ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation.
Proceedings of the IEEE Symposium on Security and Privacy, 2024
Towards Precise Reporting of Cryptographic Misuses.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024
Investigating TLS Version Downgrade in Enterprise Software.
Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy, 2024
TouchKey: Touch to Generate Symmetric Keys by Skin Electric Potentials Induced by Powerline Radiation.
Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., 2023
The Devil is in the Details: Hidden Problems of Client-Side Enterprise Wi-Fi Configurators.
Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2023
Back to School: On the (In)Security of Academic VPNs.
Proceedings of the 32nd USENIX Security Symposium, 2023
DSKE: Digital Signature with Key Extraction.
IACR Cryptol. ePrint Arch., 2022
Morpheus: Bringing The (PKCS) One To Meet the Oracle.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021
All your Credentials are Belong to Us: On Insecure WPA2-Enterprise Configurations.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021
On Re-engineering the X.509 PKI with Executable Specification for Better Implementation Guarantees.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021
MoNet: Impressionism As A Defense Against Adversarial Examples.
Proceedings of the Second IEEE International Conference on Trust, 2020
Random Spiking and Systematic Evaluation of Defenses Against Adversarial Examples.
Proceedings of the CODASPY '20: Tenth ACM Conference on Data and Application Security and Privacy, 2020
When TLS Meets Proxy on Mobile.
Proceedings of the Applied Cryptography and Network Security, 2020
Analyzing Semantic Correctness with Symbolic Execution: A Case Study on PKCS#1 v1.5 Signature Verification.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
Koinonia: verifiable e-voting with long-term privacy.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019
Random Spiking and Systematic Evaluation of Defenses Against Adversarial Examples.
CoRR, 2018
Adaptive Deterrence of DNS Cache Poisoning.
Proceedings of the Security and Privacy in Communication Networks, 2018
Why Johnny Can't Make Money With His Contents: Pitfalls of Designing and Implementing Content Delivery Apps.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018
SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017
Analyzing Operational Behavior of Stateful Protocol Implementations for Detecting Semantic Bugs.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017