Users of Android phones increasingly entrust personal information to third-party apps. However, recent studies reveal that many apps, even benign ones, could leak sensitive inform...
Yajin Zhou, Kunal Patel, Lei Wu, Zhi Wang, Xuxian ...
In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic “fairy-ring dance” construction that transforms any secure two-party...
We present a method to regenerate diversified code dynamically in a Java bytecode JIT compiler, and to update the diversification frequently during the execution of the program. T...
There have been several attempts recently at using homomorphic encryption to increase the efficiency of Oblivious RAM protocols. One of the most successful has been Onion ORAM, w...
We identify and address two primary challenges for computing on encrypted data in Internet of Things applications: synchronizing encrypted data across devices and selecting an app...
A privacy policy is a statement informing users how their information will be collected, used, and disclosed. Failing to provide a correct privacy policy may result in a fine. Ho...
Anonymity networks such as Tor are a critical privacy-enabling technology. Tor’s hidden services provide both client and server anonymity. They protect the location of the serve...
A general prerequisite for a code reuse attack is that the attacker needs to locate code gadgets that perform the desired operations and then direct the control flow of a vulnerab...
Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P...
When data maintained in a decentralized fashion needs to be synchronized or exchanged between different databases, related data sets usually get associated with a unique identi...
The HIVE hidden volume encryption system was proposed by Blass et al. at ACM-CCS 2014. Even though HIVE has a security proof, this paper demonstrates an attack on its implementatio...