Hovav Shacham

IEEE Micro, 2023

Constant-Time Wasmtime, for Real This Time: End-to-End Verified Zero-Overhead Constant-Time Programming for the Web and Beyond.

[BibT_eX]

[DOI]

Garrett Gu

CoRR, 2023

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders.

[BibT_eX]

[DOI]

Willy R. Vasquez

Proceedings of the 32nd USENIX Security Symposium, 2023

Checking Passwords on Leaky Computers: A Side Channel Analysis of Chrome's Password Leak Detect Protocol.

[BibT_eX]

[DOI]

Proceedings of the 32nd USENIX Security Symposium, 2023

DVFS Frequently Leaks Secrets: Hertzbleed Attacks Beyond SIKE, Cryptography, and CPU-Only Data.

[BibT_eX]

[DOI]

Grant Garrett-Grossman

Christopher W. Fletcher

Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

2021

Swivel: Hardening WebAssembly against Spectre.

[BibT_eX]

[DOI]

Anjo Vahldiek-Oberwagner

Proceedings of the 30th USENIX Security Symposium, 2021

2020

The Road to Less Trusted Code: Lowering the Barrier to In-Process Sandboxing.

[BibT_eX]

[DOI]

Automated policy synthesis for system call sandboxing.

[BibT_eX]

[DOI]

Proc. ACM Program. Lang., 2020

Return-Oriented Programming in RISC-V.

[BibT_eX]

[DOI]

Garrett Gu

CoRR, 2020

Retrofitting Fine Grain Isolation in the Firefox Renderer (Extended Version).

[BibT_eX]

[DOI]

CoRR, 2020

Retrofitting Fine Grain Isolation in the Firefox Renderer.

[BibT_eX]

[DOI]

Proceedings of the 29th USENIX Security Symposium, 2020

Towards a verified range analysis for JavaScript JITs.

[BibT_eX]

[DOI]

Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, 2020

2019

Gobi: WebAssembly as a Practical Path to Library Sandboxing.

[BibT_eX]

[DOI]

CoRR, 2019

2018

Where did I leave my keys?: lessons from the Juniper Dual EC incident.

[BibT_eX]

[DOI]

Ralf-Philipp Weinmann

Commun. ACM, 2018

Short Unique Signatures from RSA with a Tight Security Reduction (in the Random Oracle Model).

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 2018

2017

On the effectiveness of mitigations against floating-point timing channels.

[BibT_eX]

[DOI]

Proceedings of the 26th USENIX Security Symposium, 2017

A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations.

[BibT_eX]

[DOI]

Wilson Lian

Stefan Savage

Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

2016

On the (In)effectiveness of Mosaicing and Blurring as Tools for Document Redaction.

[BibT_eX]

[DOI]

Proc. Priv. Enhancing Technol., 2016

A Systematic Analysis of the Juniper Dual EC Incident.

[BibT_eX]

[DOI]

Ralf-Philipp Weinmann

IACR Cryptol. ePrint Arch., 2016

Trusted Browsers for Uncertain Times.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

A Systematic Analysis of the Juniper Dual EC Incident.

[BibT_eX]

[DOI]

Ralf-Philipp Weinmann

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

HIPStR: Heterogeneous-ISA Program State Relocation.

[BibT_eX]

[DOI]

Ashish Venkat

Sriskanda Shamasunder

Dean M. Tullsen

Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems, 2016

2015

On Subnormal Floating Point and Abnormal Timing.

[BibT_eX]

[DOI]

Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Too LeJIT to Quit: Extending JIT Spraying to ARM.

[BibT_eX]

[DOI]

Wilson Lian

Stefan Savage

Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

2014

Mouse Trap: Exploiting Firmware Updates in USB Peripherals.

[BibT_eX]

[DOI]

Proceedings of the 8th USENIX Workshop on Offensive Technologies, 2014

Security Analysis of a Full-Body Scanner.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

On the Practical Exploitability of Dual EC in TLS Implementations.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Rethinking Verifiably Encrypted Signatures: A Gap in Functionality and Potential Solutions.

[BibT_eX]

[DOI]

Proceedings of the Topics in Cryptology - CT-RSA 2014, 2014

2013

Compact Proofs of Retrievability.

[BibT_eX]

[DOI]

Brent Waters

J. Cryptol., 2013

Sequential Aggregate Signatures, Multisignatures, and Verifiably Encrypted Signatures Without Random Oracles.

[BibT_eX]

[DOI]

J. Cryptol., 2013

New Trapdoor Projection Maps for Composite-Order Bilinear Groups.

[BibT_eX]

[DOI]

Sarah Meiklejohn

IACR Cryptol. ePrint Arch., 2013

Measuring the Practical Impact of DNSSEC Deployment.

[BibT_eX]

[DOI]

Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Welcome to the Entropics: Boot-Time Entropy in Embedded Devices.

[BibT_eX]

[DOI]

Keaton Mowery

Michael Yung Chung Wei

Steven Swanson

Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

Iago attacks: why the system call API is a bad untrusted RPC interface.

[BibT_eX]

[DOI]

Proceedings of the Architectural Support for Programming Languages and Operating Systems, 2013

2012

Return-Oriented Programming: Systems, Languages, and Applications.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2012

The k-BDH Assumption Family: Bilinear Map Cryptography from Progressively Weaker Assumptions.

