English
Related papers

Related papers: QFuzz: Quantitative Fuzzing for Side Channels

200 papers

Fuzz testing is a fundamental technique employed to identify vulnerabilities within software systems. However, the process can be protracted and resource-intensive, especially when confronted with extensive codebases. In this work, I…

Software Engineering · Computer Science 2024-12-12 Saket Upadhyay

The Instruction Set Architecture (ISA) defines processor operations and serves as the interface between hardware and software. As an open ISA, RISC-V lowers the barriers to processor design and encourages widespread adoption, but also…

Cryptography and Security · Computer Science 2026-01-21 Hao Lyu , Jingzheng Wu , Xiang Ling , Yicheng Zhong , Zhiyuan Li , Tianyue Luo

Quantum computing is a new technology that is expected to revolutionize the computation paradigm in the next few years. Qubits exploit the quantum physics proprieties to increase the parallelism and speed of computation. Unfortunately,…

Emerging Technologies · Computer Science 2022-04-12 Daniel Oliveira , Edoardo Giusto , Emanuele Dri , Nadir Casciola , Betis Baheri , Qiang Guan , Bartolomeo Montrucchio , Paolo Rech

Quantization is a promising technique for reducing the bit-width of deep models to improve their runtime performance and storage efficiency, and thus becomes a fundamental step for deployment. In real-world scenarios, quantized models are…

Machine Learning · Computer Science 2024-04-09 Qun Li , Yuan Meng , Chen Tang , Jiacheng Jiang , Zhi Wang

Compression is an emerging source of exploitable side-channel leakage that threatens data security, particularly in web applications where compression is indispensable for performance reasons. Current approaches to mitigating compression…

Cryptography and Security · Computer Science 2019-09-19 Brandon Paulsen , Chungha Sung , Peter A. H. Peterson , Chao Wang

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, belief, and channel capacity. This paper investigates…

Cryptography and Security · Computer Science 2011-12-20 Hirotoshi Yasuoka , Tachio Terauchi

Compression algorithms are widely used as they save memory without losing data. However, elimination of redundant symbols and sequences in data leads to a compression side channel. So far, compression attacks have only focused on the…

Cryptography and Security · Computer Science 2021-11-17 Martin Schwarzl , Pietro Borrello , Gururaj Saileshwar , Hanna Müller , Michael Schwarz , Daniel Gruss

Fuzzing has proven to be very effective for discovering certain classes of software flaws, but less effective in helping developers process these discoveries. Conventional crash-based fuzzers lack enough information about failures to…

Cryptography and Security · Computer Science 2024-11-04 Allison Naaktgeboren , Sean Noble Anderson , Andrew Tolmach , Greg Sullivan

While fuzzing is widely accepted as an efficient program testing technique, it is still unclear how to measure the comparative quality of different fuzzers. The current de facto quality metrics are edge coverage and the number of discovered…

Software Engineering · Computer Science 2024-09-24 Gwangmu Lee

Coverage-guided fuzz testing has received significant attention from the research community, with a strong focus on binary applications, greatly disregarding other targets, such as web applications. The importance of the World Wide Web in…

Cryptography and Security · Computer Science 2024-07-02 Sebastian Neef , Lorenz Kleissner , Jean-Pierre Seifert

To protect cryptographic implementations from side-channel vulnerabilities, developers must adopt constant-time programming practices. As these can be error-prone, many side-channel detection tools have been proposed. Despite this, such…

Cryptography and Security · Computer Science 2023-10-13 Antoine Geimer , Mathéo Vergnolle , Frédéric Recoules , Lesly-Ann Daniel , Sébastien Bardin , Clémentine Maurice

Quantum computing is one of the most promising technology advances of the latest years. Once only a conceptual idea to solve physics simulations, quantum computation is today a reality, with numerous machines able to execute quantum…

Emerging Technologies · Computer Science 2021-11-16 Daniel Oliveira , Edoardo Giusto , Betis Baheri , Qiang Guan , Bartolomeo Montrucchio , Paolo Rech

Nowadays, quantum program is widely used and quickly developed. However, the absence of testing methodology restricts their quality. Different input format and operator from traditional program make this issue hard to resolve. In this…

Software Engineering · Computer Science 2018-10-25 Jiyuan Wang , Ming Gao , Yu Jiang , Jianguang Lou , Yue Gao , Dongmei Zhang , Jiaguang Sun

Programmable Logic Controllers are used for smart homes, in production processes or to control critical infrastructures. Modern industrial devices in the control level are often communicating over proprietary protocols on top of TCP/IP with…

Cryptography and Security · Computer Science 2019-10-18 Matthias Niedermaier , Florian Fischer , Alexander von Bodisco

Fuzzing is one of the most effective technique to identify potential software vulnerabilities. Most of the fuzzers aim to improve the code coverage, and there is lack of directedness (e.g., fuzz the specified path in a software). In this…

Cryptography and Security · Computer Science 2020-10-26 Xiaogang Zhu , Shigang Liu , Xian Li , Sheng Wen , Jun Zhang , Camtepe Seyit , Yang Xiang

We present a new technique for proving the security of quantum key distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found.…

Quantum Physics · Physics 2009-11-11 R. Renner , N. Gisin , B. Kraus

As blockchain smart contracts become more widespread and carry more valuable digital assets, they become an increasingly attractive target for attackers. Over the past few years, smart contracts have been subject to a plethora of…

Cryptography and Security · Computer Science 2023-12-12 Peng Qian , Hanjie Wu , Zeren Du , Turan Vural , Dazhong Rong , Zheng Cao , Lun Zhang , Yanbin Wang , Jianhai Chen , Qinming He

Side channel attacks have emerged as a serious threat to the security of both networked and embedded systems -- in particular through the implementations of cryptographic operations. Side channels can be difficult to model formally, but…

Cryptography and Security · Computer Science 2009-12-16 Josef Svenningsson , David Sands

Online social networks have become an integral aspect of our daily lives and play a crucial role in shaping our relationships with others. However, bugs and glitches, even minor ones, can cause anything from frustrating problems to serious…

Software Engineering · Computer Science 2024-07-08 Francisco Zanartu , Christoph Treude , Markus Wagner

Fuzzing has become one of the most effective bug finding approach for software. In recent years, 24*7 continuous fuzzing platforms have emerged to test critical pieces of software, e.g., Linux kernel. Though capable of discovering many bugs…

Cryptography and Security · Computer Science 2021-11-12 Xiaochen Zou , Guoren Li , Weiteng Chen , Hang Zhang , Zhiyun Qian