Victory by KO: Attacking OpenPGP using key overwriting
L Bruseghini, D Huigens, KG Paterson - Proceedings of the 2022 ACM …, 2022 - dl.acm.org
We present a set of attacks on the OpenPGP specification and implementations of it which
result in full recovery of users' private keys. The attacks exploit the lack of cryptographic …
result in full recovery of users' private keys. The attacks exploit the lack of cryptographic …
{Content-Type}: multipart/oracle-Tapping into Format Oracles in Email {End-to-End} Encryption
F Ising, D Poddebniak, T Kappert… - 32nd USENIX Security …, 2023 - usenix.org
S/MIME and OpenPGP use cryptographic constructions repeatedly shown to be vulnerable
to format oracle attacks in protocols like TLS, SSH, or IKE. However, format oracle attacks in …
to format oracle attacks in protocols like TLS, SSH, or IKE. However, format oracle attacks in …
Decrypting Without Keys: The Case of the GlobalPlatform SCP02 Protocol
G Avoine, L Ferreira - Journal of Cryptology, 2025 - Springer
We describe in this paper how to perform a padding oracle attack against the GlobalPlatform
SCP02 protocol. SCP02 is implemented in smart cards and used by transport companies, in …
SCP02 protocol. SCP02 is implemented in smart cards and used by transport companies, in …
Automating the development of chosen ciphertext attacks
In this work we investigate the problem of automating the development of adaptive chosen
ciphertext attacks on systems that contain vulnerable format oracles. Unlike previous …
ciphertext attacks on systems that contain vulnerable format oracles. Unlike previous …
Cryptographic Analysis of Delta Chat
We analyse the cryptographic protocols underlying Delta Chat, a decentralised messaging
application which uses e-mail infrastructure for message delivery. It provides end-to-end …
application which uses e-mail infrastructure for message delivery. It provides end-to-end …
Legacy Encryption Downgrade Attacks against LibrePGP and CMS
F Strenzke, J Roth - Cryptology ePrint Archive, 2024 - eprint.iacr.org
This work describes vulnerabilities in the specification of the AEAD packets as introduced in
the novel LibrePGP specification that is implemented by the widely used GnuPG application …
the novel LibrePGP specification that is implemented by the widely used GnuPG application …
DATA CONFIDENTIALITY FOR ALL: NEW METHODS IN ATTACK AND DEFENSE
MA Zinkus - 2024 - jscholarship.library.jhu.edu
For the past half-century since the advent of modern cryptography, perhaps most distinctly
demarcated by Diffie and Hellman in 1976, dramatic advances in cryptographic theory and …
demarcated by Diffie and Hellman in 1976, dramatic advances in cryptographic theory and …
[PDF][PDF] Polynomial-Time Plaintext-Recovery Attack on the Matrix-Based Knapsack Cipher
A Vambol - International Journal of Computing, 2020 - pdfs.semanticscholar.org
The aim of the present paper is to propose a polynomial-time plaintext-recovery attack on
the matrix-based knapsack cipher. The aforesaid algorithm uses only public information and …
the matrix-based knapsack cipher. The aforesaid algorithm uses only public information and …
[PDF][PDF] Securing Cloud Storage with OpenPGP: An Analysis of Proton Drive
L Micheloud - 2024 - ethz.ch
In the last decades, the use of cloud storage has grown significantly. Simultaneously,
awareness around privacy issues related to outsourced data increases among uses …
awareness around privacy issues related to outsourced data increases among uses …
Using SMT Solvers to Automate Chosen Ciphertext Attacks
In this work we investigate the problem of automating the development of adaptive chosen
ciphertext attacks on systems that contain vulnerable format oracles. Unlike previous …
ciphertext attacks on systems that contain vulnerable format oracles. Unlike previous …