English
Related papers

Related papers: VeriSBOM: Secure and Verifiable SBOM Sharing Via Z…

200 papers

A Software Bill of Materials (SBoM) is a detailed inventory of all components, libraries, and modules in a software artifact, providing traceability throughout the software supply chain. With the increasing popularity of JavaScript in…

Software Engineering · Computer Science 2024-08-30 Leo Song , Steven H. H. Ding , Yuan Tian , Li Tao Li , Philippe Charland , Andrew Walenstein

Privacy regulations mandate that developers must provide authentic and comprehensive privacy notices, e.g., privacy policies or labels, to inform users of their apps' privacy practices. However, due to a lack of knowledge of privacy…

Cryptography and Security · Computer Science 2025-03-18 Zhen Tao , Shidong Pan , Zhenchang Xing , Xiaoyu Sun , Omar Haggag , John Grundy , Jingjie Li , Liming Zhu

Build verifiability refers to the property that the build of a software system can be verified by independent third parties and it is crucial for the trustworthiness of a software system. Various efforts towards build verifiability have…

Software Engineering · Computer Science 2022-02-15 Jiawen Xiong , Yong Shi , Boyuan Chen , Filipe R. Cogo , Zhen Ming , Jiang

Software supply chain attacks have become a significant threat as software development increasingly relies on contributions from multiple, often unverified sources. The code from unverified sources does not pose a threat until it is…

Cryptography and Security · Computer Science 2024-07-02 Aman Sharma , Martin Wittlinger , Benoit Baudry , Martin Monperrus

Modern digital ecosystems, spanning software, hardware, learning models, datasets, and cryptographic products, continue to grow in complexity, making it difficult for organizations to understand and manage component dependencies. Bills of…

Cryptography and Security · Computer Science 2026-01-21 Shuai Zhang , Minzhao Lyu , Hassan Habibi Gharakheili

The software supply chain is an increasingly common attack vector for malicious actors. The Node.js ecosystem has been subject to a wide array of attacks, likely due to its size and prevalence. To counter such attacks, the research…

Cryptography and Security · Computer Science 2025-09-03 Eric Cornelissen , Musard Balliu

As IoT becomes omnipresent vast amounts of data are generated, which can be used for building innovative applications. However,interoperability issues and security concerns, prevent harvesting the full potentials of these data. In this…

Cryptography and Security · Computer Science 2022-09-02 Nikos Fotiou , Iakovos Pittaras , Spiros Chadoulos , Vasilios A. Siris , George C. Polyzos , Nikolaos Ipiotis , Stratos Keranidis

According to experts, one third of all IT vulnerabilities today are due to inadequate software verification. Internal program processes are not sufficiently secured against manipulation by attackers, especially if access has been gained.…

Cryptography and Security · Computer Science 2022-11-22 Erik Heiland , Peter Hillmann

Blockchain has received tremendous attention as a secure, distributed, and anonymous framework for the Internet of Things (IoT). As a distributed system, blockchain trades off scalability for distribution, which limits the technologys…

Cryptography and Security · Computer Science 2021-05-27 Ali Dorri , Shailesh Mishra , Raja Jurdak

Decentralized inference provides a scalable and resilient paradigm for serving large language models (LLMs), enabling fragmented global resource utilization and reducing reliance on centralized providers. However, in a permissionless…

Cryptography and Security · Computer Science 2026-01-23 Ke Wang , Zishuo Zhao , Xinyuan Song , Zelin Li , Libin Xia , Chris Tong , Bill Shi , Wenjie Qu , Eric Yang , Lynn Ai

A Software Bill of Materials (SBOM) provides transparency by documenting software component metadata and dependencies. However, SBOM adoption depends on tool ecosystems. With two dominant formats: SPDX and CycloneDX - the ecosystems vary…

Software Engineering · Computer Science 2025-12-29 Abdul Ali Bangash , Tongxu Ge , Zhimin Zhao , Arshdeep Singh , Zitao Wang , Bram Adams

Verifiable Secret-Sharing (VSS) is a fundamental primitive in secure distributed computing. It is used as a building block in several distributed computing tasks, such as Byzantine agreement and secure multi-party computation. In this…

Cryptography and Security · Computer Science 2022-02-07 Anirudh Chandramouli , Ashish Choudhury , Arpita Patra

Verifiable credentials are a digital analogue of physical credentials. Their authenticity and integrity are protected by means of cryptographic techniques, and they can be presented to verifiers to reveal attributes or even predicates about…

Cryptography and Security · Computer Science 2024-01-17 Andrea Flamini , Giada Sciarretta , Mario Scuro , Amir Sharif , Alessandro Tomasi , Silvio Ranise

Proofs of Retrievability are protocols which allow a Client to store data remotely and to efficiently ensure, via audits, that the entirety of that data is still intact. Dynamic Proofs of Retrievability (DPoR) also support efficient…

Cryptography and Security · Computer Science 2023-03-14 Jean-Guillaume Dumas , Aude Maignan , Clément Pernet , Daniel S. Roche

Adopting shared data resources requires scientists to place trust in the originators of the data. When shared data is later used in the development of artificial intelligence (AI) systems or machine learning (ML) models, the trust lineage…

Machine Learning · Computer Science 2021-05-14 Iain Barclay , Alun Preece , Ian Taylor , Swapna K. Radha , Jarek Nabrzyski

The importance of preventing microarchitectural timing side channels in security-critical applications has surged in recent years. Constant-time programming has emerged as a best-practice technique for preventing the leakage of secret…

Cryptography and Security · Computer Science 2024-03-12 Lucas Deutschmann , Johannes Mueller , Mohammad Rahmani Fadiheh , Dominik Stoffel , Wolfgang Kunz

Verifiable secret sharing (VSS) is designed to allow parties to collaborate to keep secrets. We describe here a method of fabricating false secret shares that appear to other parties to be legitimate, which can prevent assembly of the…

Cryptography and Security · Computer Science 2015-07-16 Hua Lu , Jack Peterson

Ensuring the integrity of business processes without disclosing confidential business information is a major challenge in inter-organizational processes. This paper introduces a zero-knowledge proof (ZKP)-based approach for the verifiable…

Software Engineering · Computer Science 2025-09-25 Jannis Kiesel , Jonathan Heiss

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

Currently, when a security analyst discovers a vulnerability in critical software system, they must navigate a fraught dilemma: immediately disclosing the vulnerability to the public could harm the system's users; whereas disclosing the…

Cryptography and Security · Computer Science 2023-01-05 Santiago Cuéllar , Bill Harris , James Parker , Stuart Pernsteiner , Eran Tromer