v2018
1. Distance-Bounding Protocols: Verification without Time and Location
The distance boundary agreement is an encryption protocol that securely establishes the
upper limit of the physical distance between participants. The concept of time and location
is discarded based on the safety distance boundary protocol described by causality, which
allows us to verify the correctness of the distance boundary protocol using standard
protocol verification tools. In other words, we propose a fully automated verification
framework for distance boundary agreements. Using this framework, we identified known
vulnerabilities in many protocols and discovered two unpublished attacks from recently
released protocols.
2. Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage
The database security encryption mode allows a continuous attacker to perform range
queries. Most of the work applies common settings, the attacker's view is limited to the
record set matched by each query (called access mode leak), also consider a more special
setting, the sorting information is also leaked, this is a variety of Intrinsic to the encryption
scheme that recently supported range queries. Consider three kinds of attacks, the first
one, comprehensive refactoring, in order to restore the value of each record, completely
negate the encryption, we show a dense data set, the expected number of full refactoring
queries is NlogN+O(N), N is plaintext The number of values, which directly improves the
secondary limit of Kellaris et al. in the same environment. Second, the approximate
reconstruction attack recovers all plaintext values in a dense data set within a constant
error rate, requiring only O(N) queries for access mode leaks. Third, designing a common
setting allows an attacker to access the auxiliary distribution of the target data set.
Observing only 25 queries is enough to rebuild most of the records during the year. Taken
together, our attacks show that the current method of enabling range queries provides low
security when the threat model goes beyond snapshot attacks, including a persistent
server-side adversary.
3. Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes
404 not found
4. Speechless: Analyzing the Threat to Speech Privacy from Smartphone Motion Sensors
404 not found
5. The Rise of the Citizen Developer: Assessing the Security Impact of Online App
Generators
404 not found
6. Sonar: Detecting SS7 Redirection Attacks With Audio-Based Distance Bounding
404 not found
7. Implementing Conjunction Obfuscation under Entropic Ring LWE
404 not found
8. FP-STALKER: Tracking Browser Fingerprint Evolutions Along Time
404 not found
9. On the Economics of Offline Password Cracking
404 not found
2017
1. A Framework for Universally Composable Diffie-Hellman Key Exchange
In order to solve the security of the protocol, it is necessary to reduce the security of the
underlying cryptographic primitives again and again, resulting in a complicated protocol.
An ideal feature was proposed to provide several common cryptographic primitives, such
as DH, in a universally combinable setup. This feature helps to avoid the reduction of
restrictions in real world protocol analysis and can often be completely eliminated. Three
DH key exchange protocol frameworks are provided, ISO 9798-3, SIGMA, and OPTLS.
2. A Lustrum of Malware Network Communication: Evolution and Insights
Further discover other harmful software by collecting static and dynamic analysis of
harmful software and collecting detailed behavior reports. This paper draws three
conclusions: First, dynamic analysis tracking should be carefully designed and provide a
rigorous analysis method to check for malware. Second, many Internet villains use PUPs,
and PUPs rely on a stable IP and DNS. Third, malware has been reported for weeks or
months before it was discovered, so malware can be detected through early metric analysis.
3. An Experimental Security Analysis of an Industrial Robot Controller
So far, there has been no systematic study on the safety of industrial robot controllers. This
paper examines the standard architecture of industrial robots and analyzes a case from
the perspective of system security. Thus, an attacker model is proposed and resisted with
the minimum standards required by industrial robots: the accuracy of the sensor
environment, the correctness of control logic execution, and the safety of the operator.
Using the flaws of the software, the basic functions of the robot are subverted. Finally, the
safety standards of industrial robots will be discussed, and the safety challenges of
industrial robots will be analyzed.
4. Augur: Internet-Wide Detection of Connectivity Disruptions
In order to continuously monitor information on Internet accessibility, capture or terminate
the review of the region or ISP. Augur is proposed as a method and along with the system,
using the TCP/IP side channel to measure the accessibility between two Internet locations,
rather than directly controlling the measurement favorable position at each location. Using
these side channels and techniques to ensure security, rather than implicating individual
users, develop scalable, statistically reliable methods to infer network layer filtering and
implement control systems that continuously monitor global censorship.
5. Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes
Code anti-aliasing is a common activity in security analysis, especially for harmful software
analysis. Static and dynamic software anti-aliasing methods have many shortcomings, so
DSE is proposed. Code obfuscation refers to the conversion of the code of a computer
program into a functionally equivalent, but difficult to read and understand form of behavior
in order to ensure the security of the source code. DSE only involves the reverse problem
encountered by certain types of problems, namely the feasibility issue. If you encounter
infeasible problems, such as opaque predicates, there is no way to solve them. We
propose a backward-bounded DSE, a universal, accurate, efficient, and reliable method to
solve infeasible problems. The backward bounded DSE does not replace the DSE, but
solves the problem of infeasibility in an extensible and accurate manner. Following this line,
we propose a sparse disassembly, a combination of reverse bounded DSE and static
disassembly that expands dynamic disassembly for maximum static and dynamic
disassembly.
6. CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers
CRLite implements two parts. The server system aggregates the information that the
certificate is revoked and the legal certificate on the Web, and stores them in a highefficiency spatial filter cascading data structure. The components of the client are
periodically downloaded by the browser. Use filters to check the revocation of a certificate
that has been obtained in real time. CRLite only requires a PKI, which allows the client to
take a failing security posture in the event of a network error or an attack making the
revocation information temporarily unavailable. CRLite Compared to idealized browsers
that perform CRL/OCSP checks, CRLite can reduce time delays and eliminate privacy
issues. CRLite has low bandwidth costs.
7. Catena: Efficient Non-equivocation via Bitcoin
For centralized authentication, such as the Tor Directory Authentication Server, use
Catena (in combination with log system and blockchain technology) to prevent fork attacks
and reduce the high bandwidth required by pure blockchain technology.
8. Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
Android permission system, in which the app's SYSTEM_ALERT_WINDOW is
automatically granted, and this permission can be used to entice the user to open the
BIND_ACCESSIBILITY_SERVICE permission. These two permissions can steal the user's
login identity, and the security PIN code is silently installed. The permission of the app,
research shows that the attacker did not realize that he was attacked. This paper proposes
a protection mechanism to protect users and developers from this threat.
9. CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality
Guarantees
A distributed social media platform, registered users can publish content, and can establish
friendships between nodes and nodes to facilitate access control of posts. In the distributed
system, a framework for constructing a type of information flow security guarantee is
formed, which is suitable for input/output automata.
10. Comparing the Usability of Cryptographic APIs
This article is the first to explore how and why encryption libraries with different designs
and build usability affect code security. The purpose of this article is to understand how to
build efficient class libraries. Experiments on Github's code show that the simple design of
the API can provide security benefits, reduce decision parameters as expected, and
prevent unsafe parameters, but simplicity is not enough. Poor documentation, lack of code
hints, and lack of accessibility features such as secure key storage can even cause
developers to submit code that may be underlying functionality and create security issues.
The results show that the new cryptographic library wants to improve the security factor
and should provide a simple and convenient interface, which is not enough: you may also
need to ensure extensive support, provide secure and accessible documentation, and
simple and usable code examples.