[BibT_eX]

[DOI]

Karyn Benson

Brent Waters

IACR Cryptol. ePrint Arch., 2012

Hedged Public-key Encryption: How to Protect against Bad Randomness.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2012

Are AES x86 cache timing attacks still feasible?

[BibT_eX]

[DOI]

Keaton Mowery

Sriram Keelveedhi

Proceedings of the 2012 ACM Workshop on Cloud computing security, 2012

2011

Careful with Composition: Limitations of Indifferentiability and Universal Composability.

[BibT_eX]

[DOI]

Thomas Ristenpart

Thomas Shrimpton

IACR Cryptol. ePrint Arch., 2011

The Phantom Tollbooth: Privacy-Preserving Electronic Toll Collection in the Presence of Driver Collusion.

[BibT_eX]

[DOI]

Proceedings of the 20th USENIX Security Symposium, 2011

Comprehensive Experimental Analyses of Automotive Attack Surfaces.

[BibT_eX]

[DOI]

Proceedings of the 20th USENIX Security Symposium, 2011

Careful with Composition: Limitations of the Indifferentiability Framework.

[BibT_eX]

[DOI]

Thomas Ristenpart

Thomas Shrimpton

Proceedings of the Advances in Cryptology - EUROCRYPT 2011, 2011

Eliminating fine grained timers in Xen.

[BibT_eX]

[DOI]

Bhanu Chandra Vattikonda

Sambit Das

Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

Do you know where your cloud files are?

[BibT_eX]

[DOI]

Karyn Benson

Rafael Dowsley

Proceedings of the 3rd ACM Cloud Computing Security Workshop, 2011

2010

Don't Take LaTeX Files from Strangers.

[BibT_eX]

[DOI]

Limitations on Transformations from Composite-Order to Prime-Order Groups: The Case of Round-Optimal Blind Signatures.

[BibT_eX]

[DOI]

Sarah Meiklejohn

David Mandell Freeman

IACR Cryptol. ePrint Arch., 2010

OpenScan: A Fully Transparent Optical Scan Voting System.

[BibT_eX]

[DOI]

Proceedings of the 2010 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2010

Experimental Security Analysis of a Modern Automobile.

[BibT_eX]

[DOI]

Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

Are Text-Only Data Formats Safe? Or, Use This LaTeX Class File to Pwn Your Computer.

[BibT_eX]

[DOI]

Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2010

An empirical study of privacy-violating information flows in JavaScript web applications.

[BibT_eX]

[DOI]

Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

Return-oriented programming without returns.

[BibT_eX]

[DOI]

Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009

Can DREs Provide Long-Lasting Security? The Case of Return-Oriented Programming and the AVC Advantage.

[BibT_eX]

[DOI]

Proceedings of the 2009 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections, 2009

When private keys are public: results from the 2008 Debian OpenSSL vulnerability.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009, Chicago, 2009

Randomizable Proofs and Delegatable Anonymous Credentials.

[BibT_eX]

[DOI]

Proceedings of the Advances in Cryptology, 2009

Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds.

[BibT_eX]

[DOI]

Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

2008

Reconstructing RSA Private Keys from Random Key Bits.

[BibT_eX]

[DOI]

Nadia Heninger

IACR Cryptol. ePrint Arch., 2008

Delegatable Anonymous Credentials.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2008

You Go to Elections with the Voting System You Have: Stop-Gap Mitigations for Deployed Voting Systems.

[BibT_eX]

[DOI]

Proceedings of the 2008 USENIX/ACCURATE Electronic Voting Workshop, 2008

When good instructions go bad: generalizing return-oriented programming to RISC.

[BibT_eX]

[DOI]

Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

2007

The BBG HIBE Has Limited Delegation.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2007

A Cramer-Shoup Encryption Scheme from the Linear Assumption and from Progressively Weaker Linear Variants.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2007

The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86).

[BibT_eX]

[DOI]

Proceedings of the 2007 ACM Conference on Computer and Communications Security, 2007

2006

New paradigms in signature schemes.

[BibT_eX]

[DOI]

PhD thesis, 2006

Efficient Ring Signatures without Random Oracles.

[BibT_eX]

[DOI]

Brent Waters

IACR Cryptol. ePrint Arch., 2006

Sequential Aggregate Signatures and Multisignatures without Random Oracles.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2006

Forward-Secure Signatures with Untrusted Update.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2006

2004

Client-side caching for TLS.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2004

Short Signatures from the Weil Pairing.

[BibT_eX]

[DOI]

Ben Lynn

J. Cryptol., 2004

Short Group Signatures.

[BibT_eX]

[DOI]

Xavier Boyen

IACR Cryptol. ePrint Arch., 2004

On the effectiveness of address-space randomization.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

Group signatures with verifier-local revocation.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM Conference on Computer and Communications Security, 2004

2003

Sequential Aggregate Signatures from Trapdoor Permutations.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2003

SiRiUS: Securing Remote Untrusted Storage.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2003

2002

Aggregate and Verifiably Encrypted Signatures from Bilinear Maps.

[BibT_eX]

[DOI]

IACR Cryptol. ePrint Arch., 2002

Fast-Track Session Establishment for TLS.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2002

2001

Improving SSL Handshake Performance via Batching.

[BibT_eX]

[DOI]