Crylogger: Detecting crypto misuses dynamically
Cryptographic (crypto) algorithms are the essential ingredients of all secure systems: crypto
hash functions and encryption algorithms, for example, can guarantee properties such as …
hash functions and encryption algorithms, for example, can guarantee properties such as …
Passive SSH Key Compromise via Lattices
K Ryan, K He, GA Sullivan, N Heninger - Proceedings of the 2023 ACM …, 2023 - dl.acm.org
We demonstrate that a passive network attacker can opportunistically obtain private RSA
host keys from an SSH server that experiences a naturally arising fault during signature …
host keys from an SSH server that experiences a naturally arising fault during signature …
Provable security analysis of FIDO2
We carry out the first provable security analysis of the new FIDO2 protocols, the promising
FIDO Alliance's proposal for a standard for passwordless user authentication. Our analysis …
FIDO Alliance's proposal for a standard for passwordless user authentication. Our analysis …
On the tight security of TLS 1.3: Theoretically sound cryptographic parameters for real-world deployments
We consider the theoretically sound selection of cryptographic parameters, such as the size
of algebraic groups or RSA keys, for TLS 1.3 in practice. While prior works gave security …
of algebraic groups or RSA keys, for TLS 1.3 in practice. While prior works gave security …
Seems legit: Automated analysis of subtle attacks on protocols that use signatures
The standard definition of security for digital signatures-existential unforgeability-does not
ensure certain properties that protocol designers might expect. For example, in many …
ensure certain properties that protocol designers might expect. For example, in many …
Open to a fault: On the passive compromise of {TLS} keys via transient errors
GA Sullivan, J Sippe, N Heninger… - 31st USENIX Security …, 2022 - usenix.org
It is well known in the cryptographic literature that the most common digital signature
schemes used in practice can fail catastrophically in the presence of faults during …
schemes used in practice can fail catastrophically in the presence of faults during …
Digital signatures with memory-tight security in the multi-challenge setting
The standard security notion for digital signatures is “single-challenge”(SC) EUF-CMA
security, where the adversary outputs a single message-signature pair and “wins” if it is a …
security, where the adversary outputs a single message-signature pair and “wins” if it is a …
[图书][B] Computational cryptography: algorithmic aspects of cryptology
The area of computational cryptography is dedicated to the development of effective
methods in algorithmic number theory that improve implementation of cryptosystems or …
methods in algorithmic number theory that improve implementation of cryptosystems or …
An improved cryptanalysis of large RSA decryption exponent with constrained secret key
M Mumtaz, L Ping - International Journal of Information and …, 2021 - inderscienceonline.com
In this study, we revisit the RSA public key cryptosystem in some special case of Boneh and
Durfee's attack when the private key d assumes to be larger than the public key e. The attack …
Durfee's attack when the private key d assumes to be larger than the public key e. The attack …
Cybersecurity analysis of a SCADA system under current standards, client requisites, and penetration testing
F Rocha - 2019 - search.proquest.com
Abstract Supervisory Control and Data Acquisition (SCADA) systems are essential for
monitoring and controlling a country's Critical Infrastructures (CI) such as electrical power …
monitoring and controlling a country's Critical Infrastructures (CI) such as electrical power …