v2018 1. Distance-Bounding Protocols: Verification without Time and Location The distance boundary agreement is an encryption protocol that securely establishes the upper limit of the physical distance between participants. The concept of time and location is discarded based on the safety distance boundary protocol described by causality, which allows us to verify the correctness of the distance boundary protocol using standard protocol verification tools. In other words, we propose a fully automated verification framework for distance boundary agreements. Using this framework, we identified known vulnerabilities in many protocols and discovered two unpublished attacks from recently released protocols. 2. Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage The database security encryption mode allows a continuous attacker to perform range queries. Most of the work applies common settings, the attacker's view is limited to the record set matched by each query (called access mode leak), also consider a more special setting, the sorting information is also leaked, this is a variety of Intrinsic to the encryption scheme that recently supported range queries. Consider three kinds of attacks, the first one, comprehensive refactoring, in order to restore the value of each record, completely negate the encryption, we show a dense data set, the expected number of full refactoring queries is NlogN+O(N), N is plaintext The number of values, which directly improves the secondary limit of Kellaris et al. in the same environment. Second, the approximate reconstruction attack recovers all plaintext values in a dense data set within a constant error rate, requiring only O(N) queries for access mode leaks. Third, designing a common setting allows an attacker to access the auxiliary distribution of the target data set. Observing only 25 queries is enough to rebuild most of the records during the year. Taken together, our attacks show that the current method of enabling range queries provides low security when the threat model goes beyond snapshot attacks, including a persistent server-side adversary. 3. Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes 404 not found 4. Speechless: Analyzing the Threat to Speech Privacy from Smartphone Motion Sensors 404 not found 5. The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators 404 not found 6. Sonar: Detecting SS7 Redirection Attacks With Audio-Based Distance Bounding 404 not found 7. Implementing Conjunction Obfuscation under Entropic Ring LWE 404 not found 8. FP-STALKER: Tracking Browser Fingerprint Evolutions Along Time 404 not found 9. On the Economics of Offline Password Cracking 404 not found 2017 1. A Framework for Universally Composable Diffie-Hellman Key Exchange In order to solve the security of the protocol, it is necessary to reduce the security of the underlying cryptographic primitives again and again, resulting in a complicated protocol. An ideal feature was proposed to provide several common cryptographic primitives, such as DH, in a universally combinable setup. This feature helps to avoid the reduction of restrictions in real world protocol analysis and can often be completely eliminated. Three DH key exchange protocol frameworks are provided, ISO 9798-3, SIGMA, and OPTLS. 2. A Lustrum of Malware Network Communication: Evolution and Insights Further discover other harmful software by collecting static and dynamic analysis of harmful software and collecting detailed behavior reports. This paper draws three conclusions: First, dynamic analysis tracking should be carefully designed and provide a rigorous analysis method to check for malware. Second, many Internet villains use PUPs, and PUPs rely on a stable IP and DNS. Third, malware has been reported for weeks or months before it was discovered, so malware can be detected through early metric analysis. 3. An Experimental Security Analysis of an Industrial Robot Controller So far, there has been no systematic study on the safety of industrial robot controllers. This paper examines the standard architecture of industrial robots and analyzes a case from the perspective of system security. Thus, an attacker model is proposed and resisted with the minimum standards required by industrial robots: the accuracy of the sensor environment, the correctness of control logic execution, and the safety of the operator. Using the flaws of the software, the basic functions of the robot are subverted. Finally, the safety standards of industrial robots will be discussed, and the safety challenges of industrial robots will be analyzed. 4. Augur: Internet-Wide Detection of Connectivity Disruptions In order to continuously monitor information on Internet accessibility, capture or terminate the review of the region or ISP. Augur is proposed as a method and along with the system, using the TCP/IP side channel to measure the accessibility between two Internet locations, rather than directly controlling the measurement favorable position at each location. Using these side channels and techniques to ensure security, rather than implicating individual users, develop scalable, statistically reliable methods to infer network layer filtering and implement control systems that continuously monitor global censorship. 5. Backward-Bounded DSE: Targeting Infeasibility Questions on Obfuscated Codes Code anti-aliasing is a common activity in security analysis, especially for harmful software analysis. Static and dynamic software anti-aliasing methods have many shortcomings, so DSE is proposed. Code obfuscation refers to the conversion of the code of a computer program into a functionally equivalent, but difficult to read and understand form of behavior in order to ensure the security of the source code. DSE only involves the reverse problem encountered by certain types of problems, namely the feasibility issue. If you encounter infeasible problems, such as opaque predicates, there is no way to solve them. We propose a backward-bounded DSE, a universal, accurate, efficient, and reliable method to solve infeasible problems. The backward bounded DSE does not replace the DSE, but solves the problem of infeasibility in an extensible and accurate manner. Following this line, we propose a sparse disassembly, a combination of reverse bounded DSE and static disassembly that expands dynamic disassembly for maximum static and dynamic disassembly. 6. CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers CRLite implements two parts. The server system aggregates the information that the certificate is revoked and the legal certificate on the Web, and stores them in a highefficiency spatial filter cascading data structure. The components of the client are periodically downloaded by the browser. Use filters to check the revocation of a certificate that has been obtained in real time. CRLite only requires a PKI, which allows the client to take a failing security posture in the event of a network error or an attack making the revocation information temporarily unavailable. CRLite Compared to idealized browsers that perform CRL/OCSP checks, CRLite can reduce time delays and eliminate privacy issues. CRLite has low bandwidth costs. 7. Catena: Efficient Non-equivocation via Bitcoin For centralized authentication, such as the Tor Directory Authentication Server, use Catena (in combination with log system and blockchain technology) to prevent fork attacks and reduce the high bandwidth required by pure blockchain technology. 8. Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop Android permission system, in which the app's SYSTEM_ALERT_WINDOW is automatically granted, and this permission can be used to entice the user to open the BIND_ACCESSIBILITY_SERVICE permission. These two permissions can steal the user's login identity, and the security PIN code is silently installed. The permission of the app, research shows that the attacker did not realize that he was attacked. This paper proposes a protection mechanism to protect users and developers from this threat. 9. CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees A distributed social media platform, registered users can publish content, and can establish friendships between nodes and nodes to facilitate access control of posts. In the distributed system, a framework for constructing a type of information flow security guarantee is formed, which is suitable for input/output automata. 10. Comparing the Usability of Cryptographic APIs This article is the first to explore how and why encryption libraries with different designs and build usability affect code security. The purpose of this article is to understand how to build efficient class libraries. Experiments on Github's code show that the simple design of the API can provide security benefits, reduce decision parameters as expected, and prevent unsafe parameters, but simplicity is not enough. Poor documentation, lack of code hints, and lack of accessibility features such as secure key storage can even cause developers to submit code that may be underlying functionality and create security issues. The results show that the new cryptographic library wants to improve the security factor and should provide a simple and convenient interface, which is not enough: you may also need to ensure extensive support, provide secure and accessible documentation, and simple and usable code examples.