Three lessons from threema: Analysis of a secure messenger
We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted
messaging application with more than 10 million users and 7000 corporate customers. We …
messaging application with more than 10 million users and 7000 corporate customers. We …
On-demand Container Loading in {AWS} Lambda
M Brooker, M Danilov, C Greenwood… - 2023 USENIX Annual …, 2023 - usenix.org
AWS Lambda is a serverless event-driven compute service, part of a category of cloud
compute offerings sometimes called Function-as-a-service (FaaS). When we first released …
compute offerings sometimes called Function-as-a-service (FaaS). When we first released …
MEGA: malleable encryption goes awry
M Backendal, M Haller… - 2023 IEEE Symposium on …, 2023 - ieeexplore.ieee.org
MEGA is a leading cloud storage platform with more than 250 million users and 1000
Petabytes of stored data. MEGA claims to offer user-controlled, end-to-end security. This is …
Petabytes of stored data. MEGA claims to offer user-controlled, end-to-end security. This is …
Sok: Content moderation for end-to-end encryption
S Scheffler, J Mayer - arXiv preprint arXiv:2303.03979, 2023 - arxiv.org
Popular messaging applications now enable end-to-end-encryption (E2EE) by default, and
E2EE data storage is becoming common. These important advances for security and privacy …
E2EE data storage is becoming common. These important advances for security and privacy …
Janus: Fast privacy-preserving data provenance for TLS 1.3
J Lauinger, J Ernstberger, A Finkenzeller… - Cryptology ePrint …, 2023 - eprint.iacr.org
Web users can gather data from secure endpoints and demonstrate the provenance of
sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy …
sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy …
Keeping Up with the KEMs: Stronger Security Notions for KEMs and automated analysis of KEM-based protocols
Abstract Key Encapsulation Mechanisms (KEMs) are a critical building block for hybrid
encryption and modern security protocols, notably in the post-quantum setting. Given the …
encryption and modern security protocols, notably in the post-quantum setting. Given the …
The indifferentiability of the duplex and its practical applications
The Duplex construction, introduced by Bertoni et al.(SAC 2011), is the Swiss Army knife of
permutation-based cryptography. It can be used to realise a variety of cryptographic objects …
permutation-based cryptography. It can be used to realise a variety of cryptographic objects …
End-to-End Secure Messaging with Traceability Only for Illegal Content
As end-to-end encrypted messaging services become widely adopted, law enforcement
agencies have increasingly expressed concern that such services interfere with their ability …
agencies have increasingly expressed concern that such services interfere with their ability …
Committing Security of Ascon: Cryptanalysis on Primitive and Proof on Mode
Y Naito, Y Sasaki, T Sugawara - IACR Transactions on Symmetric …, 2023 - tosc.iacr.org
Context-committing security of authenticated encryption (AE) that prevents ciphertexts from
being decrypted with distinct decryption contexts,(K, N, A) comprising a key K, a nonce N …
being decrypted with distinct decryption contexts,(K, N, A) comprising a key K, a nonce N …
Context Discovery and Commitment Attacks: How to Break CCM, EAX, SIV, and More
A line of recent work has highlighted the importance of context commitment security, which
asks that authenticated encryption with associated data (AEAD) schemes will not decrypt the …
asks that authenticated encryption with associated data (AEAD) schemes will not decrypt the …