…

Cryptography and Security · Computer Science 2020-02-25 Fateh Boucenna

Federated learning is considered as an effective privacy-preserving learning mechanism that separates the client's data and model training process. However, federated learning is still under the risk of privacy leakage because of the…

Machine Learning · Computer Science 2022-06-03 Yuxuan Wan , Han Xu , Xiaorui Liu , Jie Ren , Wenqi Fan , Jiliang Tang

Data encryption limits the power and efficiency of queries. Direct processing of encrypted data should ideally be possible to avoid the need for data decryption, processing, and re-encryption. It is vital to keep the data searchable and…

Cryptography and Security · Computer Science 2022-10-03 Maryam Almarwani , Boris Konev , Alexei Lisitsa

Information leakage to a guessing adversary in index coding is studied, where some messages in the system are sensitive and others are not. The non-sensitive messages can be used by the server like secret keys to mitigate leakage of the…

Information Theory · Computer Science 2022-05-24 Yucheng Liu , Lawrence Ong , Phee Lep Yeoh , Parastoo Sadeghi , Joerg Kliewer , Sarah Johnson

Recent years have seen an increased interest towards strong security primitives for encrypted databases (such as oblivious protocols), that hide the access patterns of query execution, and reveal only the volume of results. However, recent…

Cryptography and Security · Computer Science 2020-08-18 Rishabh Poddar , Stephanie Wang , Jianan Lu , Raluca Ada Popa

Modern computer architectures rely on caches to reduce the latency gap between the CPU and main memory. While indispensable for performance, caches pose a serious threat to security because they leak information about memory access patterns…

Cryptography and Security · Computer Science 2023-06-22 Pablo Cañones , Boris Köpf , Jan Reineke

Security has become a significant concern with the increased popularity of cloud storage services. It comes with the vulnerability of being accessed by third parties. Security is one of the major hurdles in the cloud server for the user…

Cryptography and Security · Computer Science 2023-06-07 Mazharul Islam

Security concerns about a machine learning model used in a prediction-as-a-service include the privacy of the model, the query and the result. Secure inference solutions based on homomorphic encryption (HE) and/or multiparty computation…

Cryptography and Security · Computer Science 2022-09-15 Si Chen , Junfeng Fan

Encrypted search schemes have been proposed to address growing privacy concerns. However, several leakage-abuse attacks have highlighted some security vulnerabilities. Recent attacks assumed an attacker's knowledge containing data…

Cryptography and Security · Computer Science 2025-09-30 Marc Damie , Jean-Benoist Leger , Florian Hahn , Andreas Peter